{"report_id":"0fbfdea6-58ac-4879-8bfb-ee25b014b227","version":0,"status":"done","tags":[],"date":"2026-07-12T18:54:54Z","url":{"schema":"https","addr":"gavewex.com/","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"104.21.46.144","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"gavewex.com/","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"title":"Gavewex — Online Games \u0026 Rewards","dom":{"size":212928,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (65468), with no line terminators","md5":"255c318fd0b34e1d01f07bae9ece0ea6","sha1":"4ab2f4d868b22650f35f8a808fa97c1a90e7138a","sha256":"6ed694dfefcc81ec8a039f022a4d1e25bcd9a30bc04508aaa9ef12b970189066","sha512":"3be18a5b4b099a778e2fe179c12d2930da43e42c62b7d80dec9e9af42698190dc685be1384a50ffdfa06ead223e4e46c72a6d30e89f5947a5fc41c5e4bdccb53","ssdeep":"1536:f+jpx8JW6kVgadnQF44MYYWjFvlJmRTgCA6666l6666s66665ak5wTTqF/e:fwr8JC2HqF2","tlshash":"3224b731e308591d7037c584ea61bf5e72b9c206d31a552ce3fe6475e38b8faa5236c8","dom_hash":"domhash9b20e428ea97b46b9d37ebe1ad871b2c","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"gavewex.com/","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"104.21.46.144","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-16T18:54:54Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"104.17.208.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-07-05T22:48:05.057169Z","alert_count":0,"request_count":4,"received_data":15912,"sent_data":2272,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"gavewex.com","ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-07-05","domain_rank":0,"first_seen":"2026-07-10T10:22:27.528217Z","last_seen":"2026-07-10T10:22:27.528217Z","alert_count":122,"request_count":122,"received_data":14437382,"sent_data":78658,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]},{"name":"Webpack","description":"Webpack is an open-source JavaScript module bundler.","website":"https://webpack.js.org/","common_platform_enumeration":"","icon":"Webpack.svg","categories":["Miscellaneous"]},{"name":"Next.js","description":"Next.js is a React framework for developing single page Javascript applications.","website":"https://nextjs.org","common_platform_enumeration":"cpe:2.3:a:zeit:next.js:*:*:*:*:*:*:*:*","icon":"Next.js.svg","categories":["JavaScript frameworks","Web frameworks"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-07-05T22:22:24.069932Z","alert_count":0,"request_count":1,"received_data":33694,"sent_data":743,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-07-05T22:19:28.847206Z","alert_count":0,"request_count":7,"received_data":277771,"sent_data":3988,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"gavewex.com/_next/static/chunks/webpack-88bb21cc9b698da8.js","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a6e899e41a949fba95deb581bb003e29","sha1":"89ba1afcdead5a1d29e3f536b345fae2dba1b13f","sha256":"6e412f48b783c41ca2068b946c56cd6312c80b2d3abffb6dbfd140e72c87ba60","sha512":"37f42a21cc92480d8f99693a786fa2152a4eb6e87e9543a80d7e50e46bc07d6baf311b4dcee59547fc6bb6e1af56aee9c0ff37c864449797ef34c6bfe4d4b052","ssdeep":"","tlshash":"0a6195a93625f9b556f108868c7ed142f21a6037051af8a0e717dcf9b464ae20562ff3","size":3448,"data":"","first_seen":"2026-07-10T09:45:03.472302Z","last_seen":"2026-07-12T22:01:35.287927Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"c3e3e350f78cf22bd7b335d70b41a58a","sha1":"cce22220b6a8dff76692755cc45439b4ec474a4d","sha256":"ee6bb81f4e9fc030a39a7c71affc4d1f2b900baa4b4c7af83361388d7c39599b","sha512":"15b6cbf8bd67e82a4952004138ebc95c44e4d373317826f1560eeec13416cc1d6a38d834609ef4b713e7a9c92d1b1bbf84de08e2e4061ed3d1e3891982c25b0a","ssdeep":"","tlshash":"3f90025ff2302063a756122b166f15456421626565550869123830eb4955148474265c","size":57,"data":"","first_seen":"2025-06-30T14:23:19.448274Z","last_seen":"2026-07-13T11:17:24.849497Z","times_seen":57655,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"b3594c64cf924625c05a7010cafc018a","sha1":"0dfbc548122dea0a68476b400895ffa1eb22f645","sha256":"93268a0726ec1efaa676ae5171f84267e72b7c3d215b6190794cb4069d5f58d8","sha512":"8f1d3fdc6a2935557a199535e172a92c825bbd1b2ddf25cc9be3968fcd444cd0a4e023bd3eeb90c2c222588defbcb5f1ad05dfbd1f542eeb760769db532fd282","ssdeep":"","tlshash":"420156a9f32819da66d92fbfa06b570c7460203e380600319507edfa1700de021cbd8e","size":845,"data":"","first_seen":"2025-08-20T20:29:16.213676Z","last_seen":"2026-07-13T10:45:18.958871Z","times_seen":6570,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1a6e1178e4bbf5730bd664a49dd3bc24","sha1":"17c3ae3273f9de6afbbdedf2e413dbb3a6722792","sha256":"3814cddd18b2095e01abb745a99e5ada90178e709c09879324c3b623f2d829ea","sha512":"cfb1aab0bf589e33fd12906f448ddbbf7163420a088de513b174304c9ba3a7abcd9b41c98bc4dd51edd0206c1fe4660db9857e3c6163d1bf50c670cefddee509","ssdeep":"","tlshash":"de9002b090c39c5890264186687100160b6c040c01080141132184d810115048e40d8e","size":43,"data":"","first_seen":"2023-03-13T01:07:12Z","last_seen":"2026-07-13T11:17:56.777786Z","times_seen":186267,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4298e3bb283284174c517caafc804001","sha1":"41c638305509f5f2e3abadbdd4492ce79222eaee","sha256":"2dbdae79ed4c2bd1f5c11d999bb8bcc387150fc2e7ab673cb0d69e1d932c3024","sha512":"6e508f1126991f563e8c94ad6ff5d2bb7e690d4886a36d550fd801ed423f03997061cc0d56251d9aa3a066005e6824cdd2779f80855cdc6e2759d06e41f3b8de","ssdeep":"","tlshash":"8b41481fb408f5426da3de4b04b62e3b8a9de977413dc5acc48ed83a0121a3f9388d11","size":2252,"data":"","first_seen":"2026-07-12T17:49:20.821728Z","last_seen":"2026-07-12T21:19:32.008728Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"e1d1a3e87b524038ea9f8d4bc11fa411","sha1":"3099971547042a5cc87f9e25b123d993c8421c08","sha256":"dd8764264d7017fdcccf3e9a381ad04383d1c38e47ae604f167004b28964b287","sha512":"617e71b2e94999b79aecd57bea4525e8cc9005f6807454f3e879815d8a1f803ccc3318973469690fb0fe4d9a5232a19b653bcc3174ec7c89abf7bbf5aba1abf0","ssdeep":"","tlshash":"2141d10f6404e4066ee3ec9b48b32e3b8a4dda73827cc5bdc95ed87a012163f0399d16","size":2246,"data":"","first_seen":"2026-07-12T17:49:20.822757Z","last_seen":"2026-07-12T21:19:32.00974Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d91c8a2fa4efdb74b884f4d6f04c3f00","sha1":"644c3855261a57256c6f61e719cbf6b13f9951f9","sha256":"7a89c32af7f910ef53e5160efe14b510a67cc816de95f7f47b9e43f486599c54","sha512":"3b569525f35a3f2c143ea05171b418da63aa87d90ba4fa9d18eb39f9c2bdca545d61e4a985b1988820f318789a58f925bc125460d84ce1a4889e354a493637db","ssdeep":"","tlshash":"15e0861f5040fc06aaa2dc9b09372e26ca8ce97741bc846dd6aed8a9020173a139dd16","size":355,"data":"","first_seen":"2026-07-12T17:49:20.823673Z","last_seen":"2026-07-12T21:19:32.010362Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"203056cdcc4224e25edae862d03a6300","sha1":"c908d269a0153770508bfc630c36c5b381c164a0","sha256":"90d7e8caff211e1ef1ac3262279bc85809f977c39367ba77b4749b81a9f9884b","sha512":"903ea68146b70b9fe4248a57492423b1f45c45430b949fc5652ccc8ea75a42bf2fb48b6db01e3a2f6a313a720f810fe3652872d99d08734cff73ab46750a710a","ssdeep":"","tlshash":"b271d5367203cf5fd89e7956147e0dba694c8b7e9ea0c694c1f1de30458ac78afc5880","size":3514,"data":"","first_seen":"2026-07-12T17:49:20.82456Z","last_seen":"2026-07-12T21:19:32.011224Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"e796396e0170414cedc055e68d04975c","sha1":"9b5c86da1a74a28c19e5825c6c07f2f55aef1332","sha256":"8d87f005b9c6cb6f3bd38673153369618fd9a26c47376f9267fb9993b8099d36","sha512":"fe505073cde7b70911c63c89b49f13ddccde9b2d43440ff55a11e7bd2133f26c5f87085768c691f857a7190b820620274ee9f62b8f30261b7e999bdb54ec5585","ssdeep":"","tlshash":"a231f03c3008d94ffd997d1912be6d3a50dd456f03e59a788bc8de014a824be7b92e81","size":1686,"data":"","first_seen":"2026-07-10T09:50:21.092118Z","last_seen":"2026-07-12T21:19:32.012023Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"67bf156e0ff4c00d8a05df5ea955c0ac","sha1":"7bda64eb7cdc6f32b38fc304bf262aa3abb7bce2","sha256":"a812cbf854f9e861ac253455523268131ea44b9cc6ab037e5059657cd3fc57b7","sha512":"4bfe6d826b3d94a28e2fbf9e23ea9a11b5fdbbed2d1dd004cd508e42b038d3457718aba8401787d058009cce1827a3595960f0a33e1dfc8c34a0143e39ad5b74","ssdeep":"","tlshash":"ee418874a409fa8afd9eb958503efc3a20ce859f4ad19f7942d6cc64460247e3783dc0","size":2400,"data":"","first_seen":"2026-07-10T09:50:21.093381Z","last_seen":"2026-07-12T19:37:37.728828Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"645b52a9795cf944c8c4b5658bd3b6a7","sha1":"0ed2181c44b78d2e9277f2f5a1f2f3d3f5bdb59b","sha256":"4f3a042ce8abfb0e6fab5f8ffb542b36fd9c6cfb0e30e9d52b0f2f0e8f909891","sha512":"5edb565e2080a6b054539641ead997e548a9075eace29e854bbd6ac8d06878810125a394892ff470691c1de925389de292ff586164138f7bf9e7c8986ed98c20","ssdeep":"","tlshash":"38d02ba09c92cc0dc7660f3a183f5c3921ccc66102496246fc89db784a8ae340aa0ec6","size":279,"data":"","first_seen":"2026-07-10T09:50:21.094557Z","last_seen":"2026-07-12T21:19:32.013375Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1280c0c0111f8915850a7e694cdb5061","sha1":"9d0463cbcb9075168a6df26e294b2128d0dac82e","sha256":"b533f3d4ee3d1ad3b5ad9eda81fb36d16a1c7a99ecabd720efb9f8e5fad287db","sha512":"39af3408291e17f45470606b85e994986f1d4468a1e0d8a2a3808dc34a442a5cfed5f6c11cb7fc6be7d77014e20ef3d3582dcfc9b72d6b69d1be47f6cd957751","ssdeep":"","tlshash":"d39002a0d58d0d668032055264241c094798c40d00445d8012e550cd5062995a555d4d","size":55,"data":"","first_seen":"2025-10-02T06:34:56.794292Z","last_seen":"2026-07-12T21:19:32.014049Z","times_seen":73,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"7c8f7f3299529735bf813271c95c31e0","sha1":"fab57097a883cbca1203027b744d013e2bdc0355","sha256":"afce5349fba54c52b7dd4bbde87f3ca9f9382acd9cddee2ed779fdda50449919","sha512":"bd07a503bc31aab165ceac0f3f8b25cce30fbc25e74885598ea9b0fbe58a61280f3aa11ac7f53d44d820c479299830f1842b948c3ff896fbaf3b2cf77498eec7","ssdeep":"","tlshash":"b651dea39d15de05cbcbee04297f3cb424cccad25289916fe19cd924418b9742df5f62","size":3122,"data":"","first_seen":"2026-07-12T18:55:07.468535Z","last_seen":"2026-07-12T18:55:07.468535Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"20281e45103fdcedd0a42ece4b5d8566","sha1":"365152b9a541be927ed138e1b4a9eaeb8b0fe0de","sha256":"f158da4b9371d073bc1d9cca38044807cb946788682b45acc28a6cadbba77aba","sha512":"92f35e9bde5ccb7ebd0ed0d1d85bf89f719bc588aa9458453c0df76843d28470015e2616fbee4ee915659dd6fec41a9c4b52fb78ac3b5c09501b5a8b8d86b4c1","ssdeep":"","tlshash":"cb900470f1400c574431001314fc711115dcd14c04010d001f515f473c131557f0dd47","size":45,"data":"","first_seen":"2025-07-25T19:48:55.250327Z","last_seen":"2026-07-13T06:13:29.822158Z","times_seen":5708,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d4f58df8ef556437633bb90cc31469c4","sha1":"c1c713bb5046a54cb79a8e7537b6d7fca624fd45","sha256":"2dcb2e50c883929aebb7a64a7a22cfe2260d856a3c36a6926c082da19c552b7b","sha512":"54c8a79f5897cd198db689700c24f950ad7fe19eed815f8bfa0e47428701d8c84a1fd8f677a6f1b2a4f1443f35f2dbd19e6f456ceeebfb1c59275bb356e1a5e9","ssdeep":"","tlshash":"bfc02b041427c47b421c6f4dc02243d4e4b020bcdc492480801d181800d0c313b40cd6","size":130,"data":"","first_seen":"2025-03-25T18:26:20.414558Z","last_seen":"2026-07-13T11:19:09.144954Z","times_seen":50861,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"5a87f811171a797b89b8d185d7a93052","sha1":"e9b49c2be7f7cd86eab532f326af34e997a7d949","sha256":"a2de2e58c50b3a040444955e5bed514b82e241acde87d5586be2336f0097e375","sha512":"3da88dfa70488afca88098c84a064e1b31bb7ce6cff36f4007be560397025f19fad3e934c5416a975c8e820b58006735439fb8ec3caded395d2499a4fc1765e5","ssdeep":"","tlshash":"1c60000000c3003c0fc300003cc0cc30cc30f000300c0000000f03c00000000030333c","size":16,"data":"","first_seen":"2023-03-08T20:20:25Z","last_seen":"2026-07-13T09:57:37.200091Z","times_seen":12458,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"f1d8410f129a659e882f6e80ef48b45d","sha1":"1d6480ba482cd0fcc0885d521778381d29e1b6d2","sha256":"8f1a66bb3132bd59867f5baedeb2e755bfbe69ce10d24878f5514897051fe90d","sha512":"2e54e53cbfdabdccce0dba0339a04be14d2c920eda6c5755914f646e83662898332fbacffdab854fe73d5d31dd4e4d469a06c89a4d8f48bad460bf2fd47403ce","ssdeep":"","tlshash":"cf6000300cc3000c000000c030000cc00c03f000300003300003030c0003cc0033300c","size":16,"data":"","first_seen":"2023-05-01T16:55:24Z","last_seen":"2026-07-13T10:45:18.959992Z","times_seen":9997,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/_next/static/chunks/app/(main)/page-1242cbe80559576f.js","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2ee880e294b488be8baf2ca00c36378c","sha1":"8097afdbc5ddf81116d40b3ee666e00de6c6f3e0","sha256":"ef032dd04b290288f2ae2edc7770a8d5b9326fcef21f5bc58b25227269543da0","sha512":"3eb17709c4aec980db281cba79a3b2a34ab80a6faa5937533e6b892184a66f54ccabf143dbee2d30eb530a94f2627e766a7452702e844f442e436f1d413dcf8c","ssdeep":"1536:7cJf0hkZ9geTeIY6rGa5cd1Q8g993275WBWVQ4u:7y3ej6Ka58g993UZQ","tlshash":"8863193a975a7918f837ca8c769f410cb16e4528a34e0db4a7bbac3113854f4b667fd0","size":70076,"data":"","first_seen":"2026-07-10T09:45:03.50869Z","last_seen":"2026-07-12T22:01:35.305089Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b2cde633364ca71e63e183fcd285ce7a","sha1":"9a862e68484ea8b8bb94f672043d0752dbded9c3","sha256":"77456310fac2a586847d628eb005a0b7fa04b0e9569341b7bb5702bbdb94920f","sha512":"80caa655040b31db018b4aa93f5ccee47b87cad631f25e0b6f316c5a36fdfdcf3fb8da6ad95b895a620a2ccb565090f596acf0070a561a4804e502da79b3ff3a","ssdeep":"","tlshash":"6ef00e5a2c97a4a737fa367ec31b562b235203037882d808ba0ec4242fa8a951c4298d","size":614,"data":"","first_seen":"2026-07-11T14:42:53.022414Z","last_seen":"2026-07-12T22:01:35.324806Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/_next/static/chunks/9792-bbed82e0e875a1e0.js","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b082208296b9b3705076807c6a765752","sha1":"df9d0a8602debe4cc087445f2f2928428a8dd8f8","sha256":"e5cc5cd6fd587fd300815648759a627ef8c4dc295d75f12440f6d27de6b02924","sha512":"44a1bafc5746c002fc285d55b8f9240e4dc493c65c631114334e52b732499504fee8c0449fbebf9d50205593347c073ebedd5e48fb1e606a37f7cb474066b846","ssdeep":"192:O3Yaic4We1aowaYz4n6rUGUCKbLgcJ/t/ml/6/hYmPE:O3LuWsYn/8rc/8E","tlshash":"76121b92baa2f8b291bb6552683703863130277b790b4441a3bb4cac2354f59b4d3f5d","size":9337,"data":"","first_seen":"2026-07-10T09:45:03.521341Z","last_seen":"2026-07-12T22:01:35.311525Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/_next/static/chunks/app/layout-3f0574c4e5d40333.js","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c0d11d52032af6ad193ca67a8408c35c","sha1":"8932c0ff9004f3317bb6d2e2c06693f5f855a761","sha256":"6165148d41738b1c671dce4457ec8f9742d6b4489d0de7f6c916b30a77d5f34e","sha512":"7a88391810320df94fc5f40b777293396b0f6fef64aac6c6ba2ac848997bf81dd11dc7cedbe7fbf16e450fe788117fe66f79dae4b072b67724e99c13c2590fdb","ssdeep":"768:+s5XQwaevuPsAc9kxPsAzea6AZZGSYY2pxJuFFdYnQ:+s5XQwaevuPxnpMpxJuFFynQ","tlshash":"80d21ba6920a293cb5b245e8663f910cb17f6b25d72e4414b7bf2c313b498cd92727cd","size":31080,"data":"","first_seen":"2026-07-10T09:45:03.495816Z","last_seen":"2026-07-12T22:01:35.275778Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/_next/static/chunks/4bd1b696-100b9d70ed4e49c1.js","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2a9c2166a0ae63c27a466c7fb5903d80","sha1":"51f1c90c3f1e1d32d0c81e836ded7ed5ba0601d6","sha256":"5421e13a91a9389517b66179f3b4b5eaa0d95245438066d4d7b19ac30aeb809b","sha512":"8dc6274f2637076f1b5c4cd3f61b14259ec5552d844245c8b93a64f19c8b6b7347554a03b994b0f880b7dae74ad65e54eaa00be81783c2cedbae82a7fd4b89dd","ssdeep":"1536:DWET9Lwegcl2MywYleojBFOQLfioEV7hNc7lFlgXGhJx4bzZc5zg5tgW/zAe6c0:Z9LwzMyh1vLEE7RgXOQ5SIA1","tlshash":"ecf3f8ec3999e611aeb342a700df28037378261b240d4d60a614fd9ea57845bb17bfde","size":173025,"data":"","first_seen":"2025-08-21T15:49:50.637902Z","last_seen":"2026-07-13T10:45:18.945199Z","times_seen":13110,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/_next/static/chunks/main-app-f3336e172256d2ab.js","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"39016df7484bb925b0b0fe1905ddbceb","sha1":"088ce59eb609b8c19e00e2d93e10d33b75578d7a","sha256":"91801d552d3e97ad6aabb535c2d8eeff31bab152fb2448b8556373894e7d7215","sha512":"41618a49d22f65beb83086c769a8c67e5ba76cbd01b838ee2ef88857171a333a9ee680d08d182a3ef65393eef1b4d2984c122e3d4d0913e82c0f0e9ee004e46b","ssdeep":"","tlshash":"8bf0d69a4f0cf52f5d26ad65fe97ace2245f4175202b4e606901ee613c23bacd270404","size":572,"data":"","first_seen":"2025-09-01T15:30:28.522834Z","last_seen":"2026-07-13T05:05:21.75875Z","times_seen":633,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/_next/static/chunks/1255-c32318a942e40e3e.js","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d0655ecf061ed2032b2ed77f5fac4960","sha1":"bd73869341e65531e389db448125d6aa1b94dc73","sha256":"da0b6bb480869080c97b8a651145be0afa28d583e9f61fdbf836fbaf22be5ce3","sha512":"848f838f84fef605ebcdfe400206de7557e437dbc80169c2fd494308da5747a6fa93547706a1a590b39d20aaf9587ea08e5bb71a162734255329beb93bad6485","ssdeep":"1536:bzigN+8/BhcO5HYHqLVcXo7yIzPr6Q04ToTlTx1p7eChTtaocZXxreXRNIrky/Sz:379LmA+sy4r904Aj44RN0z/Sz","tlshash":"f0f3dab636d0f8d107a780e5843b400af3291c3b146f74a0a3e6dcd975645dea1b3faa","size":173011,"data":"","first_seen":"2026-03-28T22:09:22.209351Z","last_seen":"2026-07-12T22:01:35.300715Z","times_seen":26,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","size":1239,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-07-13T11:17:59.153235Z","times_seen":394642,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/_next/static/chunks/6820-e593c9faa2a09980.js","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5c1e6130f49137ec5692ac319914a3f5","sha1":"e2db6215232326cd4d627e0f60c9a2c0ebc01c74","sha256":"131356516768ecf2507d0f76b9a7e9908b01e31dfc8df88329705d2e2afc3222","sha512":"d69ad7e662752ba1072c4de3574746de1675d7c123fc8c86dc45531e3ba9df2435998247276573ffc511590437f9cf1f4a3eab9c59d8e0ef9dfb3fc717e73b12","ssdeep":"192:WL9p3LRi2cihbDVksxQTu5c4tMSojxugZNYOHCh0wMcGW0T2vJVkwkFFtzQj:WL99Rx2Tu5cAMJVjiqwMcGW0T2vrkXbu","tlshash":"5422c8d9b5d1f8a583ab4090443f100bf2795d75281e5184e3f95ceab9a045ca2f2fa9","size":10748,"data":"","first_seen":"2026-07-10T09:45:03.49158Z","last_seen":"2026-07-12T22:01:35.290779Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/_next/static/chunks/5708-926a5cbb3579d1f7.js","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b58d901009e5dd078ec84a30e48e151d","sha1":"f871fd5e9a02a283c8e31a9be700e4ae15715e17","sha256":"0faa839769526c3620c7c8f7bc9b4b78004ef9980c103cd365079fbbedff3ab4","sha512":"b31d347b922a69e047655ced69bf8b14f63967d19b9b2df4b68726f51b5462170295305ad351d502bc84613fa23d89898c53400e8ce7adfa908d20f7c8ccf899","ssdeep":"384:u4daU8llCsp4PSOIX+lhs1UW5KRJ2YE7d2BzS+k0JQu2U67PMvia+MT/BuM+Mn4U:u4davGFu+j22","tlshash":"f1c27019aa4ba4bb87f116ef697d0b8401af075ff548ce17e529cf183347a252c91e2c","size":26916,"data":"","first_seen":"2026-07-10T09:45:03.479914Z","last_seen":"2026-07-12T22:01:35.306961Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/_next/static/chunks/app/error-33d1788fed5ffb4f.js","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5127c8a0bf18bf19c981c4c0f5fd3b5d","sha1":"f812e3d7611042d8be29a2491fa3cbbaf991d54a","sha256":"937b53427e51b436510f6512d504cecc2f6b5478328d3f8e1ce04c45758345b6","sha512":"46314691bf04c743c678ec3b850bf7fc634132b3102eff1279ab430bee9398efe937e8b5021231f5193dbaa3e459cdc12bfcd4e31160df42ac8d8f7fdebdba59","ssdeep":"","tlshash":"cd41621766056e18f437c94877ff900c71eb4428712ade7867a89d3a11d64e53a2b7d0","size":2364,"data":"","first_seen":"2026-07-10T09:45:03.569736Z","last_seen":"2026-07-12T22:01:35.294604Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/_next/static/chunks/8602-8018835a2b8c6467.js","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f366648bcf45d5debf0c1b40cf7d2f5f","sha1":"0b1a9b153106e4fea89f7cac44766d059c2e5941","sha256":"673a7d8aaeb6a9b355d1054015014fd544c8be225843d7bc37d39210d4caf7cd","sha512":"87bc2980f9da79d98616c2345107d092948b85ff882e652aee6ea02a2b3e01f9f8a2f49bd4835069e0487ce71bb42d9591bcd223fe11cb936a9d27a489040e70","ssdeep":"384:iTrTbTaTUnT74TeTVTwT9TQTkTz2uLSD8Tl4rmN2tTRT5ToToT3TuTcTrTP8TQTz:EP/MUTa4NOlu6zVmD8J4rhVxJ22jICPz","tlshash":"936286be77dd348d5a02e2e8d92ba0039bae0138264c4434b14ee4fd5958947987bf3f","size":14841,"data":"","first_seen":"2026-07-10T09:45:03.507605Z","last_seen":"2026-07-12T22:01:35.288512Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/_next/static/chunks/6477-9e02b2a147e40874.js","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9572bd36ad48a0afeec6633517fa7710","sha1":"d6483ba4eef36b13eb61477ac213fb9e4209bbdc","sha256":"597b7a3a3a772044b01484b288189b297f5295509a6b9834b5a3e20ffa3c3ac8","sha512":"870b80a2619e547b7aba1eb21b54d03136d56ee0e07a197510acc346f159ca8fbc1224e2934260f169a4836806d99e7ae9bae320bf5f2202ee18679492454f60","ssdeep":"12288:8YvBFTs8FN+95dzoX8i3UEPLBTXyXTUCI3184x1BZcWt/6BHsYfowoy+INtbkflt:8YvnXFZ848GYfowoAeOXwF","tlshash":"ad955c0c4b6c34ba06dd77c236cd1f36aaec4db5a6d1d2128cbe566d21ecc38923d658","size":2057604,"data":"","first_seen":"2026-07-12T17:38:11.939923Z","last_seen":"2026-07-12T22:01:35.325726Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/_next/static/chunks/app/(main)/layout-4d27638b938b6895.js","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"bff7621c687cd5d0f66ebf66ca833cfd","sha1":"cd1f50b353365d253742afdf6ae67fdf39795351","sha256":"d28666a9634510936f8d64bbba35597f853a668c80009cdb3607125168eefc37","sha512":"b25b6d5745ac6e3165fcbcf29518a315ad942447a0a7dd97c02324c08a791d30f9eb178fed39ee9f4b5694defbccc9c1b7ec56764182c26bcb50a4158aed6dfb","ssdeep":"768:f4f66H0enWAvs3/94888itgZ6E9hHnIiTuJWxdlBLdvHT6tyaz3DXE7ir3zeZ6z:fcrnWAkva888itgXhNrT5eDE76zeQz","tlshash":"f2430935aa073d18f63f81c9778f550eb15fa924fa4f4538ba7e2c3212584e4b226bd4","size":57728,"data":"","first_seen":"2026-07-11T14:42:52.99703Z","last_seen":"2026-07-12T22:01:35.313706Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/_next/static/chunks/4038-49fdd8ae32fa9982.js","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"fcc0345f008acbe8f529de677f7ea0b8","sha1":"4709ac8c02289d17f1a27caf9f719c3199e33199","sha256":"94702b098b138dcadab4016ec2aaa5431ce4daf3592629f2b1bd4bfea2c18363","sha512":"40efb9d579d53f9a2b66c219b459d80829c15026ef38f76021613ef87027131a8a09f3ad0c4cbc7d7421f37e3632c419088eeafc6f2907fd8b471081a65c4f18","ssdeep":"1536:kjI+qNzajw1Muc9T05eMK89JgRPWSEtmfPjvss85QxnpYQoQCsdZ:k0plajw1Cez9JgRPItmf7v85mnWRmdZ","tlshash":"178319256609315cf17bc58872cfd91db26e362ce61ac578bf3e7829179a0f4b126f80","size":82267,"data":"","first_seen":"2026-07-12T17:38:11.838423Z","last_seen":"2026-07-12T22:01:35.286472Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/_next/static/chunks/8347-2cdd515f34b89f12.js","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"49950202b034f7c0521d2f2129c83c84","sha1":"b39a0b9a93e867cf8675f483507f08d29d1375f9","sha256":"b35f82e8ce5a7a8b3b1083a9731c3d7351973f866106ebffd0c69b90405e5db6","sha512":"e40aac677169b6d180e3fe9b824cb491c49e9c1298c17f6a222b00343907f3ae29daa5d7b2a5c9af388e54bfcd0f92611283a303bb310752b5721c51c943be04","ssdeep":"192:njk3KSwJQV71am/oOJZBOcIkQmAYxDvLZNIw:jk3z1D/9JZQkQmAYdvLZNV","tlshash":"8f02daf5b762383149ebc2d6b5722942f318078e6628d81051f50d2e7358e0eea52fd8","size":8438,"data":"","first_seen":"2026-03-03T22:08:14.650035Z","last_seen":"2026-07-12T22:01:35.278324Z","times_seen":27,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/_next/static/chunks/app/(main)/error-e76e5ecab04323eb.js","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ea37a6907bbf49850fbc241b021b98ac","sha1":"0c4b73cae7505f9098532e047b378bfae64317ac","sha256":"38ad85b1457519a9dc72e54394f3996d7560f3d34e3398ec2ec72a9ed62253aa","sha512":"dc3684031a1dfd4df683fa10824f12e47c829ae2d20a92efd4820e6ad9e55732c6a9784530685c9356a7af34747a1a16f700f036f08e09d75bee9b15f06256cb","ssdeep":"192:lTzTFtTCTnsHTTYTetT9TYTFTYTcTLATnPtpSTiuTQTp6TPTSDTETzT3sToThTF9:lTzTjTCTsHTTYTmT9TYTFTYTcTLATPrw","tlshash":"681224fe5f9e25ce5512c3ccaa4ba040d7de0338365e4821a58ea8b9c241956fd77f24","size":9171,"data":"","first_seen":"2026-07-10T09:45:03.528266Z","last_seen":"2026-07-12T22:01:35.281579Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"gavewex.com/games/trytostart/vs20fruitswx.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.218Z","timestamp":1783882458218,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /games/trytostart/vs20fruitswx.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\netag: W/\"31428-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MKMeYWfm0JwqXRzWzQpuLAnNDhDDNAHfX3vUXKevNxkV95L3pGoIecaHSnhCG1Wy8eka455yYAoRDdHSXOdonHaErGSnIYGHJIJqSXSTGwRKC8VDt2HWDenggMDvYw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a24173d9bfb51e-OSL\r\ncontent-length: 201768\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":201768,"size_decoded":202690,"mime_type":"image/webp","magic":"PNG image data, 360 x 472, 8-bit/color RGB, non-interlaced","md5":"ac08f5558650d48d9b0bd9ae72b1166f","sha1":"bedda2b400d8004617b2ff776dc48ff33144e2bd","sha256":"b0e126b697e15eae77aa8bdf34acccad7a301f473dc51b04ae6c4dd44c37d215","sha512":"ec81c53934e25981e45dabb5592f15846e43c839b6096d82a68f1f4a85b93a4b201153a2c7a534beafeeb3db948f311a86af6c85a4a46106fe1acafa1fea99a1","ssdeep":"3072:sTgm6MDseJcjCdRlu1CcmdRDKaD8qcPZQdr76p1+CGOjPZcBxWb+a4Z7zLj1xHxH:v+gAcjE2EtD87qf6GOSWb+aqzLhxHic","tlshash":"c41423d726dd2b3b9b6b4a7a07f7522f88fd054f9060cde0e3690500a65bee99f44702","first_seen":"2026-07-10T09:45:03.514755Z","last_seen":"2026-07-12T22:01:35.265894Z","times_seen":16,"resource_available":false,"data":null}},"time_used":195,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":123,"receive":72,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/slots/bigger-bass-bonanza.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.971Z","timestamp":1783882454971,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/slots/bigger-bass-bonanza.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:15 GMT\r\netag: W/\"16198-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JhEE7Ty1NEBeVxc3PTRDSZPG%2FcNeEfYBg58ZpPSTTLNhROOcEIvTnUYBa%2F8CpVwvQ7P%2FJBlgdty7RgqJS0mdMNbLHNGsuK9hpJzvAsZ6OvGqoFaM1XinmBnt%2FwZFrg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2415f98a0b51e-OSL\r\ncontent-length: 90520\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":90520,"size_decoded":91523,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"e3f8e5841788bd266ee6bf17ec0475b4","sha1":"872069dd6f8ac718b46b581fdc46da24c2bdd3e8","sha256":"590941ede3a0091deb7626acf11bc039331d71385db4a14d486538f364e354d2","sha512":"c3c42e96c0801384e41fb01e016283ac61de9f779e3bd192a0829ac9734d86a561b7fbbb1c863481f9e00714509709c49f2d6185bb2cc3878aa953fdc6abdc33","ssdeep":"1536:BUDMnU+IWPe6sZLAn+87aIkQ/jusg5P+0SPqYJyqK9xcE8A7dlo:BUDKRHJC8+8r/j5gkrqYMaEP7dO","tlshash":"959312c9a739c27b656addc05e1ef2c466d7f346004776ba2a2463527f9072603f8632","first_seen":"2026-07-10T09:45:03.462318Z","last_seen":"2026-07-12T22:01:35.245968Z","times_seen":17,"resource_available":false,"data":null}},"time_used":189,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":139,"receive":50,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/avatars/avatar-01.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.105Z","timestamp":1783882458105,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/avatars/avatar-01.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\netag: W/\"7aa2-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QKJIf2vdATj4f%2ByDdiOrcdOVrQVRnLBQuscvebx2qwBEgJEGZr%2BLVPz%2Fv3eyGc5ru%2FnazSCeHZEN9ZKw%2BeMfj%2F7xpUwiTKXwNyJKgzMgxkOZjuRhhncyvikG3YFdTQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2417329abb51e-OSL\r\ncontent-length: 31394\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":31394,"size_decoded":32400,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"5509ff2b421b108162329e8480cbf42a","sha1":"3072d660a2b73a831d89a61be8422498eb70923a","sha256":"395e861b9886862ff3c0e250045d90084dee194225fa87649ff810a93029cf72","sha512":"9f23044ac22cde5a69e0c215d9bf1b2cc7cc81d9653b82b6caecf195dc9de2bdce6dc2fbe57f8d243fb042baf5bb7ea9ed2f18c81486635b520ff91123a4a576","ssdeep":"768:qLVZRKuBtND4jceGyr8Ee4m90bm9JIqXkeRDMB:qJK84HGysp9FX+B","tlshash":"d6e2f194db0488e1a2646f155fd0aa42131ecdba610a2f7f13fa4fc133eee6489f2591","first_seen":"2026-07-10T09:50:20.394431Z","last_seen":"2026-07-12T22:01:35.25383Z","times_seen":13,"resource_available":false,"data":null}},"time_used":145,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":121,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/games/trytostart/vs20starlight.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.228Z","timestamp":1783882458228,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /games/trytostart/vs20starlight.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\netag: W/\"36ebf-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TX7CV5agJCw%2F%2F9ktomWPJb6RHzs3K8Zc14lWVVrL3fjkPPcO3tHCR%2Fydr4hK%2FRPxzyJbhHvWH3VaYrnClO%2BIO%2Fhu7f2Cne%2B43OvuypvhCmqCuwEfp5R373WQZwaQYQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a24173e9c7b51e-OSL\r\ncontent-length: 224959\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":224959,"size_decoded":225895,"mime_type":"image/webp","magic":"PNG image data, 360 x 472, 8-bit/color RGB, non-interlaced","md5":"4bf449fbfc039659ef34b9962ff3701b","sha1":"2da641dd7ea3cf3a23ce2c83561ae2ae2b0a9551","sha256":"b24676e15e785bad29cbb46cb5004ac2b2269a9477e9d32f78fdba386c3db3ac","sha512":"a60e70ceed2475517455e4d82f906db59c3f621bb408e7837a2bd475b621146856c799db265b184cb81a3d2d188b0c76f7ba59d7aeb518e602a02db3ff8057e8","ssdeep":"3072:zD4dZDNtiyjIyL1Q+kQtPQLQlNGqdZZL51YFbYqPCAYOss4R22g4ZXSNa/GnH:YfiAIuCQPmQlNdtYFwsL2lNr/GH","tlshash":"5f242349923e6d5f0a121787b8109e9dbabb33a74fa9043d70441be558340e1fbf1e6b","first_seen":"2026-07-10T09:45:03.532903Z","last_seen":"2026-07-12T22:01:35.310082Z","times_seen":16,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":49,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/news/vip-program.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.277Z","timestamp":1783882458277,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/news/vip-program.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\netag: W/\"fd78-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HDGdoBKP1BVG8NlnS%2FBE2GSpO%2FLzVzbJex3UVYFIaMpG%2FnhnTTs6wZ3N0SKjDYb3NFJr9unJ4ks7HCIyM%2F8dCTO4K6PoEEJypJct%2F55%2B%2BXBLlYVGwEoiCre%2FnxOC3w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2417439d1b51e-OSL\r\ncontent-length: 64888\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":64888,"size_decoded":65898,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1376x768, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"88ab20969a88612e5b824dc2ffed874f","sha1":"317985035c8e49154359d6f5a4b94e2a0014d5b6","sha256":"cbd580d7fbb3883f97bbbdaab03e539d2157d988f17588e34fff5cad2673f88f","sha512":"ee565e3ab3f1e3ed850cc0775f581d609f90eb72759c92f07158f38f6ffc7b6d9c61bf59008aa573061aae49c50605edbc5c968d0c0873fe6e81b3f8a0259022","ssdeep":"1536:ot4847WWBWi2e6kdL3TL9pAZiYcwrqVK2t7QHL4l4DYvR88:ot4lCWsi2yLP9pA5rqV3tkslZRF","tlshash":"7b53f143b743358d304fecb1809b3ba88aa9ce769c45dfd8c54ba8851e7538076cee49","first_seen":"2026-07-10T09:45:03.439321Z","last_seen":"2026-07-12T22:01:35.293218Z","times_seen":16,"resource_available":false,"data":null}},"time_used":170,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":48,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/api/media/393c7c15-55f1-4872-9e8a-8c4031c9fa10.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.295Z","timestamp":1783882458295,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /api/media/393c7c15-55f1-4872-9e8a-8c4031c9fa10.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: no-store, no-cache, must-revalidate, private\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\npragma: no-cache\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0cDKuNywRebAt9Tc3qDktZfBA2pzzxwUS0FwRSlTsoN6JjPcPsBmRoaC4nEw6pwRSZHITDZFEckDKP0dnDDnd%2BaNP0WaFC3eqSFk8AfQsIP8c8fqkYw5ByPA%2BViIgg%3D%3D\"}]}\r\ncf-ray: a1a2417459d8b51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":147468,"size_decoded":148477,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"3907fc5dd8d6104080c97e7198a11879","sha1":"103438e410b11e541f5f565b8bffadf10fb53257","sha256":"418df053ff23662b34c7498396d726bc84be81982ee89cc1090161b23ec35175","sha512":"5a2bd52f9e64befa1bfc4292d5683f7a55ce12e7f27a371039be3dddb1598ef76de05ab64774813ecc2f850ff86de8b30ebcc8c43759484b548a1795889eca84","ssdeep":"3072:3dJOJt+Va89AFduFVRqBVjdpCJXOeKr61821ImD6IuxV:3dkPu9AbRPCJjK217v6I4","tlshash":"50e312a450a464d4c36163530e10d60ce8d86fb0962b0ae0f8e5bd8f786fe59777fe40","first_seen":"2026-07-10T09:45:03.571625Z","last_seen":"2026-07-12T22:01:35.273089Z","times_seen":16,"resource_available":false,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":75,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/_next/static/css/65910d15602bebdb.css","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.931Z","timestamp":1783882454931,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /_next/static/css/65910d15602bebdb.css HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 18:54:15 GMT\r\netag: W/\"31f38-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xCWCtBmGTFy94gDJrLD7x7zORKTFZFocdSj3Ne%2FXgXP%2BlSSX87ZCwck0NS9trny3EsFkqFEzNvB6HhJU9NWxusvHOA9wYTKhp2eq8hIlZjbqtP4A%2Bg8vhuci8msPIg%3D%3D\"}]}\r\ncf-ray: a1a2415f587fb51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":204600,"size_decoded":31944,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"700cebd09c3c299cefcf95a2db9df5d9","sha1":"92327324c0a826656c708bd6caaf6b543d5b5c43","sha256":"c1cc07b695cea585a5986a797bf683e40175aaba9b113bbe46de4870bc810c9b","sha512":"20422a13fec2bd443071009d9c2a78814638e785725eb8c1db261cd43f92240325c9f68073d2713b9dbc276766d95f790e02dcb07127ebb6911913145a175590","ssdeep":"6144:QIjgxKfrm8khsWOshvZc/Xt3oVvAaz1NGGF+XtfKhRcOJHV6tyCsU9baLoofhhDq:FaBqZ","tlshash":"e8149670f6a0607bbd13b1fde7dce44cb50aa096ad229becba61651113d37f62d53a00","first_seen":"2026-07-10T09:45:03.520448Z","last_seen":"2026-07-12T22:01:35.245297Z","times_seen":17,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":136,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/_next/static/chunks/6820-e593c9faa2a09980.js","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.940Z","timestamp":1783882454940,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /_next/static/chunks/6820-e593c9faa2a09980.js HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 18:54:15 GMT\r\netag: W/\"29fc-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qvXfCm14%2B9psMTsrhmqLCgaHB6vV0%2Bd1uuSAbI8tvDIEgfDv1p8Lsj9xSMvV1qSQjKhs8kLtUEq2d4HafpPUaFZGqHosTQkaL8%2FDQKJXb03UfZuhlWJB8G6Jr735XQ%3D%3D\"}]}\r\ncf-ray: a1a2415f6887b51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10748,"size_decoded":5237,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (10748), with no line terminators","md5":"5c1e6130f49137ec5692ac319914a3f5","sha1":"e2db6215232326cd4d627e0f60c9a2c0ebc01c74","sha256":"131356516768ecf2507d0f76b9a7e9908b01e31dfc8df88329705d2e2afc3222","sha512":"d69ad7e662752ba1072c4de3574746de1675d7c123fc8c86dc45531e3ba9df2435998247276573ffc511590437f9cf1f4a3eab9c59d8e0ef9dfb3fc717e73b12","ssdeep":"192:WL9p3LRi2cihbDVksxQTu5c4tMSojxugZNYOHCh0wMcGW0T2vJVkwkFFtzQj:WL99Rx2Tu5cAMJVjiqwMcGW0T2vrkXbu","tlshash":"5422c8d9b5d1f8a583ab4090443f100bf2795d75281e5184e3f95ceab9a045ca2f2fa9","first_seen":"2026-07-10T09:45:03.49158Z","last_seen":"2026-07-12T22:01:35.290779Z","times_seen":17,"resource_available":true,"data":null}},"time_used":137,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":136,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/profile?_rsc=1otn0","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.384Z","timestamp":1783882458384,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /profile?_rsc=1otn0 HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2a3UwAP762q62zeWYb14EAjLt0qDF1C9hhrnHr4oqcZSlfYPLB99k%2FgnTzSiOs4Q94uFgD4yBjIeAgSGrsZL5do0O405zuYJT2YD4HiPzT1vYq8P%2B%2FwOSZGTRfZ4Nw%3D%3D\"}]}\r\ncf-ray: a1a24174e9e1b51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":154,"size_decoded":1196,"mime_type":"text/x-component","magic":"ASCII text","md5":"748bbf05207b6156f15cf17ba8133983","sha1":"dbaa18fb1807fb2871e0004bf3699c3c53efd1c8","sha256":"1ebe0a4a9f13aa50207ac26a36d9f51792ad04baad6b566811ee69fb6fea014d","sha512":"604509af3847411571ec0f98bb105c288bcfe41078aa0a0a65d95db63681e874fdde02f17f76f4488f4b553218e7f38f81e0173867e2223595b448d5e972a9c4","ssdeep":"","tlshash":"7dc08c23828c3ef6acbb3c8834aec60f660e810b30ca10f090928a10a7b702124035e9","first_seen":"2026-07-12T17:38:11.90966Z","last_seen":"2026-07-12T22:01:35.252625Z","times_seen":8,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":49,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Rajdhani:wght@400;500;600;700\u0026family=DM+Sans:wght@300;400;500;600\u0026family=JetBrains+Mono:wght@400;500;600\u0026family=Fraunces:opsz,wght@9..144,300;9..144,400;9..144,600;9..144,800;9..144,900\u0026family=Inter:wght@400;500;600\u0026family=Caveat:wght@400;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:15.122Z","timestamp":1783882455122,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Jun 2026 08:37:24 GMT","end":"Mon, 14 Sep 2026 08:37:23 GMT"},"fingerprint":{"sha1":"85:D0:EC:C2:01:33:25:23:96:FB:2B:54:90:54:84:07:0A:49:1F:03","sha256":"9D:7C:1C:9C:6A:25:1E:17:E0:DC:FD:42:95:CA:47:3D:C1:9C:20:FB:22:47:02:E3:27:EC:7C:62:03:30:83:BA"}}},"request":{"raw":"GET /css2?family=Rajdhani:wght@400;500;600;700\u0026family=DM+Sans:wght@300;400;500;600\u0026family=JetBrains+Mono:wght@400;500;600\u0026family=Fraunces:opsz,wght@9..144,300;9..144,400;9..144,600;9..144,800;9..144,900\u0026family=Inter:wght@400;500;600\u0026family=Caveat:wght@400;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 12 Jul 2026 18:54:15 GMT\r\ndate: Sun, 12 Jul 2026 18:54:15 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":33010,"size_decoded":2222,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"32e4dddb9ddfa22e604b89feb79021fa","sha1":"85662379533538a20c85b10fbcb103096a5c0f96","sha256":"f2b588ddc7fda434d3958e3290a0ce63b7a78155d9aede23ca79cb2fb55fa7f7","sha512":"6b3f36bceb7273ac0bd5b7574692fc5a64d9331e937271eaf31b1bc253a029e9d4fbe24db0f7f24e332a5d6639f6ea56c7cb1b9f6ab78c74350ae29547668589","ssdeep":"192:pRZyKjgRgPKmZwi+EwD+rw8+Owl+M0M0MEJMwpMpMEUMwXMXMEeMw1M1MEoMwWME:TgDkisM+N7xTXuM0pxOGC6Ca","tlshash":"5ee22191042ba400eb831cc233cf7e36ae8e61556085d5b99ffe1c98aceac7a537475d","first_seen":"2026-07-10T09:45:03.555282Z","last_seen":"2026-07-12T22:01:35.298168Z","times_seen":17,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":3,"connect":16,"send":0,"wait":40,"receive":0,"ssl":36},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:15.308Z","timestamp":1783882455308,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Jun 2026 08:37:23 GMT","end":"Mon, 14 Sep 2026 08:37:22 GMT"},"fingerprint":{"sha1":"CD:5B:53:23:61:72:75:37:AD:E9:F1:74:B2:D2:EE:09:81:05:55:E1","sha256":"9F:07:21:2D:14:EB:C5:C0:D4:2B:42:E4:55:80:7A:BB:AF:47:A8:BC:0C:5E:05:F3:2A:2B:1F:2A:78:4D:FF:D7"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://gavewex.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Jul 2026 01:48:42 GMT\r\nexpires: Fri, 09 Jul 2027 01:48:42 GMT\r\ncache-control: public, max-age=31536000\r\nage: 320733\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":48532,"size_decoded":49345,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-07-13T11:17:56.345809Z","times_seen":233417,"resource_available":false,"data":null}},"time_used":115,"timings":{"blocked":29,"dns":0,"connect":0,"send":0,"wait":27,"receive":59,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/games/trytostart/vs20sugarrush.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.220Z","timestamp":1783882458220,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /games/trytostart/vs20sugarrush.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\netag: W/\"36fe8-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2pU7mH3cdWtLwJ5z56MuqCDurpKhwFi46ddUM6KZAuEGOs%2FmiPtioDTWih1b7sjOnOt8X8xDdyLf8Pf%2FHwZIQpmJ0zbxjWjUEw5raADnqV7TtGJnEK0hHH%2BQv9zqvA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a24173e9c1b51e-OSL\r\ncontent-length: 225256\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":225256,"size_decoded":226184,"mime_type":"image/webp","magic":"PNG image data, 360 x 472, 8-bit/color RGB, non-interlaced","md5":"f1e286615a1298fed8c67ffbb7a062fd","sha1":"6d101d982cc98fab857c1e865edaa0deadad422a","sha256":"89798d3dedbedf88f7c77bc34e8f649bbc9af94baa31ff893654d9450756e49d","sha512":"bc650fbd189a96f0ec8eaf892e0b2d36e4e9b3d34a2302b2eea30ebd8c5de179a62434607c84951870718c67d54bb6dec43594bf444c23b183627ca687db34aa","ssdeep":"6144:ClVeX67QHxSVJXJ9bCLm7Db2klkC2pLimOj4jIjrsT/kB:bK0RSrbCC7DbepLO0FT+","tlshash":"fd24234d2f7a4eade580b43a0f3e6eebae30d5c69036126656f501bc055b6f0911dc2f","first_seen":"2026-02-12T20:36:03.510033Z","last_seen":"2026-07-12T22:01:35.251667Z","times_seen":30,"resource_available":false,"data":null}},"time_used":219,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":123,"receive":96,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/play/vs20fruitswx?provider=pragmatic\u0026_rsc=1otn0","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.471Z","timestamp":1783882458471,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /play/vs20fruitswx?provider=pragmatic\u0026_rsc=1otn0 HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oRlwN8lRohqn7uZWtQpJ659Cjpib110LB7O3VXsJa8LxeGpccR0Z7g03WEgMBP%2FP0FQ4z3Qsc%2Fv%2F4Nz6JUOpjkxb4plTnkoh%2FQTsiE%2FFvir02FrEhrP16w53EBaj4g%3D%3D\"}]}\r\ncf-ray: a1a2417579e6b51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":220,"size_decoded":1238,"mime_type":"text/x-component","magic":"ASCII text","md5":"2675fc4afee7fb6b05ffa88a3581019c","sha1":"904320710be35897d3ec0da7d94360aa1e5ff375","sha256":"aa988bca74c9242da6e9bcbeca46be91b4e19202379f310419d31fcd588bf554","sha512":"2dd94f8248bb2264fd118c18fc53b3c0120398692a34f0f3e3904c1f2a48d2f3fb3deff0f559f260027aa9c2743d8fa88f9063a0bfc721f74dd5e35f240f649f","ssdeep":"","tlshash":"06d0a72643063af5ad7a2888057dc69f751e515b61c946f190574a3593630311903ae5","first_seen":"2026-07-12T17:38:11.855689Z","last_seen":"2026-07-12T22:01:35.314519Z","times_seen":8,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":45,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/games/trytostart/1924.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.232Z","timestamp":1783882458232,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /games/trytostart/1924.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\netag: W/\"33a9e-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0RIFrIWmaHuHyWJG30l7SOCalTcJZ0GPd04%2BSAJxQvc6xzA5RITbzIhORq05nHFV1WELbnWUtsbh%2BMb52Z%2BcFpq3kk7Rgx%2Fr8r%2FaK%2F8a0pBLTt%2B09FS7qWfHGrVQlQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a24173f9cbb51e-OSL\r\ncontent-length: 211614\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":211614,"size_decoded":212550,"mime_type":"image/webp","magic":"PNG image data, 360 x 472, 8-bit/color RGB, non-interlaced","md5":"af1db56f60120f307d2ba81818e8002d","sha1":"d70c970aabbb178488165af57e62c7fb26fe18bf","sha256":"3876d54e638854fb3eebd66d3687beb7553bc05ed25b050a9b4da9c021e66ad4","sha512":"25b6cd6a2d39d04b6e30e57f5186f9d9eb60d3817963540e1b3363f963a218bce3d0f7956b07cb8e9d4f7af163c23bacbdbc96a180c11721246bd56f4f7eaf94","ssdeep":"6144:pnwxvYgBDXYvD7qjbEwCAc2jkinaLeCfHEIdb9j7lsYa+2:pwxvYhLUnyl9h9j7ls3","tlshash":"6e24120259e88b5ff1bb1c658fca4c4a2383e2f129fed086154db37b25d0c996b5cb16","first_seen":"2026-01-31T13:42:56.720032Z","last_seen":"2026-07-12T22:01:35.264393Z","times_seen":17,"resource_available":false,"data":null}},"time_used":134,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":99,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/withdraw?_rsc=1otn0","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.393Z","timestamp":1783882458393,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /withdraw?_rsc=1otn0 HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=43oTTJTycISf6R2IxnTTDSXmbKMpM2sR%2BmNXAhyh%2B1f3NTS6rU8PaQexMaK42JAUixZ7BXLJv3GwyHroZNOM5l3%2FkF7GN%2FfoT3YP%2FCXmm2tBXhI997hu1FGPtwLp%2FA%3D%3D\"}]}\r\ncf-ray: a1a24174f9e3b51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":156,"size_decoded":1203,"mime_type":"text/x-component","magic":"ASCII text","md5":"dcb549be020f0e7a3b103927874114bf","sha1":"b21576a9bfc89614dd34ec0d3389a3458f90c15e","sha256":"752f22910f45fdce9245374bd634c27fd5403d8ef4779bc0e2637ea94e7ff9ab","sha512":"86dd330c10a28f8805d3be9a8c3a7f01c16b290e26f56a5f35114ce9bb3375dd1d7a208fc7a5dd379990b3fefe77954e7f964c9bec4a64c40ad173467bf03499","ssdeep":"","tlshash":"41c0806141093df55df934c405bdc60f351d420b20d4d0f69057c5117b3701008075d4","first_seen":"2026-07-12T17:38:11.843779Z","last_seen":"2026-07-12T22:01:35.26804Z","times_seen":8,"resource_available":false,"data":null}},"time_used":81,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":33,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/_next/static/chunks/webpack-88bb21cc9b698da8.js","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.933Z","timestamp":1783882454933,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /_next/static/chunks/webpack-88bb21cc9b698da8.js HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 18:54:15 GMT\r\netag: W/\"d78-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=T8WuSVviq%2BUCgk02VoVsPca5Bs0HfT0fEvap32X595jIlyoVV1wXBkj4fad8Iq7CoxnhcnmYYETDz%2BGwvMhWFp6FhDU32pyApHcNSxgdJxn61XNB2ROv1wTmVPHd3g%3D%3D\"}]}\r\ncf-ray: a1a2415f5880b51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3448,"size_decoded":2728,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (3448), with no line terminators","md5":"a6e899e41a949fba95deb581bb003e29","sha1":"89ba1afcdead5a1d29e3f536b345fae2dba1b13f","sha256":"6e412f48b783c41ca2068b946c56cd6312c80b2d3abffb6dbfd140e72c87ba60","sha512":"37f42a21cc92480d8f99693a786fa2152a4eb6e87e9543a80d7e50e46bc07d6baf311b4dcee59547fc6bb6e1af56aee9c0ff37c864449797ef34c6bfe4d4b052","ssdeep":"","tlshash":"0a6195a93625f9b556f108868c7ed142f21a6037051af8a0e717dcf9b464ae20562ff3","first_seen":"2026-07-10T09:45:03.472302Z","last_seen":"2026-07-12T22:01:35.287927Z","times_seen":17,"resource_available":true,"data":null}},"time_used":139,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":139,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/_next/static/chunks/app/(main)/layout-4d27638b938b6895.js","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.947Z","timestamp":1783882454947,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /_next/static/chunks/app/(main)/layout-4d27638b938b6895.js HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 18:54:17 GMT\r\netag: W/\"e184-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=o7bAq49eGn1JhmpjcOyYfGmYa67Ne4mUahMYZP22Z5%2FuW2Icn5438pcPq%2F8k%2FPlBuPQQBduiVbmSu7OayRUVVPW1znPjUTU%2Bepm5xpH1F9nUirNjayKYKIJJwYoTdA%3D%3D\"}]}\r\ncf-ray: a1a2415f688fb51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":57732,"size_decoded":17931,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (55907), with no line terminators","md5":"bff7621c687cd5d0f66ebf66ca833cfd","sha1":"cd1f50b353365d253742afdf6ae67fdf39795351","sha256":"d28666a9634510936f8d64bbba35597f853a668c80009cdb3607125168eefc37","sha512":"b25b6d5745ac6e3165fcbcf29518a315ad942447a0a7dd97c02324c08a791d30f9eb178fed39ee9f4b5694defbccc9c1b7ec56764182c26bcb50a4158aed6dfb","ssdeep":"768:f4f66H0enWAvs3/94888itgZ6E9hHnIiTuJWxdlBLdvHT6tyaz3DXE7ir3zeZ6z:fcrnWAkva888itgXhNrT5eDE76zeQz","tlshash":"f2430935aa073d18f63f81c9778f550eb15fa924fa4f4538ba7e2c3212584e4b226bd4","first_seen":"2026-07-11T14:42:52.99703Z","last_seen":"2026-07-12T22:01:35.313706Z","times_seen":10,"resource_available":true,"data":null}},"time_used":2949,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2483,"receive":466,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/api/games?category=slots","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.016Z","timestamp":1783882458016,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /api/games?category=slots HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: no-store, no-cache, must-revalidate, private\r\ncontent-encoding: gzip\r\ncontent-type: application/json\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\npragma: no-cache\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=62kCrv%2ByC7DpFD8al7inxUefPdhiE0irZHDSXqCN8XWWCvKdisbMK%2B8mZ9Y5hdwf3mwOYGSoaMnM8Avfq1NmVLyq%2BsktQIUgpT%2Fiwjt8ZXNKwEuSNXwoEPK4fAfIhg%3D%3D\"}]}\r\ncf-ray: a1a2417299a4b51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":63477,"size_decoded":8400,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (63297), with no line terminators","md5":"c331d5f1893b478d08375b0bc50d68ff","sha1":"aa4291784773588400e363945c81680f3e1ae4ff","sha256":"bc505cd7737b683a57a012a20e85c46d010189a631ccb63361275aa4fb937f75","sha512":"edec89bda7b3603a530390dcf158707897973ee6e2d4f1c39b48884ed1de2b20a2b4c25bb22ea7af76a2ac30ef4956618e640b21bbb68d10165fdb5b38103dd9","ssdeep":"768:jjQHfWdheJwziaJM7HQ4W1XqOyJZu4Ylf7mlzG/b5UQS324z0ozqAr8yXApxEHV5:7ex3oxateO69c","tlshash":"b953633d7a6cfca4c78a88c655933ec9d52cb55752000c25ba4bcf3cc8e48fa6e1995b","first_seen":"2026-07-10T09:45:03.570635Z","last_seen":"2026-07-12T22:01:35.291909Z","times_seen":16,"resource_available":false,"data":null}},"time_used":135,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":125,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/avatars/avatar-03.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.115Z","timestamp":1783882458115,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/avatars/avatar-03.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\netag: W/\"b4a2-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=E%2BwsgwiZ6S3ij4xm8L67lxkQTyPQIo2C2xmR1qOdcHaFhNlo8jHaQtfvJBvTtw3SuScmlDqD3XnRozcGQXCULApv0lp3jOm%2BcA1FTqCR3PucfqjkYJPgXMnqRcKvgQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2417339b0b51e-OSL\r\ncontent-length: 46242\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":46242,"size_decoded":47240,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"4fa74b80fc23a23ba9722e49be63a1e2","sha1":"1528f3b571fa660a31c45512b9e03553e98196c8","sha256":"b1bd6d8981b4f1567ab01976abfa8ced2a98cbaa78c8797b705353358a037545","sha512":"e1dc691b8ce5b9a5967c0a68b07789240f8780229c66086a289d3111a3e5bd532d6a8e98f012a0eeda7b18766b9945d49e1983fc9c5dbbbf79ec0d165d2b092c","ssdeep":"768:w1QjAVPlh5VliciOsObs+1nZSlK7NVOv/FtdM0tPKiHHvKo6IkECeVW0D4bq:wh39imbfbOvvC0NvKo6mbxDy","tlshash":"5b23029f7b51abcb0970a3b1545f8bda7e58f43941e27337eba10d908fa025d0825c6e","first_seen":"2026-07-10T09:45:03.501591Z","last_seen":"2026-07-12T22:01:35.284527Z","times_seen":16,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":121,"receive":45,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/slots/gates-of-olympus.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.975Z","timestamp":1783882454975,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/slots/gates-of-olympus.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:15 GMT\r\netag: W/\"f0d8-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2Bwm7kkS49DXGRnNH3pEGsp4iRRSrfVxCgn0CxJZsgeqshCz%2Bw8PLR0wMlZmeJTNLDDRT%2FFk0Y2m7Tj2JxnQtiMYROm1tXWS5u%2BJ7XJJsVNSS8iRPr7vvRnoyjJXmwg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2415f98a5b51e-OSL\r\ncontent-length: 61656\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":61656,"size_decoded":62658,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"5385dc5af3e323a64c8d460d53b38ea7","sha1":"afc4f25c210eac7f54158ffd13150d59beeeadeb","sha256":"5ffe571c58535b5f6923bf0b35f0b27c36c239359e768471b98115af0412fbd3","sha512":"c7a53ad11441621d6e599f71718d8688d94957852071c5599d29b56fd31de6c11780a9b5f21978ff6fdaad1893f2081d561f1687e0997b53186b26c744d0f1bc","ssdeep":"1536:GoHQqhP4lyxAukMALYYqYxxYw8XA6e4cr2Qfm:fhP4cWnMAI+xKXnc3fm","tlshash":"ed5302d492d4b92234c2583c7abb02585424e6e42712d59a737b769cfc32e89fcef885","first_seen":"2026-07-10T09:45:03.47386Z","last_seen":"2026-07-12T22:01:35.276397Z","times_seen":17,"resource_available":false,"data":null}},"time_used":186,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":137,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/games/trytostart/vs20olympgate.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.236Z","timestamp":1783882458236,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /games/trytostart/vs20olympgate.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\netag: W/\"3a86a-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pqXHZpezp%2FIGPP%2FCmydvXkNyT913bQdND0YxSdhBdUm%2BrY8nhVr4wdUbVCp5pOqGdpqnOkCTcQOYpx1gs%2FugTujTMmR93F%2BWf2AHK5S%2FqB8kvZLf4zclkcPUbDf8dw%3D%3D\"}]}\r\ncf-ray: a1a24173f9ceb51e-OSL\r\ncontent-length: 239722\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":239722,"size_decoded":240656,"mime_type":"image/webp","magic":"PNG image data, 360 x 472, 8-bit/color RGB, non-interlaced","md5":"b35b2e8a7a9bd2a1a1a3f3410abc0b9e","sha1":"9eed673b17df07b5a18c95cd083bf70a6390443e","sha256":"9be0afa381a4a45438b694ea6274eb5dde604c78e2c73a29e6f90a01a7c6ca22","sha512":"df25a134ffba384be1f1b391c70bfce195f8f05af57102e4bfe93738ec3fa0617a177807f13adff85f3a944d8936af78078a6a5d7b9dfa08ffa92a73c86c2817","ssdeep":"6144:Re/CZmWFt/Sk0h8WB6H8/fL79MsmyAny6Tlc:RebI/9lWB6H8XLpjmXy6Tlc","tlshash":"c53423cc96dec83d1192865d889bedc1778875702b0a9281e16aa1fc153fdeedf0ed81","first_seen":"2026-07-10T09:45:03.575765Z","last_seen":"2026-07-12T22:01:35.25694Z","times_seen":16,"resource_available":false,"data":null}},"time_used":218,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":123,"receive":95,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/avatars/avatar-02.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.292Z","timestamp":1783882458292,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/avatars/avatar-02.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\netag: W/\"88c0-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fHYc0g6Sn570cHinQeOqBkjAHdTaSF9FlR53ommbYBnLqiHBoLntD4unYuG9TzbpiiFPR2bwIXkkI1bxcze08g4vgwYNC6nEnEod5xKeSNN7wmgwV54AbEQrXOw%2B7Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2417459d7b51e-OSL\r\ncontent-length: 35008\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":35008,"size_decoded":36004,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"e24a10a59b8477837b5c35ebe08bab8f","sha1":"8fe74c26ad32ec7aaf96ba81351dd927422fd32a","sha256":"8e6e00abcc1788dd41e9d7d17fca30cef3556aacec8fe332b81f78d694282228","sha512":"cf3153db4a58a8ac1ad8c27b900fbda406340d20a6715d6ce1339f26242aef3f68acafedc3f87b787d029c4c5fa9cb7ec70ab1a495fd29db7945f09e3b6706a3","ssdeep":"768:r4q8fc4wlex68jL0fXMNTpWxjJN6MfnVTMiYd:rmO06CYXglUdgaVMiYd","tlshash":"24f2f1400d366927ff80a08bb92d255931c0fcb79be814a688ed79f2860fcd756b935d","first_seen":"2026-07-10T09:45:03.442356Z","last_seen":"2026-07-12T22:01:35.283457Z","times_seen":16,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":151,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/avatars/avatar-04.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:36.186Z","timestamp":1783882476186,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/avatars/avatar-04.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:36 GMT\r\netag: W/\"94f0-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RV%2B%2FwHvwmBiZc7gMyEn%2BBQmktQwetI4PG2m3uUgzoEhYLn28IR1TRaD4p708E7iwSDvKtAxHbNYg9fggivOnaAVldFVZu%2Bw6Xx971cvD7g4thhIzXZaMVWE1ar2lmw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a241e428aab51e-OSL\r\ncontent-length: 38128\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":38128,"size_decoded":39133,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"2d1c641d7f049af251a09cc0612e3d4e","sha1":"78322f070a54ebf93d74d7a8c0866f7db2881f51","sha256":"648865fa8c4429e627aaba9d6d51567f845c8aff7b8342ba684d2e014e4538b8","sha512":"31349595037ecd2825a344ce198fc486a4839bbe2ed62424cc1dcc6eca865ea42166a414b44da70e78d2ef646f1dd60f49e0e7613794ab0f4d127c3a71821f88","ssdeep":"768:7RA7zfI1kCGn8v2gRs2OOq0UY5paW/1xlY5njEaClicAsp3JLgwhzR:7RmfAynLge2OOPmM17YuaCli4p3JLLl","tlshash":"7e03f115d030bf43b8a5c5b5c7cfd8c62e9adba542bb83e152540a8410af1f1bfa2d21","first_seen":"2026-07-10T09:45:03.517578Z","last_seen":"2026-07-12T22:01:35.287301Z","times_seen":15,"resource_available":false,"data":null}},"time_used":68,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":44,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/api/slots/trytostart/games?limit=2000","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.020Z","timestamp":1783882458020,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /api/slots/trytostart/games?limit=2000 HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: no-store, no-cache, must-revalidate, private\r\ncontent-encoding: gzip\r\ncontent-type: application/json\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\npragma: no-cache\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JDqiRRYwDhCI7tGQsEkXl6iNomCEXp1TnzaZgGqdw2hHBxv2IB0wuJ%2FAWBUjAuP4HT6QSghOru6XkMi0URg%2B1IyJnrsT%2FqZ9vX4JwUqDgiD5N%2Bl5cs1uV3%2Fu4Ak8nw%3D%3D\"}]}\r\ncf-ray: a1a24172a9a7b51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":180338,"size_decoded":26396,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (65414), with no line terminators","md5":"d7c45617cb85a52adf093f316fc7d45c","sha1":"d763185a59e74e7a1530d393816bdf27ffb6fc7c","sha256":"f93e5113f827ce3143447538d37682d26223c5a08f19b1cfda71f535a14c02fc","sha512":"47b38b77e2c4ab2aa78fa751bb0552d0b8ec7750a5d3484feda461f299f5d36badba906fd0067bf2645e4c6943c6f04ea65ba92d3672ea4baabffb4fb632d5b9","ssdeep":"1536:l4bLnxB3csxYr5PDZsBTBvUkB0R0UASGtdyDtQ5eb4aei5QfQ7Q2MZsgmTHqBUc8:nnLhBld1y4Fk59oJga59XJ","tlshash":"6e04376bf85ca96ec53cae82adc34f9ed1dca24251815c0d60c68e3dd1e2ec31a19fd5","first_seen":"2026-07-10T09:45:03.500531Z","last_seen":"2026-07-12T22:01:35.295639Z","times_seen":16,"resource_available":false,"data":null}},"time_used":71,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":47,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/play/vs20doghouse?provider=pragmatic\u0026_rsc=1otn0","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.583Z","timestamp":1783882458583,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /play/vs20doghouse?provider=pragmatic\u0026_rsc=1otn0 HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kasPPbqV%2BdNCOAaM26Ta167y0RXopsWzWlG2uF8Q%2B1jXNOLstMQCiu40ghGzDcxRrfbwag8M5curl7bX6z%2BSx5tN9Vve4S3rhY19rRrgWf934eMsKMy1xOPfiGAsiw%3D%3D\"}]}\r\ncf-ray: a1a2417629efb51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":220,"size_decoded":1234,"mime_type":"text/x-component","magic":"ASCII text","md5":"d120a3dd10cd04cdaded6f8651558d72","sha1":"ff94165ee7679977ab16f4be9592f4c56316eb14","sha256":"c829a2a6598f90e23a2233b34f8287e3c80b8ba6715dbc0d9660c68ee3d4dcc0","sha512":"65fd30ddbe8d7856f6e86bd8a620e9fb7440e39b6fb799d8de2aa442dc4474ab81d45ad071b71593db908cf70ba3ca0bba37f53d0ff209c572187d343ee04227","ssdeep":"","tlshash":"7ed0972202053bf16c7e2888007cc68f740f104ba0c802f180624a3593230311a035e8","first_seen":"2026-07-12T17:38:11.679649Z","last_seen":"2026-07-12T22:01:35.296243Z","times_seen":8,"resource_available":false,"data":null}},"time_used":54,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":52,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/_next/static/chunks/6477-9e02b2a147e40874.js","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.942Z","timestamp":1783882454942,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /_next/static/chunks/6477-9e02b2a147e40874.js HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 18:54:15 GMT\r\netag: W/\"1f6584-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LrABOqyf93trtdGX4gOY4F2D4Blmi9YrY0yIC37sNRFjyk1J%2FbECkviFeyBE7I5a3xH84tmBCxlyqbTxH8PqipDvN20NLo3D%2FZKm0vVLGRFbC7uOc%2Fg6lBkETcwN7w%3D%3D\"}]}\r\ncf-ray: a1a2415f6889b51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2057604,"size_decoded":579574,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (58638), with no line terminators","md5":"b66b4adf96b34361e624085bac02f4dd","sha1":"2de8fbf5f39e235c724e087c37803769892783e5","sha256":"1a3cdfb687ced8dcc7ab9067134bd56a92782f468c26a9dbe595515555b9ec17","sha512":"7794ef09a3b5ad4c01e2c14b4f1e7723e8dc4b5e1ad6a148c4854ca3046fefb331e250302714bb016dfa238618c722f3cd56f8d87a0fc4f427227934f0dbc757","ssdeep":"12288:8YvBFTs8FN+95dzoX8i3UEPLBTXyXTUCI3184x1BZcWt/6BHsYfowoy+INtbkflV:8YvnXFZ848GYfowoH","tlshash":"77453918872c38b743dd33d136ce0f7aabec09b2a4d2d112dcbe952c62acd74616d659","first_seen":"2026-07-12T17:38:11.894837Z","last_seen":"2026-07-12T22:01:35.275068Z","times_seen":8,"resource_available":false,"data":null}},"time_used":252,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":126,"receive":126,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/slots/aztec-gems-deluxe.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.973Z","timestamp":1783882454973,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/slots/aztec-gems-deluxe.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:15 GMT\r\netag: W/\"1d528-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5EjIRY4UE5iz%2BD9r2QB9aW%2BczxdCC9wnzVlaInMYuAnUMkiSChMF51VzoXXWAr%2F5HweFKMVWP6FiD%2FY2jUbe6aoXgVfxAXdVTij5v1mUAW7aT1Fu6PJFit9EXLZqig%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2415f98a4b51e-OSL\r\ncontent-length: 120104\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":120104,"size_decoded":121108,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"33a0becd3951ca3fdd35c7dd1da54efd","sha1":"a17632960f7cafb9b4ef525b69cbc0e14895364d","sha256":"4277a6f42779711e0e082be210ca816b7e1246d82b944293b069fb7c0523ce4b","sha512":"889704cb60a85169d9c20b1477000d987223e145510da6bbcd12f03b7edcf1cfcea299b0b6cf25e9eb9a73da46280201cfe594a6caed250ac2de13b1687c6d74","ssdeep":"3072:+gIA0CnPgRcql+4/sEs9QsChmvHRo/3aNJ5PvU:8YoP5BMQs8mvxWsDPvU","tlshash":"b9c312966367a2c3fc6a5f5c6a8d9d29adece217388b935f4d7c2163de40122cc5e403","first_seen":"2026-07-10T09:45:03.518594Z","last_seen":"2026-07-12T22:01:35.316474Z","times_seen":17,"resource_available":false,"data":null}},"time_used":211,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":138,"receive":73,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/giveaways?_rsc=1otn0","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.383Z","timestamp":1783882458383,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /giveaways?_rsc=1otn0 HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bhj5HZA%2BQ3BD%2FX4jWOX4MSCgyT0gCaXBXYklJs%2BzOiXourpo%2FIij9HCAu7LVPWevDvWBwWu6Y2E57EskO9pEK7prMzSwqVxtnJEfTZUbC%2FVNyo35vQcpmWD0e1UJRA%3D%3D\"}]}\r\ncf-ray: a1a24174e9e0b51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":158,"size_decoded":1202,"mime_type":"text/x-component","magic":"ASCII text","md5":"0bfc3fd789c82ce146c5c12e2b511db7","sha1":"3bdeaf9b85ac35f5a912f96011769c56a1621960","sha256":"f1dde4c7e13818a4c848796b954ce0c1235716f5f2693b720dc202837c22478e","sha512":"f8fec6d2482f589d0d186e791ade1700e2eedd7a3bc078fe1424f7a0d70ad2457ee8fe491daa0d7d5095c346c8faa23b0b68f072c8e538df98e5a3251fcac332","ssdeep":"","tlshash":"7ec08c22420c3ef66cfe2a99286eca0f360e413b30c450f090e38b32a73b12008035ec","first_seen":"2026-07-12T17:38:11.809568Z","last_seen":"2026-07-12T22:01:35.274384Z","times_seen":8,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":50,"receive":38,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/crown-logo.png?v=pm","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.957Z","timestamp":1783882454957,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /crown-logo.png?v=pm HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/png\r\ndate: Sun, 12 Jul 2026 18:54:15 GMT\r\netag: W/\"f80a-19f43a76a28\"\r\nlast-modified: Wed, 08 Jul 2026 21:34:33 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HgeIUAK3hFJB1pnsp2fz78T4twsdT98PFaVYVApt3arnjRFOGrDAKIhngyUU6FYctd4inVFqLIC9C0M0DKfI0grLaOn7xeWPCkrCgxrSe90m0t9bh8bnHrVut%2Bn5zg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2415f7896b51e-OSL\r\ncontent-length: 63498\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":63498,"size_decoded":64493,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGB, non-interlaced","md5":"a3c9a1078bc4e53205f6412d40341501","sha1":"efc5627b4a72ea439076435289258e1b79b8d57b","sha256":"1e901b8226f1eb9f404ed2ed750935526bfe4bc1bdc3c655a0795b3985838b8c","sha512":"6cd908a4215ed45291ac9bfa839657d53226709912983e6d91cab8240efe87f1fa5acbb73dda72e6828c22d5d7345da2851a6a9cd55c237b4b0357cb16c71e26","ssdeep":"1536:xd6Ed8fHrKzgDjlVb0MvORymKojhtWjt7qtvy6STdyE0:pyHDRdz2vhtWjNXd6","tlshash":"0d5302d4f4b4afbc3419a6bce6961d130fbb42646dfa40212e887e4d9d22465d9f38c3","first_seen":"2026-07-10T09:45:03.481088Z","last_seen":"2026-07-12T22:01:35.256309Z","times_seen":17,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":126,"receive":48,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-12T18:54:14.359Z","timestamp":1783882454359,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 12 Jul 2026 18:54:14 GMT\r\ncontent-type: text/html; charset=utf-8\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlink: \u003c/crown-logo.png?v=pm\u003e; rel=preload; as=\"image\", \u003c/polymarket-logo.svg?v=3\u003e; rel=preload; as=\"image\", \u003chttps://cdn.jsdelivr.net/gh/lipis/flag-icons@7.2.3/flags/4x3/gb.svg\u003e; rel=preload; as=\"image\", \u003c/lab/hero/hero-crypto-v2.webp\u003e; rel=preload; as=\"image\", \u003c/lab/hero/hero-vip-v2.webp\u003e; rel=preload; as=\"image\", \u003c/lab/hero/hero-prizes-v2.webp\u003e; rel=preload; as=\"image\", \u003c/lab/slots/sugar-rush.webp\u003e; rel=preload; as=\"image\", \u003c/lab/slots/the-dog-house.webp\u003e; rel=preload; as=\"image\", \u003c/lab/slots/mustang-gold.webp\u003e; rel=preload; as=\"image\"\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-powered-by: Next.js\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Yb3ddZ4xUepvxoO1sNo6kQrOInxz%2F5tD4cMrtpKNqSLl7%2Bw5jUBOR0FNSxnfESXX%2BmKVfDyS0%2Bikki7uISkEGWgDKqQfJrXf9faqgj6ftgI9wFODs8vY6RFwYClBlQ%3D%3D\"}]}\r\ncontent-encoding: zstd\r\nserver: cloudflare\r\ncf-ray: a1a2415befb31525-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]},{"name":"Webpack","description":"Webpack is an open-source JavaScript module bundler.","website":"https://webpack.js.org/","common_platform_enumeration":"","icon":"Webpack.svg","categories":["Miscellaneous"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Next.js","description":"Next.js is a React framework for developing single page Javascript applications.","website":"https://nextjs.org","common_platform_enumeration":"cpe:2.3:a:zeit:next.js:*:*:*:*:*:*:*:*","icon":"Next.js.svg","categories":["JavaScript frameworks","Web frameworks"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":145151,"size_decoded":19781,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (36374)","md5":"105a7b19057623fdf4532c1fe7d3e8b8","sha1":"2634c3b74a77eea35a47d281c704aa9b50aeddc0","sha256":"d3a543e46fa72c93c9208aca819679f02cd29cd04b49cfff70e12d446ff15d9d","sha512":"d03f1c596774c3b91e9613ea78fc2e585aee4df4ec9a70302719dfcaf44b619d69e631e9fcf6d1acf193cfaea0c074bb4e175bf5857ae81edcff0936a5342b09","ssdeep":"768:gsOVpxjnjXu/sbk5wTTwLcZ+4NTfmE1fmndfm6BpnWl4kR/yosbbFfUO6DmTvqxU:GLjjs8k5wTTfNgjW0hFk0s2","tlshash":"62e3b931f2095c2d7033c585e5766fae70a9c116d31a4518f3bf6076e7c39faaa226c8","first_seen":"2026-07-12T18:55:07.374958Z","last_seen":"2026-07-12T18:55:07.374958Z","times_seen":1,"resource_available":true,"data":null}},"time_used":196,"timings":{"blocked":-1,"dns":8,"connect":1,"send":0,"wait":169,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/_next/static/chunks/8602-8018835a2b8c6467.js","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.941Z","timestamp":1783882454941,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /_next/static/chunks/8602-8018835a2b8c6467.js HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 18:54:15 GMT\r\netag: W/\"39f9-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZRCdt9nSzs1Nt47CbvXEl7ujGAo6xxu558hgqbf27Mcy%2Fskp%2F%2FFrBEgb5%2ButgX7wRhVggis3lCpE6zHaSXQCHj5LlpClzgMbE88utt6FQPKfxf4HEu1zyO3XVCru4Q%3D%3D\"}]}\r\ncf-ray: a1a2415f6888b51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14841,"size_decoded":5878,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (14841), with no line terminators","md5":"f366648bcf45d5debf0c1b40cf7d2f5f","sha1":"0b1a9b153106e4fea89f7cac44766d059c2e5941","sha256":"673a7d8aaeb6a9b355d1054015014fd544c8be225843d7bc37d39210d4caf7cd","sha512":"87bc2980f9da79d98616c2345107d092948b85ff882e652aee6ea02a2b3e01f9f8a2f49bd4835069e0487ce71bb42d9591bcd223fe11cb936a9d27a489040e70","ssdeep":"384:iTrTbTaTUnT74TeTVTwT9TQTkTz2uLSD8Tl4rmN2tTRT5ToToT3TuTcTrTP8TQTz:EP/MUTa4NOlu6zVmD8J4rhVxJ22jICPz","tlshash":"936286be77dd348d5a02e2e8d92ba0039bae0138264c4434b14ee4fd5958947987bf3f","first_seen":"2026-07-10T09:45:03.507605Z","last_seen":"2026-07-12T22:01:35.288512Z","times_seen":17,"resource_available":true,"data":null}},"time_used":135,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":135,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/_next/static/chunks/app/layout-3f0574c4e5d40333.js","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.951Z","timestamp":1783882454951,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /_next/static/chunks/app/layout-3f0574c4e5d40333.js HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 18:54:15 GMT\r\netag: W/\"7968-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UmY5lqUEcv%2F5LbKX%2BnEOfZQhHYzI1QaZZtALwWCyI5MUm7Ibqx31HqaQwm9EshQcYfqfur2hzDxghmLkbL8dS6d2aoS4Lev5V73%2FOJQDfDCRrofw7zge4v%2FjQaNe0A%3D%3D\"}]}\r\ncf-ray: a1a2415f7893b51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31080,"size_decoded":10069,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (31076), with no line terminators","md5":"c0d11d52032af6ad193ca67a8408c35c","sha1":"8932c0ff9004f3317bb6d2e2c06693f5f855a761","sha256":"6165148d41738b1c671dce4457ec8f9742d6b4489d0de7f6c916b30a77d5f34e","sha512":"7a88391810320df94fc5f40b777293396b0f6fef64aac6c6ba2ac848997bf81dd11dc7cedbe7fbf16e450fe788117fe66f79dae4b072b67724e99c13c2590fdb","ssdeep":"768:+s5XQwaevuPsAc9kxPsAzea6AZZGSYY2pxJuFFdYnQ:+s5XQwaevuPxnpMpxJuFFynQ","tlshash":"80d21ba6920a293cb5b245e8663f910cb17f6b25d72e4414b7bf2c313b498cd92727cd","first_seen":"2026-07-10T09:45:03.495816Z","last_seen":"2026-07-12T22:01:35.275778Z","times_seen":17,"resource_available":true,"data":null}},"time_used":143,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":129,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/branding/crown-loader.mp4","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:15.021Z","timestamp":1783882455021,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/branding/crown-loader.mp4 HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nReferer: https://gavewex.com/\r\nRange: bytes=0-\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 206 \r\nserver-timing: cfExtPri\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: video/mp4\r\ndate: Sun, 12 Jul 2026 18:54:15 GMT\r\netag: W/\"38c7a2-19f1a251a38\"\r\nlast-modified: Tue, 30 Jun 2026 20:07:47 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncontent-range: bytes 0-3721121/3721122\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FFJpvPaVVsXdhCMEL0YrknOQI890rzDi6Qs6TOi8c%2F4I0ra4aGpWvi0uTrL2DgfbC8X8%2FHqGlM5xzc6o5nI3UidYEDsAbNletOD12FhEM4IWBMVHV9xMYqL7jRbF8w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2415fe8ceb51e-OSL\r\ncontent-length: 3721122\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3721122,"size_decoded":3722146,"mime_type":"video/mp4","magic":"ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]","md5":"3a3c1bd7ef11371fa3862eb00bf4b609","sha1":"a132818eeeb6f0250691ca8c45474e0a92426897","sha256":"d089720c9cb4c13801367ed6c65dfdc0265af460d3275162c29134599759b65e","sha512":"101d5d2e3e29d961ae1a220b69df3fa5e72d84f48a2625a725b27a803d96c734efca12c8b13dcaf21f542fde6a4d94b9d80ba62f46203a743108aa735a111462","ssdeep":"24576:c86szvinuPYZLGtBdv+I0q7k0z7R6u9DJal6751INRU4w:menPBTdZDk0XMu3O6sUZ","tlshash":"2a2533d0c70a88dbfb55637c82489e433fd38ebdc60a06ea95d62945deb887671b13d0","first_seen":"2026-07-10T09:45:03.54451Z","last_seen":"2026-07-12T22:01:35.297322Z","times_seen":17,"resource_available":false,"data":null}},"time_used":548,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":424,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/api/media/ceb9e344-a5ce-43c1-8ffc-22302cd910c6.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.290Z","timestamp":1783882458290,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /api/media/ceb9e344-a5ce-43c1-8ffc-22302cd910c6.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: no-store, no-cache, must-revalidate, private\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\npragma: no-cache\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iJPi%2FmMTz3ttcOEnDKnbzNoSOQslp0wCKn8V%2BCJoWWDupQOtcCF3yKh8dhAERCkDopNnBUn1xNRt1YB%2FbVLeC%2FWYtLAH0CYPsw0hq4XeQE2kWlQle70buFNJVd1pZQ%3D%3D\"}]}\r\ncf-ray: a1a2417459d6b51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":164394,"size_decoded":165407,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"137cdedc2f1c8db70aab54aa6e011b77","sha1":"29c0216d3b5508c9066886910e3d1c549f1d3a04","sha256":"bf004b731aac1a183833df63844be938cb69b2095b647428d48ef00ed9bdd051","sha512":"6949a5f01e83762591535d1e4042bd6907c2a877a2fd4463d029d021c751854dababc6e87876e1d8c0520ee2d273b2228349bcef02197204b014b6d23d89a204","ssdeep":"3072:eHo6l/e1LtSYcVQCruv14MTZC2Me+pgqE4y0NXowhM8am9eCrJJl:eHc9tSXbruvXZMxpDQAX3bam9eUl","tlshash":"31f312e6bc5c49935922540ef501aa0bb449e8486bfdfde5bd30ed5ccb6f630088b58d","first_seen":"2026-07-10T09:45:03.572616Z","last_seen":"2026-07-12T22:01:35.322231Z","times_seen":16,"resource_available":false,"data":null}},"time_used":265,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":192,"receive":73,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/gh/lipis/flag-icons@7.2.3/flags/4x3/us.svg","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.17.208.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.298Z","timestamp":1783882458298,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 22 Apr 2026 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"65:D9:C4:7E:04:4C:FD:DD:60:E0:CC:18:B5:B7:01:68:B4:2D:C7:34","sha256":"50:6C:A4:F6:ED:74:C7:E9:68:DB:32:56:5A:68:4C:98:ED:01:28:36:F8:13:BA:CC:19:A7:FD:7A:0A:6E:E7:D4"}}},"request":{"raw":"GET /gh/lipis/flag-icons@7.2.3/flags/4x3/us.svg HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 308\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 7.2.3\r\nx-jsd-version-type: version\r\netag: W/\"288-N6tykxPUfRT2NzJqFDLuAuYttUQ\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-eddf8230102-FRA\r\nx-cache: HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=5,i\r\nage: 2644245\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QekZiSulcPGPRt08azDrSir7qj0cSWBNpuhwJ5LS5xyLZjYuDS7r2h4S7W7UWUXkGyEGjZxkivzAR%2FL9eJdWPKi%2B%2FEWd%2F6fKcxhrl%2F6GRp5qYJ7b4mCZHIYaZ%2BcRGMXH9%2FQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: a1a241745caeb50b-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":648,"size_decoded":1426,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1d23b9509d0a0a828e3071096b0d2edf","sha1":"37ab729313d47d14f637326a1432ee02e62db544","sha256":"e7be4240cf57987926673708f09233be1ab6bdf35acc7b86bd32a263f197a2a7","sha512":"b658ce1342283e8c9155e9f626a9ea094bbf2c7094e59459b3bc262384bdfd65b170b6110935c9d3a2989cac6e24efdbbf06e73f9fa9fe74119e60595d8e8650","ssdeep":"","tlshash":"80f0f4f1d2ece5a8851136cd1fbdb6a823d8bea806400dbba04c3c6c2425d7667835e8","first_seen":"2023-12-20T14:16:02Z","last_seen":"2026-07-13T08:02:39.907134Z","times_seen":4057,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/register?_rsc=1otn0","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.470Z","timestamp":1783882458470,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /register?_rsc=1otn0 HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 18:54:25 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MHxQ1zEk5CZDDV5v0zd9UUR8BEW%2FF83dlnwPqwa1EQyIgl0QFcgoQDhzRxuVOVQz1Dy%2B5J8n4x0RwCuD3LMaJmAqyoR0ZC0Ogp%2BTu7goVO5YznK60rPgbE6Df9XSdw%3D%3D\"}]}\r\ncf-ray: a1a2417579e5b51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":189,"size_decoded":1209,"mime_type":"text/x-component","magic":"ASCII text","md5":"a32d94d91933902b4b05f3c8a735b560","sha1":"8920b174f43f30bbe53a5915b17f6ccfea6df3a0","sha256":"61e50f01d990079ece93a0c44410d3219ed663a3dcebb1fae2d4093bf2336dbc","sha512":"f4d80ee278294aa87a8a3ad34739cebb09409993c23c82e4c397b4fc7acb0aa0bc739c8ffd649aba0c45384582d03351f7f41cf2255e1ee289e7b4e685b7aff1","ssdeep":"","tlshash":"fec01227860c29b75cfe25b8042dc60f661e853f239454f0d1912d75ab771399d471e9","first_seen":"2026-07-12T17:38:11.797511Z","last_seen":"2026-07-12T22:01:35.304475Z","times_seen":8,"resource_available":false,"data":null}},"time_used":7330,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7330,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/gh/lipis/flag-icons@7.2.3/flags/4x3/gb.svg","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.17.208.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.963Z","timestamp":1783882454963,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 22 Apr 2026 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"65:D9:C4:7E:04:4C:FD:DD:60:E0:CC:18:B5:B7:01:68:B4:2D:C7:34","sha256":"50:6C:A4:F6:ED:74:C7:E9:68:DB:32:56:5A:68:4C:98:ED:01:28:36:F8:13:BA:CC:19:A7:FD:7A:0A:6E:E7:D4"}}},"request":{"raw":"GET /gh/lipis/flag-icons@7.2.3/flags/4x3/gb.svg HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 12 Jul 2026 18:54:14 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 284\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 7.2.3\r\nx-jsd-version-type: version\r\netag: W/\"1f8-Fh7iCgp1uwbU8sqazbsTfZqWPOw\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-eddf8230177-FRA, cache-ber1080043-BER\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\nage: 2206301\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VCDfKVIvEvbS%2FqxsBs%2BaQLD5KoiUdrY%2Bm4PiRHfrAzOUHNi4z1aSV%2BDLbh8KGnLJmplT6AgIgZwKTCvPtRxty25cfwO8%2F%2F4Xjl9w1XBNFpyj71RM7%2BOe1TY0Wgou8KZrtFI%3D\"}]}\r\nserver: cloudflare\r\ncf-ray: a1a2415fa821dfec-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":504,"size_decoded":1407,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6dcadf6916764560c2f1fec586e2c1de","sha1":"161ee20a0a75bb06d4f2ca9acdbb137d9a963cec","sha256":"c8be1e7208798a4ae692ee1e937065d498bb29e741943f6172b29118b8ed8066","sha512":"b925b9042182dc31f953ebfe2bbe666822bb9a56411fc1045d46b5b20e68effe25bd6ce65cad1bcee3ef9008768bdb8221f66573d8daa27c60a8d004acada0a1","ssdeep":"","tlshash":"a0f09ec8d32d7045c70793104cbcf8e3d4d962ce559400dab4d09ae4216e7a7d8d7d91","first_seen":"2023-12-20T14:16:02Z","last_seen":"2026-07-13T10:17:34.001497Z","times_seen":3877,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":3,"connect":1,"send":0,"wait":6,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:15.309Z","timestamp":1783882455309,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Jun 2026 08:37:23 GMT","end":"Mon, 14 Sep 2026 08:37:22 GMT"},"fingerprint":{"sha1":"CD:5B:53:23:61:72:75:37:AD:E9:F1:74:B2:D2:EE:09:81:05:55:E1","sha256":"9F:07:21:2D:14:EB:C5:C0:D4:2B:42:E4:55:80:7A:BB:AF:47:A8:BC:0C:5E:05:F3:2A:2B:1F:2A:78:4D:FF:D7"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://gavewex.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Jul 2026 01:48:42 GMT\r\nexpires: Fri, 09 Jul 2027 01:48:42 GMT\r\ncache-control: public, max-age=31536000\r\nage: 320733\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":48532,"size_decoded":49345,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-07-13T11:17:56.345809Z","times_seen":233417,"resource_available":false,"data":null}},"time_used":115,"timings":{"blocked":28,"dns":0,"connect":0,"send":0,"wait":35,"receive":52,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/api/reviews?locale=en","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:17.940Z","timestamp":1783882457940,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /api/reviews?locale=en HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: no-store, no-cache, must-revalidate, private\r\ncontent-encoding: gzip\r\ncontent-type: application/json\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\npragma: no-cache\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Host, X-Forwarded-Host, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BKtnEf%2FHy8V86WU5cXUskOR9Es7PIs31Z13d2d471zV1hNnHiPpGG4hq4ryPngGqvIM7nKwzLkntsAwWp285%2FCLUhZuzJaSEPmcMSlF5UlgWgUmLvscl1yQxe8tQUQ%3D%3D\"}]}\r\ncf-ray: a1a24172199db51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18928,"size_decoded":6363,"mime_type":"application/json","magic":"JSON text data","md5":"b11141a66f4acc85ed5e8454faad7a42","sha1":"3d71f3eeb23dca8836476d92476e3ec7f0fd0dd1","sha256":"cc4d5f8a74d81683a6495eabfac2cecd552382d748e26c5b8505e36b4f0391a5","sha512":"6c69e192889a6c781f01101d15dd4e61d270513520e4a52576d23f4ebadd68a58dcd2dfc258c56475a7c457353c5a87b51ba558c0d414a0cf1a3e0b5541a43a5","ssdeep":"192:3uY56Ned6PS+FHHadWNuYdyU5VEYiFdMPVVyqvRJldQlMf3kaGJIXwQ/Br5MnR3x:ZgN08X9tNfkaGCuXFibmi08RfHEKnNeB","tlshash":"b48253676518663c7a7320eac54b7fa4671c7d327302dca4ed0ecebe41e25f8407649a","first_seen":"2026-07-12T18:55:07.382111Z","last_seen":"2026-07-12T18:55:07.382111Z","times_seen":1,"resource_available":false,"data":null}},"time_used":171,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":171,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/slots/wild-west-gold.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:31.601Z","timestamp":1783882471601,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/slots/wild-west-gold.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:31 GMT\r\netag: W/\"1267c-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BrmReE%2BoVeFs7Jvi0jXYmeReVcaIzc%2F34fV6Zs5bcFd%2B%2BnifpDURXOTTzCPo2HD1rFBwxvOBXODAJ7bLadcSZ6%2BI7sYVWbSCe6uCtqvIwY98HLc1tDqt1RSurg27mA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a241c78f0fb51e-OSL\r\ncontent-length: 75388\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":75388,"size_decoded":76398,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"a4d08f2ce7d608f3f8c032b0822a72b1","sha1":"4af5325f2834e09cbac50c22145eede287e20ea0","sha256":"3f856fd2ffad9148db6e06b06306c8753774c51fe02bb3f189702b14d0be6a30","sha512":"e182a41e1df5f49e6bcb4212c0ff417ad34a0534fa86c3f5f8350230b00325b85b15f065202c4745694b6e742793208ffd6ef59fef11f2b3f62f212f1ecb72d9","ssdeep":"1536:xCht2pj7iiYngyCZguVap90E6+dd5QHIyJtiQj3Yj339wQOVMP:whYp7zIDuVapeEjdd5QHVt78j3tIOP","tlshash":"c77302ac830ce2953ee17c7bfdd56457c0804ae6326b5ec92a01b4d61737ce5cad3a1a","first_seen":"2026-07-10T09:45:03.496757Z","last_seen":"2026-07-12T22:01:35.295138Z","times_seen":17,"resource_available":false,"data":null}},"time_used":87,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":48,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/rajdhani/v17/LDI2apCSOBg7S-QT7pa8FvOreec.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:15.312Z","timestamp":1783882455312,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Jun 2026 08:37:23 GMT","end":"Mon, 14 Sep 2026 08:37:22 GMT"},"fingerprint":{"sha1":"CD:5B:53:23:61:72:75:37:AD:E9:F1:74:B2:D2:EE:09:81:05:55:E1","sha256":"9F:07:21:2D:14:EB:C5:C0:D4:2B:42:E4:55:80:7A:BB:AF:47:A8:BC:0C:5E:05:F3:2A:2B:1F:2A:78:4D:FF:D7"}}},"request":{"raw":"GET /s/rajdhani/v17/LDI2apCSOBg7S-QT7pa8FvOreec.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://gavewex.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 15688\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Jul 2026 05:57:21 GMT\r\nexpires: Fri, 09 Jul 2027 05:57:21 GMT\r\ncache-control: public, max-age=31536000\r\nage: 305814\r\nlast-modified: Tue, 16 Sep 2025 03:40:35 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":15688,"size_decoded":16501,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15688, version 1.0","md5":"d5448938a162ccb434b09f4572c0191f","sha1":"be9eae3d1d9f4fbd2208e0fd3c871b17b65b6516","sha256":"5b7e4a6f97163c2636724d4de90304fc895653dcfe64c67a7a22f26331ca5c5f","sha512":"df0245084768642738387f7a0daa11c4bd0109617c4120bfd88083c30d686ee2bd327e426ce0d9ee1f50839c5e2890f8a2a2d7acce3705fe8fa324fe623ad942","ssdeep":"384:Bktl5HsgImpL/2gZDAMAyNWE3pZrsjyb2mf+X:Bkl5MgDpT2g5AMtswpZZ2mf+X","tlshash":"7962c046a5a6b998f4d4ecfb0086542c19bb5ca11c6230f3c719356f5bd3e75cee4540","first_seen":"2023-04-14T01:29:53Z","last_seen":"2026-07-13T07:15:41.198028Z","times_seen":5715,"resource_available":false,"data":null}},"time_used":84,"timings":{"blocked":23,"dns":0,"connect":0,"send":0,"wait":59,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/polymarket-logo.svg?v=3","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.960Z","timestamp":1783882454960,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /polymarket-logo.svg?v=3 HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-encoding: gzip\r\ncontent-type: image/svg+xml\r\ndate: Sun, 12 Jul 2026 18:54:15 GMT\r\netag: W/\"31c-19f43a76a28\"\r\nlast-modified: Wed, 08 Jul 2026 21:34:33 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AaoxwBwggpfDFUwe3GOOft5Um8h496fRgzrW9PtugfCM%2FUj8dJIMRShhMUMZYVJMduQCr26cR9tp0CHxM7dzPgsvU15HA28I4ANdV17T3VSMd78vSJ9fIVmf8xhZ1Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2415f8897b51e-OSL\r\ncontent-length: 441\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":796,"size_decoded":1484,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"96f4c35ae667bc254a3cedbee8fea5ab","sha1":"557c471948ff981c73c4baf00f14a24a8760d523","sha256":"51a29787758e3ae48fc9d0a9e982c7ddf1111f4c4967c4bc85e2067810b572c8","sha512":"1a41f905ffffba3a39763a85f7c55dcedef2c1f5a8c8c4f117976c753f3978822f32b5544f2480271815514109a7549a52204adf78a6879b8764ac483f9e4cce","ssdeep":"","tlshash":"ce0115dee044c46d5c1cca57cd3567dc6ca354f367d2461885159a1c7013bee9c036c6","first_seen":"2026-07-10T09:45:03.499638Z","last_seen":"2026-07-12T22:01:35.260721Z","times_seen":17,"resource_available":false,"data":null}},"time_used":125,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":125,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/predict?_rsc=1otn0","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.139Z","timestamp":1783882458139,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /predict?_rsc=1otn0 HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nQ2A4xLCyRBtQmr1VSmqzdYYuTDZG7TVjG8rutVA6C5nKCHSVd2DJjb2k%2F1Nnk3U56M74zxonF8WrbavwvaVYk%2FIGJPu341Kluhr06lOjhD1cUcube7W7sDAcQZ1xA%3D%3D\"}]}\r\ncf-ray: a1a2417369b7b51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":154,"size_decoded":1194,"mime_type":"text/x-component","magic":"ASCII text","md5":"427ba4325d78cf1b03cd9964bebd615c","sha1":"a319f409b20da4e7d3634bf3205cc481bac13b3e","sha256":"8f1e1cd448797cb2d551ffeb3ce2489a5189923888b37b971e38affc2562f8fb","sha512":"5d900b3a39417f099124fe928959ddba295143e3adfecb9c1329bbfb91722fd9505a1d8f1a59b41f965b2ce8a504f9c13d78c9bff486e348d5344979fed95c32","ssdeep":"","tlshash":"fac08c3a420b3ef5bcbb28aca4aec60f360e410b21c418f0d0924a10a73702105039e8","first_seen":"2026-07-12T17:38:11.79463Z","last_seen":"2026-07-12T22:01:35.293885Z","times_seen":8,"resource_available":false,"data":null}},"time_used":48,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/games/trytostart/vs15godsofwar.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.219Z","timestamp":1783882458219,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /games/trytostart/vs15godsofwar.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\netag: W/\"43894-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ghZP5vS1Tj49qPL7Zwump7Jczhx2uP2o0RP8WDZH3P4uq2Q134cICqxNPAO7GgGc%2F01EuLTxWZ5ZbLR4qH%2F4kHvmQCwW%2BHSClYMw60uh5I4fh6fdjH4pTBBlI2FDsg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a24173d9c0b51e-OSL\r\ncontent-length: 276628\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":276628,"size_decoded":277556,"mime_type":"image/webp","magic":"PNG image data, 360 x 472, 8-bit/color RGB, non-interlaced","md5":"979852fd6da5e7b15cd1f5f92a961106","sha1":"9d485e3fe899b422b9adc4b0c620eb144f335352","sha256":"f4559971ce6d4019c823558f1c57616e238fdbf96dfb35c8fd6583332ecd3636","sha512":"4bfa3b9e5e68e2765661c2baec88d68a3af81387d7cc1c463bd4a80679170ce9a6ad3ee840e604ffb99391dcf971bb26cc5d500dc5e79703f986cd0526580b11","ssdeep":"6144:mIeEt/tm0YtyKztgChb1k9q8OKrGs0fpltbEFatc+cahe:mBEtwNthtPhb1kBjN0fpv/cr","tlshash":"9a442356ff3970a651bbefb4aa0012d20b23ae7864ef33dd309655c10a4c5831a9b7dd","first_seen":"2026-07-10T09:45:03.512611Z","last_seen":"2026-07-12T22:01:35.309255Z","times_seen":16,"resource_available":false,"data":null}},"time_used":217,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":95,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/games/trytostart/1309.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.222Z","timestamp":1783882458222,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /games/trytostart/1309.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\netag: W/\"2ea88-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cFFMf7IlqoU7Ui3WGiyx3cx4sURfheanYtUMiXgGekMA0ciEvvUmDOvYf2Gmd8AGlbXerI3TMqV7PQ%2BpM1%2BhvlkIMoYthaPCeZtAMk9riBlJhcFuKEGrfo2TXv79tA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a24173e9c2b51e-OSL\r\ncontent-length: 191112\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":191112,"size_decoded":192038,"mime_type":"image/webp","magic":"PNG image data, 360 x 472, 8-bit/color RGB, non-interlaced","md5":"67de634afd975632ed55c97a46274d7f","sha1":"266f437d9a77778edf3648153208b5ab234d482a","sha256":"2dd2997203a4aed12599d29f3b7acec417219602caf5ccefac1e6412de958224","sha512":"39bc73e745ca4e806f46bb88fd497f0da2c6b409d7f5e5e09fbc132688afa610080ddcb1928509636b1feb3cce304a7b4a2b656ccde12c295e0d21fc889edbc1","ssdeep":"3072:DfXnSkyhQNXDwrkbAF8UqsuJj5CMvQ3HrtjpnwzQr4YQ3iNekbEG9iBwUB2:DfX/+QNXDwAbAAFQ3Hrt9wzQrciVn9iS","tlshash":"bf14239ed7c056511be03a4b00d69f49a0afa22465f81af1c9fd35dcf1242ff82a8728","first_seen":"2026-02-02T19:22:04.376431Z","last_seen":"2026-07-12T22:01:35.285214Z","times_seen":39,"resource_available":false,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":74,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/games/trytostart/vs20doghouse.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.226Z","timestamp":1783882458226,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /games/trytostart/vs20doghouse.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\netag: W/\"c71d-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Q5Pj9wh8h5Tn6ZgY0WF5iW5UKFBAb6wX0r9DB12VeLOqdBcynMXMNLkWeLfZ%2B%2F9GGps3p55ER3qux96iCB8AhTuV4Xltr4NgRz4rLFb37BtPsQRGmBSD9MOsQsssGg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a24173e9c5b51e-OSL\r\ncontent-length: 50973\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":50973,"size_decoded":51897,"mime_type":"image/webp","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 360x472, components 3","md5":"e01e7dd2ed5b17e02bdeb34c09d2afed","sha1":"2f200ecea22af3478756569edfb30b72e45dde54","sha256":"1d195ef122b4e40d3305fc65cefaa7c5c967c1688533db98da9a4bad93a2c7ef","sha512":"038a542ea1cf08126b558d06a1025b3f4751c3af2bf7a388bd79678c8f5867c88c596513cd4d1a8035632783c8deddfc0999e9261742d81bf6ce4883c2063b14","ssdeep":"768:hYyBIClez5YsfIlCTuxHhs4QVz4cQ4ZgXrslVtBzLsaJc3sg2UlQlm90bE+VJp5p:h9plemtlpeDVzxos8Sc3zCweNfvv/31","tlshash":"3433f2f3bfffd21bf879f235c0a925f1433916b61329925bf1591b2c10906c8295984b","first_seen":"2026-07-10T09:45:03.447671Z","last_seen":"2026-07-12T22:01:35.292417Z","times_seen":16,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":48,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/login?_rsc=1otn0","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.469Z","timestamp":1783882458469,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /login?_rsc=1otn0 HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FKp3KRFFy%2FgEtKshwhp%2FWYvlNooK%2F0wX3YWIdsRzL3ahQueC7BYUsR29BS0fBuv2DfYKhpoOcjsyXPWXgu9UyfC%2B1XWXt9aYKpQ4AgQX4x2B361o2H%2FNQCdX%2B0tXwg%3D%3D\"}]}\r\ncf-ray: a1a2417569e4b51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":130,"size_decoded":1191,"mime_type":"text/x-component","magic":"ASCII text","md5":"757bd258af89053ef88d4e973f43e89c","sha1":"fa2d69810ed2575455cbb8c822eab15f54f417c9","sha256":"40cfb2a00717929e54dc53bb7372baebc53d67ca4fcd31c0a8c4912fcb494b72","sha512":"1676769f2db650436ce9f38dc74ac43ddc7277afc5d20b3c616a0919f82f6328d10839e3544455b48bd6c25dfbed9b7cc26b06cd417ef19e1987adf8c5e2d61f","ssdeep":"","tlshash":"b8c09b31870d6df55cfa25c1421dc79b761d430b21d459f4d1b15b106f771215a475f4","first_seen":"2026-07-12T17:38:11.666876Z","last_seen":"2026-07-12T22:01:35.303828Z","times_seen":8,"resource_available":false,"data":null}},"time_used":47,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/slots/sweet-bonanza.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.985Z","timestamp":1783882454985,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/slots/sweet-bonanza.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:15 GMT\r\netag: W/\"11110-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vN9uH03Ml9bnzCzWtEeJmAPvB5UQ%2F3wSgZSJWC33%2BJjiKRmsOnRPA6iQS162VuI%2FnwlkVjOkyggzqx%2BTguIf4doK%2BMWoImdk1Ry2nqqEGp6aEAn%2Bi2ql5l1ig02H9A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2415fa8abb51e-OSL\r\ncontent-length: 69904\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":69904,"size_decoded":70911,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"721b6f52f6774f238e4849424522f47c","sha1":"d3080ed7ef65c3c03e2f93b18cc82756a8655b96","sha256":"d52f0c6f6681d1bfb2d399caefa084f38ce65e099e7bc22e61dc67dbf7ce5bdb","sha512":"510dedd7bf8c58f1b648f09f8c2b78f95dce5a0a765dde944e2d69d0b5511c63b1b5b107ed3d213e3682e73cd201f6f3ce575c0160d9a4a1a55f12aa107e24f0","ssdeep":"1536:BGgiPYdFt+tD7YcF6rZ9FiZ+gxAW7KHV1ynVCEB3M:BXikQD7OLIYgxt7KHV8VCE+","tlshash":"646302c07fa1ef0cd5f07bc362e76b64ecd21d95a22da1d629179f2356afa0214081ec","first_seen":"2026-07-10T09:45:03.510801Z","last_seen":"2026-07-12T22:01:35.261924Z","times_seen":17,"resource_available":false,"data":null}},"time_used":186,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":138,"receive":48,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/avatars/avatar-06.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:22.587Z","timestamp":1783882462587,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/avatars/avatar-06.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:22 GMT\r\netag: W/\"8f7e-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0SEfaKwAHYgrSHhEbJElLOpBFMp4j0VwqMTLyNZzBnJ8bJnqUaKxGnbkHlWSyAersylR34V6qFNRVHNKuGz1bFg75XbERwySXhK%2Bnz%2BMUsMBbECJAAp%2BftyxHZ6VvA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2418f2b6cb51e-OSL\r\ncontent-length: 36734\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":36734,"size_decoded":37737,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"8415c57ab324120f06dcb58f4a3642be","sha1":"c2643dfb4399333571036c100e8b6ef751331845","sha256":"56480fdd85dfea62d1c1e8c2bb50f439335898b297ba0252bede15905feeab03","sha512":"b854b06dae393078db8d160da65e2b0dbdd3e4abc09a3885f12ceb555390628ce4f15a1096d07008a235d424a01fb52e48ef1a28441c3fb851560f0f3887a7b5","ssdeep":"768:Kmf28ZprnqhaGpxAP1xASrjxVZuDsVPy1U7HQegWebUOgHdZxhF2:h2aZqMCA97rjTZciy1iwTHg9PhF","tlshash":"70f2f17ae574300acb98e8183c133892fec35869158791d0291f27c6afe3b9fe61585b","first_seen":"2026-07-10T09:45:03.463406Z","last_seen":"2026-07-12T20:48:52.771005Z","times_seen":12,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/avatars/avatar-01.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:45.204Z","timestamp":1783882485204,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/avatars/avatar-01.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:45 GMT\r\netag: W/\"7aa2-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yHNt0KQJioeQKnJFpWqw%2BU7xr1vZdlwbSTbI1KQf%2FGv1Dznqu0rRYob2yc6mu1OYjMmXOp0CTwRvM9smlp62KAGNdNvklrBCtaUnjaGV5LKyDfvCPtb5OC10EtYEgw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2421c8bb6b51e-OSL\r\ncontent-length: 31394\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31394,"size_decoded":32395,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"5509ff2b421b108162329e8480cbf42a","sha1":"3072d660a2b73a831d89a61be8422498eb70923a","sha256":"395e861b9886862ff3c0e250045d90084dee194225fa87649ff810a93029cf72","sha512":"9f23044ac22cde5a69e0c215d9bf1b2cc7cc81d9653b82b6caecf195dc9de2bdce6dc2fbe57f8d243fb042baf5bb7ea9ed2f18c81486635b520ff91123a4a576","ssdeep":"768:qLVZRKuBtND4jceGyr8Ee4m90bm9JIqXkeRDMB:qJK84HGysp9FX+B","tlshash":"d6e2f194db0488e1a2646f155fd0aa42131ecdba610a2f7f13fa4fc133eee6489f2591","first_seen":"2026-07-10T09:50:20.394431Z","last_seen":"2026-07-12T22:01:35.25383Z","times_seen":13,"resource_available":false,"data":null}},"time_used":64,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/_next/static/chunks/1255-c32318a942e40e3e.js","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.935Z","timestamp":1783882454935,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /_next/static/chunks/1255-c32318a942e40e3e.js HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 18:54:15 GMT\r\netag: W/\"2a3d3-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XM7zzO2sQE0Pz%2Bv2ArJh7JESn%2FioEX1lLgFtpCtj0lmpQBjf3ktIeeTM%2F0IBZkvj8Kcs9bkv3QtGSI%2Bf0QpIg8O7oF8c8tudVGykcX3tdfP85qjSaCsAB%2BZkwVgmPA%3D%3D\"}]}\r\ncf-ray: a1a2415f5882b51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":173011,"size_decoded":46820,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"d0655ecf061ed2032b2ed77f5fac4960","sha1":"bd73869341e65531e389db448125d6aa1b94dc73","sha256":"da0b6bb480869080c97b8a651145be0afa28d583e9f61fdbf836fbaf22be5ce3","sha512":"848f838f84fef605ebcdfe400206de7557e437dbc80169c2fd494308da5747a6fa93547706a1a590b39d20aaf9587ea08e5bb71a162734255329beb93bad6485","ssdeep":"1536:bzigN+8/BhcO5HYHqLVcXo7yIzPr6Q04ToTlTx1p7eChTtaocZXxreXRNIrky/Sz:379LmA+sy4r904Aj44RN0z/Sz","tlshash":"f0f3dab636d0f8d107a780e5843b400af3291c3b146f74a0a3e6dcd975645dea1b3faa","first_seen":"2026-03-28T22:09:22.209351Z","last_seen":"2026-07-12T22:01:35.300715Z","times_seen":26,"resource_available":true,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":145,"receive":31,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/_next/static/chunks/main-app-f3336e172256d2ab.js","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.937Z","timestamp":1783882454937,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /_next/static/chunks/main-app-f3336e172256d2ab.js HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 18:54:15 GMT\r\netag: W/\"23c-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wW36EmFP5JuGXRsfp68HK7z03LPrJoiCpS%2FyRbVq95xYVFaLDFpMoFeOfNatlVgLt7RGJymSyTEIHRzxai3LVUVz3ItJHz6W6nMrTQF4E8lUkl%2FLJ3zDV6SVhE0V2A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2415f5885b51e-OSL\r\ncontent-length: 239\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":572,"size_decoded":1251,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (572), with no line terminators","md5":"39016df7484bb925b0b0fe1905ddbceb","sha1":"088ce59eb609b8c19e00e2d93e10d33b75578d7a","sha256":"91801d552d3e97ad6aabb535c2d8eeff31bab152fb2448b8556373894e7d7215","sha512":"41618a49d22f65beb83086c769a8c67e5ba76cbd01b838ee2ef88857171a333a9ee680d08d182a3ef65393eef1b4d2984c122e3d4d0913e82c0f0e9ee004e46b","ssdeep":"","tlshash":"8bf0d69a4f0cf52f5d26ad65fe97ace2245f4175202b4e606901ee613c23bacd270404","first_seen":"2025-09-01T15:30:28.522834Z","last_seen":"2026-07-13T05:05:21.75875Z","times_seen":633,"resource_available":true,"data":null}},"time_used":132,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":132,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/api/domains/siblings","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.133Z","timestamp":1783882458133,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /api/domains/siblings HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: no-store, no-cache, must-revalidate, private\r\ncontent-type: application/json\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\npragma: no-cache\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: zstd\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Tu5Ocd3zyWlDrb%2FIKKhyaxSJoXTBCGY59J0dj64ud4N0OXzi8jd%2BZCy%2FZ7RbDx8QFuGrJpYrs77KkEXZh3goe0kPkys2FUGnD7QgOik%2BxkuGRUZWQY6MUmjT5V63GQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2417359b4b51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":251,"size_decoded":1157,"mime_type":"application/json","magic":"JSON text data","md5":"ea986c18cfb73acb14241cd44e635c8a","sha1":"39953e1936af70af0e8ce53f8a26f8246440c36a","sha256":"32787c535a37a1306f0ce55929634fa1cc1e98cd99c814ae2995dd3e6fb18c75","sha512":"36370085fff8d46084e4c8604ebc32fb018bd1d3d9cac794ccecf15462023f3711acc1ad93c6705ca3059018c857ad652e1d58e7c4c52c269748e716c388b0a1","ssdeep":"","tlshash":"68d002049b4885a44a450475b87e4e8475bc1cf5c718c6f08472d101427b38e1c6c8cf","first_seen":"2026-07-10T10:22:32.074992Z","last_seen":"2026-07-12T18:55:07.392631Z","times_seen":2,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":42,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/games/trytostart/vs10bbbnz1000.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.224Z","timestamp":1783882458224,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /games/trytostart/vs10bbbnz1000.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\netag: W/\"31661-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VlEb%2Fq7qcUZFBN0%2FHa4EIFNIo8%2FNStueUpKbcIvdGJbsIW%2FD%2BQF4NX4F2FMJKydlSiMBGAzznt65MPpCxlHYGosFfU%2FuVm%2FJhDeTaQthx46mpvxysUlkrcxDVeje5w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a24173e9c4b51e-OSL\r\ncontent-length: 202337\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":202337,"size_decoded":203273,"mime_type":"image/webp","magic":"PNG image data, 360 x 472, 8-bit/color RGB, non-interlaced","md5":"fc682a01b30969c31b5d2c66887d4be7","sha1":"605e59716ef7353dc35d0e7da342a8ee2a6b52df","sha256":"07a2e1c144e07f1aef4ef295b983371d4014290fe0386df6d89a2d63c600fe22","sha512":"e99d50df16f3783df87afd21266d31c1679b2718c11cdbb620c570be8339b4dd634b6869063c7eeb3e55c654eaeda751ef886809fe4ec45edbff01e5e8128258","ssdeep":"3072:+s2K0+E1BVyXNZdGahQpX10H3gIu4BgAKGMUy4e+qB3TxTp+K4ay62bB6+TDWOXd:FB8F0XgIu47KGNHzqwuy6qBdTDWOvA2n","tlshash":"d714227b36df3816e6c2a0768d7c5d279260a9e602f728d62c6173ead1358cf5017fa0","first_seen":"2026-07-10T09:45:03.494863Z","last_seen":"2026-07-12T22:01:35.31273Z","times_seen":16,"resource_available":false,"data":null}},"time_used":136,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":109,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/games/trytostart/vs20swbon2500.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.235Z","timestamp":1783882458235,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /games/trytostart/vs20swbon2500.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\netag: W/\"7652-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=m7ex0CkNOjmL3YV6ggAwfD24XVRENEXQmcM3ozxtfEB4Hideu%2BVo2bnVYX0DVLxKZqHtYQZfF%2BjLot5D7RJoXYONnEMZ5YNvemUUkVf6PkjSZmmRJsKlfq87esmw0A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a24173f9cdb51e-OSL\r\ncontent-length: 30290\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":30290,"size_decoded":31214,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 408x546, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"ef7d1293c15a0467300fc4ec94aa0962","sha1":"68b0e661714180d5e68942a2537189d272038cac","sha256":"67a835363fd4f746517982066ee9325d6f4d5f7b2f551318194e1476b4fbf805","sha512":"a627528c36d388eebb82ddc6e357cb5973d96cbb94f1ffcb40c09b1e1a2f4e016cbfb52796b6621f5554fee680fdb3835c5f442e0b3c9ee468bad9a65b236b17","ssdeep":"768:a/wZJQB/bTR3E7oM3TXlsKiyp8ILpVz/t3/EtFBtheZyK:8wvQB/bZE7oM3Tl7xyILpVzl3/EPBth8","tlshash":"ead2e16738a19715e14e0373c15b88d0c74fd50ab883357e807786c5b0aada692e4ff7","first_seen":"2026-07-10T09:45:03.43836Z","last_seen":"2026-07-12T22:01:35.296805Z","times_seen":16,"resource_available":false,"data":null}},"time_used":26466,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":273,"receive":26193,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/play/vs10bbbnz1000?provider=pragmatic\u0026_rsc=1otn0","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.537Z","timestamp":1783882458537,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /play/vs10bbbnz1000?provider=pragmatic\u0026_rsc=1otn0 HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 18:54:26 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=t%2BedlqUQYggSK%2Fb7mufDfbTKVcBLLX%2Fv6ykTs%2BHY9x%2BwFEktpkOmFPZQQoWs4sUDsBwKq3sVnWwscsn7KNQeHul230mXcyH%2BlzqQIcbvDoul2ui0JfvN4CzBnNtEhg%3D%3D\"}]}\r\ncf-ray: a1a24175d9eeb51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":221,"size_decoded":1239,"mime_type":"text/x-component","magic":"ASCII text","md5":"ba26f32ffcaf2831d8ec0ac54f7d4872","sha1":"b9ee1b9c7f10092556bbec51149a9e459165adcb","sha256":"1402a8c710ad9f71fd8233661635a2433ecb2f6997bd53062856cc9bfbc34f7b","sha512":"c9a460d044be181512ca5abf0df6e510f4d42fc07a0362a7c46dc329473f9f7eae4a353c6546ed2a6b105127437d6a7ffb1b6ac820c14d2814fd162867d6bed0","ssdeep":"","tlshash":"e4d0a73a42053af56c7a2884057dca5f751e619ba1d846f250525e35976703119036e9","first_seen":"2026-07-12T17:38:11.676985Z","last_seen":"2026-07-12T22:01:35.315169Z","times_seen":8,"resource_available":false,"data":null}},"time_used":8238,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8238,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/slots/sugar-rush.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:27.100Z","timestamp":1783882467100,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/slots/sugar-rush.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:27 GMT\r\netag: W/\"12dca-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9ySYEgVM6iDT4fuWj%2BcSy7yoFESaU4veEp6kuo0aSD4qipVS98jvyrTWvRR10fjyEsug5emjmuT0nBpizTFgIU7J8cm5HDMYbn8SlIi8V188GqbFtmezyMbhQzJfcA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a241ab6daab51e-OSL\r\ncontent-length: 77258\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":77258,"size_decoded":78258,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"bf41d2e5df715e30ae5765e27035f41e","sha1":"dcf2c0669dd20ad1b99ea77df4e3f6ccdeead5ab","sha256":"f737baadd156371777dacf433a53ad815758d08052959eb468d9f88e061ad90e","sha512":"b6993d81aab072729107d0d1d86fe16ccdf884f439d987f4cad006dc18158deeb30976237f695a306f65e299f828bee73d82148e2b0b09bb43249dede4c8558f","ssdeep":"1536:HMA87FnJmqOd5Zq0NK7TL4poJXAtB7QN1bbY:HpUnMq+u0NsTkoJXAz7+1vY","tlshash":"da7302d366435f630ec3b099ea9c8feabb66511cf0f602071e6a8744359c974a06eb74","first_seen":"2026-07-10T09:45:03.490538Z","last_seen":"2026-07-12T22:01:35.250373Z","times_seen":17,"resource_available":false,"data":null}},"time_used":87,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":38,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/_next/static/chunks/app/(main)/error-e76e5ecab04323eb.js","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.948Z","timestamp":1783882454948,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /_next/static/chunks/app/(main)/error-e76e5ecab04323eb.js HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 18:54:16 GMT\r\netag: W/\"23d3-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Pn1AdI5N5xl%2BYM1n8tztlCaCULKTgwIjIcIiGoEnXI%2Bk4WStAVCtbTZ0NBkc4OX6qQ3d%2BdNWAOE5vwvBOO97nqaOjQWhsOvwc85xD%2FAKTyA6Eb6q8p8xAPuayCzPxQ%3D%3D\"}]}\r\ncf-ray: a1a2415f6890b51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9171,"size_decoded":4203,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (9171), with no line terminators","md5":"ea37a6907bbf49850fbc241b021b98ac","sha1":"0c4b73cae7505f9098532e047b378bfae64317ac","sha256":"38ad85b1457519a9dc72e54394f3996d7560f3d34e3398ec2ec72a9ed62253aa","sha512":"dc3684031a1dfd4df683fa10824f12e47c829ae2d20a92efd4820e6ad9e55732c6a9784530685c9356a7af34747a1a16f700f036f08e09d75bee9b15f06256cb","ssdeep":"192:lTzTFtTCTnsHTTYTetT9TYTFTYTcTLATnPtpSTiuTQTp6TPTSDTETzT3sToThTF9:lTzTjTCTsHTTYTmT9TYTFTYTcTLATPrw","tlshash":"681224fe5f9e25ce5512c3ccaa4ba040d7de0338365e4821a58ea8b9c241956fd77f24","first_seen":"2026-07-10T09:45:03.528266Z","last_seen":"2026-07-12T22:01:35.281579Z","times_seen":17,"resource_available":true,"data":null}},"time_used":1667,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1667,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/slots/the-dog-house.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.968Z","timestamp":1783882454968,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/slots/the-dog-house.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:15 GMT\r\netag: W/\"109aa-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hmM0cb3InTCtxaY2fXVml0v21j9weOVuyVJ6vTmWoA7rlotuBTCJL8STgl%2Bq95TsV7VLjIouT2Tse28OOOjPPFdBp47nKOIDq4Gg9gbq7o8Alq3MU28G%2BZypbwhuNA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2415f889eb51e-OSL\r\ncontent-length: 68010\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":68010,"size_decoded":69009,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"2b9f8d3634b33f67618a2165bcfc9e64","sha1":"b78d21e115c70e802749e0abebd64d281960e839","sha256":"31dea2a3414638bb40323b0f736714adea89c3a4ec792a2633def6a031f40abb","sha512":"35236b4d268abdc18417458a9904855a347ccbe0041e51959d3773c693be9aed557b066748ec37e1a7fcdc0880b51c14bd1237ff0b7b66873d2b1c84dbc6219c","ssdeep":"1536:ZFyfU4Wy6d20OqYMZTQo/PklvkPc8tXK2Uba6sDqpGJb8fuLzg4E5n4OJM:ZFWWyZNqYMdl/PxFcb3smpGJb8f2g4EK","tlshash":"666302f75a996667f20b02bedeecebd8beed8a03c1b7d124096455b005374c343a5836","first_seen":"2026-07-10T09:45:03.457398Z","last_seen":"2026-07-12T22:01:35.315655Z","times_seen":17,"resource_available":false,"data":null}},"time_used":194,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":145,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/api/media/26e4d6f824b54c33b0666324cd0f018a.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.300Z","timestamp":1783882458300,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /api/media/26e4d6f824b54c33b0666324cd0f018a.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: no-store, no-cache, must-revalidate, private\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\npragma: no-cache\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ku4Na9I5psonwtcOeDXUqZ3how70K8O2D2TBE%2BJNixiADOkYe81627MY1qwapFORGqWYWO6bH52Qrd%2F4hzZ0mlG1yIm9Vw74rc9M4S85JwOqjh5iAgW6htPjvZoC2Q%3D%3D\"}]}\r\ncf-ray: a1a2417469dab51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":99470,"size_decoded":100479,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x1446, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"fa3411773d93f8de394a5fe5f7fc908d","sha1":"3b32dff53270a2f61728ba8e80162adbcbdaa7fb","sha256":"ab21d29fa80489dcd0c549b8fc1a86a3883854dd2ea4c542efbf2cc690d98fa0","sha512":"c4cd3c0f88a40855b1fe0d1991f19afc3f824c18313f57e6f9e0e2fd4cb7930831e50fbce50384f9def5a4f387ff2feff9766cf755397d7513a4899ab1bb470c","ssdeep":"3072:JyMQ+X9mOqggzDkOgvxoepuPWEBfS2Q3lXH:rQuAdDBgZuxc2QN","tlshash":"98a312b3d82196792d1a31e3ffd4a1f64341a4636b2cd8ec88d78721e57f34ea324195","first_seen":"2026-07-10T09:45:03.511746Z","last_seen":"2026-07-12T22:01:35.267146Z","times_seen":16,"resource_available":false,"data":null}},"time_used":254,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":182,"receive":72,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/play/vs15godsofwar?provider=pragmatic\u0026_rsc=1otn0","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.482Z","timestamp":1783882458482,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /play/vs15godsofwar?provider=pragmatic\u0026_rsc=1otn0 HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Fwa6a3JzYQTCAnXK4khgnWqOdiCbGpwFU58BkEhGH2%2Bd8B2l873DU3Os9%2FCKfN2HJEZCIIv3YGNFg5cuIawoZJU395mR4NK2c21RPpXYA2rJsqjjycy5XZlqv87dug%3D%3D\"}]}\r\ncf-ray: a1a2417589e7b51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":221,"size_decoded":1233,"mime_type":"text/x-component","magic":"ASCII text","md5":"23c01eb3c26338f91369fc8af176aa20","sha1":"9de0f3f7f24c3b5d2132d079c249fadc6d69a183","sha256":"8c0869cd0fd0ea595e988e46ac46c15890363303f3a70296c0f1dca9ca38794b","sha512":"b8388b5aa4211a82442b9cb18dcd9085cf1470abc20383c2df7089680d018d75068a8b22322096e190d3ff2f6347bdbd35e1ed9f5c504554513cd3d9954e7f38","ssdeep":"","tlshash":"a0d0a72646053af96c7a2884057dca9f761f515b61c856f250625a35936303219035f5","first_seen":"2026-07-12T17:38:11.91928Z","last_seen":"2026-07-12T22:01:35.249716Z","times_seen":8,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":42,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/play/vs20sugarrush?provider=pragmatic\u0026_rsc=1otn0","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.483Z","timestamp":1783882458483,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /play/vs20sugarrush?provider=pragmatic\u0026_rsc=1otn0 HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 18:54:26 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=siY82yrQJtxAFfuHw4PhbF6E9nm9rGcKdE5jVLC8Vdtnfghdr7CcCW8ArOWwPTfiLJ%2BsId17Lq2TdXOx%2FZjSNLph3ZIzEUmmwj3qtKNUNYz6fOX7Io5ORNWDdrSnZQ%3D%3D\"}]}\r\ncf-ray: a1a2417589e8b51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":221,"size_decoded":1231,"mime_type":"text/x-component","magic":"ASCII text","md5":"3265ea94b8edb331a659b21a81b3dc58","sha1":"059dc8e2cbb1f35c1173149aa46cefe41d434496","sha256":"d8f61083983fe755eb10faa200381b32507c14be526670b4ed95098efb1bc9ff","sha512":"8e74af12b0e99f74e926575dd456256ede8b5e09284bf3f19e3c662f54bb95acc3ceb714dd1802f5ed5601f6a1ac08ab1cf6514b4fca322b69e7beb0a363489a","ssdeep":"","tlshash":"63d0a72643093af56d7a2888457dc65fb91e515b61cc46f150934e35972703119036e5","first_seen":"2026-07-12T17:38:11.75351Z","last_seen":"2026-07-12T22:01:35.306431Z","times_seen":8,"resource_available":false,"data":null}},"time_used":7571,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7571,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/play/1164?provider=hacksaw\u0026_rsc=1otn0","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.531Z","timestamp":1783882458531,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /play/1164?provider=hacksaw\u0026_rsc=1otn0 HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QwxZPRT0tn%2BMo86nDxZtEhkL%2FkQ2fak6KXwYwbYnd6WKSGumHTPWbkjj2Z8qwz%2Fcfqwf6MlRZxxn5WN%2FEJZ4eOl%2BwKfIGOuIaqCXhQVbF%2FL9aN7H902OHHvOzdCSgA%3D%3D\"}]}\r\ncf-ray: a1a24175d9ecb51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":210,"size_decoded":1236,"mime_type":"text/x-component","magic":"ASCII text","md5":"98ae05ea98c842962bdab96741a49fda","sha1":"169d031f7e1948b0ababbc917473af5542ffe560","sha256":"34e651b58ba6694c48b3fd74a6e3d7472b646241cb668a078a9d2841496b4c4d","sha512":"009407db9f0ed842bf9eec889100a22d5bcabaa0ed8bd2058c3639f1c793ad111fe9bd9dfa5ed0eb6a46966c8db8377ba18d7926b8530cc7d26a8f737726b7ba","ssdeep":"","tlshash":"4fd0a72647053bf16c7a1884457dc65f751e100b61c806f180935a31536303155035e9","first_seen":"2026-07-12T17:38:11.922317Z","last_seen":"2026-07-12T22:01:35.285833Z","times_seen":8,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":38,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/crown-icon-512.png","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:16.114Z","timestamp":1783882456114,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /crown-icon-512.png HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/png\r\ndate: Sun, 12 Jul 2026 18:54:16 GMT\r\netag: W/\"3d605-19f1a0f2520\"\r\nlast-modified: Tue, 30 Jun 2026 19:43:48 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nserver: cloudflare\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YTP9d7DyqbeUErFrtBTQLDEP7ViQJCxjG%2FsM%2BZiupoqlTg%2B%2FR8MZr9Wvl%2FNByxwlfW2J0Yv1wHD0KIyvYGE0Of9z3I9j43UMRK3ISkJZh61%2BWI9v5XHM4f6He%2BCbBQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a24166b925b51e-OSL\r\ncontent-length: 251397\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":251397,"size_decoded":252412,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGB, non-interlaced","md5":"80d4744555e10615fd0705451496696b","sha1":"cdbb7f742437134f1a5d60165acf86ad5213db97","sha256":"6e73823fa9392ebc0bf9d73a2d4125b570b38729f8d9ea310afa814fd6256abd","sha512":"c9bfda11e02a25c4582ae239c6e168d59accaa434e697ce2aa6d510edf759e3a24f623e9219961edf63a7a4a1f0dca027a8f06f505a2a544c73b0d3607457b3c","ssdeep":"6144:NVPLp8eA7j5PdHoachilP1Odjbn36A3EHgbmODh5d/FJH4VAvLX:NJNEtPh8ldjbnKTcp15ddZ4VAvj","tlshash":"8534232db096f918cc4e7f515e3d4f4a95b773eec97db804619865ae8a3d29030c4b2c","first_seen":"2026-07-10T09:45:03.470767Z","last_seen":"2026-07-12T22:01:35.244679Z","times_seen":17,"resource_available":false,"data":null}},"time_used":246,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":199,"receive":47,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/gh/lipis/flag-icons@7.2.3/flags/4x3/nz.svg","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.17.208.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.287Z","timestamp":1783882458287,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 22 Apr 2026 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"65:D9:C4:7E:04:4C:FD:DD:60:E0:CC:18:B5:B7:01:68:B4:2D:C7:34","sha256":"50:6C:A4:F6:ED:74:C7:E9:68:DB:32:56:5A:68:4C:98:ED:01:28:36:F8:13:BA:CC:19:A7:FD:7A:0A:6E:E7:D4"}}},"request":{"raw":"GET /gh/lipis/flag-icons@7.2.3/flags/4x3/nz.svg HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 642\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 7.2.3\r\nx-jsd-version-type: version\r\netag: W/\"87c-kuVFN1aapGTztuQPN7yl3EBdFaM\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-eddf8230048-FRA, cache-ber1080058-BER\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=4,i\r\nage: 4834567\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aK1LSUgxLBrEzFEyHDomak0PRoFZJbdRiwsZjat6yCwqt7m7I5Si9qskbuToD9%2FJ60wTRnTq0Qzvsmpu1AuyIn7djzemlXhmDtMrPDxE2tc%2Bv%2BmAWS7V0BsQA%2FKPkhxf50k%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: a1a241744c89b50b-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2172,"size_decoded":1781,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"229d2fadba8d00df102927eae199d46f","sha1":"92e54537569aa464f3b6e40f37bca5dc405d15a3","sha256":"794a2c8c09796090ab748a74bc35aed825e701eaddc46b138f300401ac9a25cd","sha512":"30b43f270300cc3e8cd4aea0f4e234c24dd5028b71dc9cf33d199fbd6479b120c92db29a4c7741f26b156ac7a561460b46fc37664eb01a32d23f1b19ba9ea70b","ssdeep":"","tlshash":"8b41a080a5d6001dc9399300c7ccdecc9a1fe0db92432a97f6266dca67796d64c9a38a","first_seen":"2024-07-30T15:59:14Z","last_seen":"2026-07-12T22:01:35.303292Z","times_seen":199,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/slots/starlight-princess.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:22.583Z","timestamp":1783882462583,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/slots/starlight-princess.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:22 GMT\r\netag: W/\"17660-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7OcqgdpMnIvTympFvIpnvbspmszt0a6jCkAvGg9NgIX0d24X9cMtgqfkcgOakszmUu7VZBBUk5i2EWtDHdFz4BVaThoxNjygDEELNWZ%2F88Ac1%2FZRyUFFjTiRZCFYgQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2418f2b6bb51e-OSL\r\ncontent-length: 95840\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":95840,"size_decoded":96842,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"9824b494b8ade7c0157812b4aacaec2c","sha1":"d57539bf59f9115e0ed688bf2a0d6c52463e8fcf","sha256":"6c5adb95eeb1a45770a8d30d019378335141a52e1af4472b0cf4b4645ed93f6f","sha512":"e1942c4af37eb41984eb54b63afdf61f4264b023afcec48b8fca603883093002d21f90db0aaec5ef65ff0bc485fa5991eba74393b18181ea1c146c039c058d42","ssdeep":"1536:HGXhI6Tit+KvC2DM768fnbxPExl0l9lWlXY+nuCnt+8V+b5I7GKI6Izs:mS6Tu+KvXY7JfnbxsDa9liXY+nDt+8YS","tlshash":"769302da9eb729e7f6419b36062479c256fd49dd66239e3032c9e18ccf740f442ce892","first_seen":"2026-07-10T09:45:03.50984Z","last_seen":"2026-07-12T22:01:35.260154Z","times_seen":17,"resource_available":false,"data":null}},"time_used":110,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":73,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/avatars/avatar-09.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:31.604Z","timestamp":1783882471604,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/avatars/avatar-09.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:31 GMT\r\netag: W/\"3b6a-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mJ585F3iq2EKImwsp%2BB62kFMyecc0mSYfx9OrPQRnCKXJe3z0B759MLNyBxvuVDcKkIbtpdAilwquJxa1CNEHzywPJksPLfU3M8up0jWXRodO7wnfmrgNP6j1kNrKQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a241c78f10b51e-OSL\r\ncontent-length: 15210\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15210,"size_decoded":16209,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"2a78743d1476c3c31c278098d05aa442","sha1":"0171fe525153dd0fb03255535502ecf1262e0458","sha256":"c3e6f099611d8d3faf622bf7a6f48302be66da2d4a26e2463f8977462024ae11","sha512":"415db81487d3880d7725c004ae56deee7809dbcd6a946761bd15aafa00ddb2d24b21a2a48c93f3db855114b2d4a698115d3612473cbd7f13fbd95668d4e776c3","ssdeep":"384:NbMdd3BQ7u8wpujsdFXaNfo+PQ615yq1jQS0w:NbMdrQ7ubkwdFX0PQlqpQS0","tlshash":"f3628d09392245a4dfea2bbafaac160f88338c773c2105ff8d3491167503d91d7b9b24","first_seen":"2026-07-10T09:45:03.573888Z","last_seen":"2026-07-12T22:01:35.301749Z","times_seen":15,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":38,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/hero/hero-vip-v2.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.965Z","timestamp":1783882454965,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/hero/hero-vip-v2.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:15 GMT\r\netag: W/\"12118-19f1fac3ba8\"\r\nlast-modified: Wed, 01 Jul 2026 21:53:29 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0OjAXrfJ5KxvIbjAiAwvZ1jqLGArq9j0gO6czr%2B%2Buj7RZJqyD7C82tZUyRsozzdjd%2F7yYXlkn4safJAkFWs4c7bQ0%2BjBBg7YBO0oNIifwN587fLU817AMDt6ptHSZA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2415f889ab51e-OSL\r\ncontent-length: 74008\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":74008,"size_decoded":75011,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1080, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"b3619e2f0f7800d3951be34c267663f0","sha1":"b998fc7861c09dd7964f6ec1f5d49b793efea76b","sha256":"289834e4120de421eaac532dac21b56392c4a8c1fe499da2497b618be35d51b6","sha512":"2accadec8cd6e89ce82a2bef3cd057df9f742ff41561ad08d51aad21a3f532a2a6b380799fef0379dbf0b0748425a3317352943994626d95b83c3d04d79e7bf3","ssdeep":"1536:91HLNi5Iv2jucGwBgKvRVTSy4w5jlD/rLWIh36OLm2:91Hw5MaRLR5S1wjA2","tlshash":"257302ebba9b23cd5914bbbbd3004c06c72db345858d5aeb36a512c22a071fcaaf0515","first_seen":"2026-07-10T09:45:03.54267Z","last_seen":"2026-07-12T22:01:35.278992Z","times_seen":17,"resource_available":false,"data":null}},"time_used":195,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":146,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/slots/wolf-gold.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.980Z","timestamp":1783882454980,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/slots/wolf-gold.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:15 GMT\r\netag: W/\"e082-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=O83SuVSrx6MJMvguZmc1YVAmZs03Zk%2F2L4uFs7S%2Fd7lF6qy0yVgqLtTkpy7G3MHUPc9vu3CLauWjpd71Hs2QShLAEhvdODVMqj7yF7XOAmq8lEApgf1kVkgnwQ%2FNxg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2415fa8aab51e-OSL\r\ncontent-length: 57474\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":57474,"size_decoded":58474,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"6705cd397c489728422c0670b86b5901","sha1":"c4de9ddd398312a49b6851018b180cf61b0b7deb","sha256":"44d27f27efb951e48ffabb381be0b255de5b0555f7d257b4ab5b297bcff8d5a2","sha512":"3035ba279c99aec13340c48187b829d2ae8c47dbe888cf5eedf2c591db098d2b1538d7884adca587828e5878ec992b4e0471e5baf74d80779768462ea3cfe397","ssdeep":"1536:U37DpmX6h92fm+68Cf2g7OE3mWwpRAUiKeyUo6xTsL:UrDAX6HE8CE2WwSUiKe1Ji","tlshash":"0c4302c18280cf866909c979e8b441413463051aba97b5d6fe1afaa20bdf14b3cdf13f","first_seen":"2026-07-10T09:45:03.458684Z","last_seen":"2026-07-12T22:01:35.255734Z","times_seen":17,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":132,"receive":48,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/games/trytostart/1067.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.229Z","timestamp":1783882458229,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /games/trytostart/1067.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\netag: W/\"49757-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fN8N9Xgxv8dlczKXsNCxigf3NGOnFC5CNWGkRmq9k9sZNYqqbku0hqkqx6GJGGuXoAEiia334RVx1zLL4z3BkRfHGH7ZjeX9Kd0fZFrIdO2oV1D7YQFn1OrUENbfNg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a24173e9c8b51e-OSL\r\ncontent-length: 300887\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":300887,"size_decoded":301809,"mime_type":"image/webp","magic":"PNG image data, 360 x 472, 8-bit/color RGB, non-interlaced","md5":"31c37a2907e35d4375e0b638edf13841","sha1":"c6b60c2614f0065b9756d8e291e91b838b8becb6","sha256":"c838dc775ec2347f27cedfc6d53de677d89baf2c21b83080a151e87c9621b22e","sha512":"9b17bcdd06836e066649809af59c5ba06e9eab3611a79b35df184ae3a57eb28ac44fef212f8d95239ee8b31fcd28475dbedd7cd39ef7887033a402736ba90638","ssdeep":"6144:6+LrAwhkatFw4LIQEuihxRfQXp3RYRIzw:zL0wh9FPiZ8BRYIk","tlshash":"6e54232ae2211b4677c267b1e4a329aed1f65d046228e3fed661417fc1482ee31f73d4","first_seen":"2026-07-10T09:45:03.444324Z","last_seen":"2026-07-12T22:01:35.25531Z","times_seen":16,"resource_available":false,"data":null}},"time_used":217,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":118,"receive":99,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/slots/fire-strike.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.972Z","timestamp":1783882454972,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/slots/fire-strike.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:15 GMT\r\netag: W/\"108ae-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2F9VnbbLhfEgqlecHdRZ%2F13B6gKECKHRhtKRPrVPpEzwFZwpwmIalYMss4dWQ1eQQRuvheIGAo0dlouHROnQYJFbIus%2FUM3gOvTKGLhNjDeWaQHzRFLPXoa3oLwotag%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2415f98a1b51e-OSL\r\ncontent-length: 67758\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":67758,"size_decoded":68759,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"b60599e0bc3952067e16891a5fb97653","sha1":"71247bc7e769a0c953cd6458ad536436f11098e2","sha256":"0a3d85ce2dcd6d1aa8b9be3ac6db4ccae0e4f3f832c06b46062df86fd4ab060e","sha512":"34671a695c0cd4a154c97ed5c030c378917af33ca0a5a95b5d7f789dcfd353af6b8c77df1a90e0098e3602936360583a93d1faaee5e9ab8064c7c4c116dcdef2","ssdeep":"1536:yqon/EW4B8UjSTy80dQPYtJ4HpUbsUQtIJTP45lqLbalx51jTos:WcW4BTSTy8pwtQpUbXVJc4w51Ys","tlshash":"096302b330e35429038019f2ee67f84f62a2a5898057115e7907d587cf36c0f52ea9ef","first_seen":"2026-07-10T09:45:03.466313Z","last_seen":"2026-07-12T22:01:35.269607Z","times_seen":17,"resource_available":false,"data":null}},"time_used":183,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":134,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:15.303Z","timestamp":1783882455303,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Jun 2026 08:37:23 GMT","end":"Mon, 14 Sep 2026 08:37:22 GMT"},"fingerprint":{"sha1":"CD:5B:53:23:61:72:75:37:AD:E9:F1:74:B2:D2:EE:09:81:05:55:E1","sha256":"9F:07:21:2D:14:EB:C5:C0:D4:2B:42:E4:55:80:7A:BB:AF:47:A8:BC:0C:5E:05:F3:2A:2B:1F:2A:78:4D:FF:D7"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://gavewex.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Jul 2026 01:48:42 GMT\r\nexpires: Fri, 09 Jul 2027 01:48:42 GMT\r\ncache-control: public, max-age=31536000\r\nage: 320733\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":48532,"size_decoded":49345,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-07-13T11:17:56.345809Z","times_seen":233417,"resource_available":false,"data":null}},"time_used":123,"timings":{"blocked":-1,"dns":2,"connect":35,"send":0,"wait":27,"receive":58,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/avatars/avatar-12.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.285Z","timestamp":1783882458285,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/avatars/avatar-12.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\netag: W/\"12bc6-19f126f7068\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:01 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PA9H60C5OH59aCLilkqfWZhF87UlDD2CVhOia42knzmFiUXfWz3K5nX3KvLEytSmT3cxijruFXztQkEf00lozYLURfBk%2FxE6DJDHsoBDk3Azc34AaHjJGaSvEI%2ByFw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2417449d5b51e-OSL\r\ncontent-length: 76742\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":76742,"size_decoded":77741,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"c35c1f1f8d87f2422799f9d9af427033","sha1":"5093a2f29b0632465cea85b65bb78d294e740de7","sha256":"ddd3bae877e7d338d3b4f7be9a49fd75bc81b80cf2a01f3832c390dfda1c53df","sha512":"1a62544cda0cabf2f240441ae1df8b87ab97f99d1dda8c161afa0ea5cb105211cb8055d5a20e3a8a60144c4e4896cd2aca94881c1583b2f5ead543b225ff7040","ssdeep":"1536:KZCv5oKqfLXRczTUnZFdIqTXsqqDQE6giYWyS:1BoK6LXKfgdVT3/YWyS","tlshash":"4c73028e9af50172e91dfbdd7eebadb1e79a71c625d7d0aa38040a00b05061720dbd0f","first_seen":"2026-07-10T09:45:03.502567Z","last_seen":"2026-07-12T22:01:35.289066Z","times_seen":15,"resource_available":false,"data":null}},"time_used":172,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":125,"receive":47,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/slots/sweet-bonanza.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:40.685Z","timestamp":1783882480685,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/slots/sweet-bonanza.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:40 GMT\r\netag: W/\"11110-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=p%2FV2tZohwDLt6psPjbE7VU5s8gpVHZTte1P2Bblw4tParX2UcuGm4PBnbmxS81f4uDF5PelnjR2wc8xldHtI%2FIOd7jN0I0DyIly1m3rdYMrLVUhLwa8W3Gob%2FKqUnQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2420049d2b51e-OSL\r\ncontent-length: 69904\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":69904,"size_decoded":70908,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"721b6f52f6774f238e4849424522f47c","sha1":"d3080ed7ef65c3c03e2f93b18cc82756a8655b96","sha256":"d52f0c6f6681d1bfb2d399caefa084f38ce65e099e7bc22e61dc67dbf7ce5bdb","sha512":"510dedd7bf8c58f1b648f09f8c2b78f95dce5a0a765dde944e2d69d0b5511c63b1b5b107ed3d213e3682e73cd201f6f3ce575c0160d9a4a1a55f12aa107e24f0","ssdeep":"1536:BGgiPYdFt+tD7YcF6rZ9FiZ+gxAW7KHV1ynVCEB3M:BXikQD7OLIYgxt7KHV8VCE+","tlshash":"646302c07fa1ef0cd5f07bc362e76b64ecd21d95a22da1d629179f2356afa0214081ec","first_seen":"2026-07-10T09:45:03.510801Z","last_seen":"2026-07-12T22:01:35.261924Z","times_seen":17,"resource_available":false,"data":null}},"time_used":90,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":50,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/games/trytostart/1164.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.223Z","timestamp":1783882458223,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /games/trytostart/1164.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\netag: W/\"3b07d-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1dKY3ktXbCdNpWyR1R6RYIsd0JVnFtFpbIs%2F%2Bq0xu0XzxS7vTyT1LjuSUVjkNsHud7gA7vn7IOfgtyFDeXnPzMvWuEVSV%2FdZ%2FahBi71g3vWpjhwpVLHOb%2B%2F%2B9knwkw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a24173e9c3b51e-OSL\r\ncontent-length: 241789\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":241789,"size_decoded":242725,"mime_type":"image/webp","magic":"PNG image data, 360 x 472, 8-bit/color RGB, non-interlaced","md5":"a22bee73d837dc2f4a18b7ecc93e521b","sha1":"9a9aa32d2ac85065925026752b2809670a73c586","sha256":"732b9916293e927de8a418624133957e9a2607fb891ecab95de2ba842aaa2641","sha512":"777e29c39d285ea5ede5543a3f4b5611729dcc61c0e0eaeb0fde66c5d4f9a8d3a227127a96e384d1071ba936aeecf7c4865363db6dedec3016b2e7b5c72140d3","ssdeep":"6144:T8vn7tHyt5P7xVpBeZ7RLlTeeZmI+qYuozxO24EfjO/1XNJc:TinRymZtLlTbZmJ0ozxO9EfqTC","tlshash":"da3422cad1c441b76c6a50882307b3d29fa064f7b97654eca4bee73c732e25ba523117","first_seen":"2026-07-10T09:45:03.5234Z","last_seen":"2026-07-12T22:01:35.323364Z","times_seen":16,"resource_available":false,"data":null}},"time_used":138,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":101,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/_next/static/chunks/5708-926a5cbb3579d1f7.js","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.946Z","timestamp":1783882454946,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /_next/static/chunks/5708-926a5cbb3579d1f7.js HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 18:54:15 GMT\r\netag: W/\"6924-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Y8yYo9SowAEkM0ddMJJi7jMfG582ftYuGo0gvAXDDeQI7SxBEewiWON0t3T9vtivCJ9O2t64v6Hk3NlOEMZYrncJ6uNZvGVUddkyIMSISOb1kktybg1y1DrvMDlEDA%3D%3D\"}]}\r\ncf-ray: a1a2415f688eb51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26916,"size_decoded":7028,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (26916), with no line terminators","md5":"b58d901009e5dd078ec84a30e48e151d","sha1":"f871fd5e9a02a283c8e31a9be700e4ae15715e17","sha256":"0faa839769526c3620c7c8f7bc9b4b78004ef9980c103cd365079fbbedff3ab4","sha512":"b31d347b922a69e047655ced69bf8b14f63967d19b9b2df4b68726f51b5462170295305ad351d502bc84613fa23d89898c53400e8ce7adfa908d20f7c8ccf899","ssdeep":"384:u4daU8llCsp4PSOIX+lhs1UW5KRJ2YE7d2BzS+k0JQu2U67PMvia+MT/BuM+Mn4U:u4davGFu+j22","tlshash":"f1c27019aa4ba4bb87f116ef697d0b8401af075ff548ce17e529cf183347a252c91e2c","first_seen":"2026-07-10T09:45:03.479914Z","last_seen":"2026-07-12T22:01:35.306961Z","times_seen":17,"resource_available":true,"data":null}},"time_used":135,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":135,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/hero/hero-prizes-v2.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.966Z","timestamp":1783882454966,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/hero/hero-prizes-v2.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:15 GMT\r\netag: W/\"155a0-19f1fac3ba8\"\r\nlast-modified: Wed, 01 Jul 2026 21:53:29 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1I4wcgP%2B426uLfEjVvowlbcwrXrRxPVoTGThazaMzDux1Rsn1OaDUVmYwrz9bhvJ1SCljNW4QT9YBXp1JC6LhmtBgg33MuPhsIgD1Jy6jzXJyIO39Wsb6xAe8rIp%2BA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2415f889bb51e-OSL\r\ncontent-length: 87456\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":87456,"size_decoded":88455,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1080, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"1e7ed6564b4d9f84e96781b9f7f3d7d8","sha1":"1c1b5e8bfbd1b7909859580dfee74bb9861ebcc1","sha256":"339e7f1e59b63184d606ae519a9ea274592c7b4b34020e875c699314d0cbf9e8","sha512":"cd39a863674a89ab3f65991de5f0120671fd82ce40a75c40506d65c05a7d30d934e44423afdd6c8ed8298ac1584a931bf56b937e9e278f34802971bad23a072d","ssdeep":"1536:1lclA3b1Jy6Q84I1VZzbTRDN8hc0nvFITLbleMrKHMGR7Q1q:HclA5JdQ9ItfhuVvGTLblbG1Rp","tlshash":"9c83021e431f503eee71f1e4b3b461f7c11ae1a822d8b4f6f45a48411b196ab4abf948","first_seen":"2026-07-10T09:45:03.577676Z","last_seen":"2026-07-12T22:01:35.30124Z","times_seen":17,"resource_available":false,"data":null}},"time_used":197,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":150,"receive":47,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/dmsans/v17/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K6z8GXhnU0.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:15.566Z","timestamp":1783882455566,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Jun 2026 08:37:23 GMT","end":"Mon, 14 Sep 2026 08:37:22 GMT"},"fingerprint":{"sha1":"CD:5B:53:23:61:72:75:37:AD:E9:F1:74:B2:D2:EE:09:81:05:55:E1","sha256":"9F:07:21:2D:14:EB:C5:C0:D4:2B:42:E4:55:80:7A:BB:AF:47:A8:BC:0C:5E:05:F3:2A:2B:1F:2A:78:4D:FF:D7"}}},"request":{"raw":"GET /s/dmsans/v17/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K6z8GXhnU0.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://gavewex.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 36932\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Jul 2026 04:44:35 GMT\r\nexpires: Fri, 09 Jul 2027 04:44:35 GMT\r\ncache-control: public, max-age=31536000\r\nage: 310180\r\nlast-modified: Wed, 10 Sep 2025 16:31:03 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":36932,"size_decoded":37745,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 36932, version 1.0","md5":"7c87a648293fbb5b2924aafaa59e8aea","sha1":"c57593e0adc4cf99dd9e67cb782242220a061a9d","sha256":"9fea608a947e67020c33cad9a6fe3d60c54119dfb8cff87768a8117a15ed7543","sha512":"764ced325a768dca84e1fb0cc458818239ce379dbcbdb324ee8849bbe15f54e3f0254ae6e52ee5a92741840637b4f9885d246a0978af23176b3acfe5b9cec23f","ssdeep":"768:mMQPOAQQKW6GccoXQ+OGpHNzXgtDM0SVu7P3nqtPl9Bf2csDpHUjbYE8j2:mMQz4W5og+tpH6tDJku73EPlPOcs5U/l","tlshash":"c0f2f23e7ea5691487c2b0be506b00935344c9bd37c18121bbb953f44ea67addc5d63c","first_seen":"2025-09-11T17:08:25.889763Z","last_seen":"2026-07-13T10:54:12.396632Z","times_seen":29702,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/api/news?locale=en","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.017Z","timestamp":1783882458017,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /api/news?locale=en HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: no-store, no-cache, must-revalidate, private\r\ncontent-encoding: gzip\r\ncontent-type: application/json\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\npragma: no-cache\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Q34kNqw5q7O%2BlEwaKgOjCYAnyi3xdduFTGJ26fEvSYm49G8pcNMNtojbY%2FDmHTo6GDiKe14o5frcoU%2BZfmZB3t8KPSLFKIKOsV4DR4Va3ACsLKTl5x4W3NEprbrm5Q%3D%3D\"}]}\r\ncf-ray: a1a2417299a5b51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9990,"size_decoded":4338,"mime_type":"application/json","magic":"JSON text data","md5":"dbbd633ba2174e0e5c4477000592a2a5","sha1":"94b55540610452e55172b8f694c8d211023567ed","sha256":"5d4f2f6a920a9a3299da5cec7a65b490359b2539503092c8ed47c3c4769cbf80","sha512":"ab2e84fe7076c5805df542982b8462a15921a3255c75049ceed709f936eead2b6a519ed68e3c0f178137db7cedea4e5f0a71388d48bf49665a62ffd64e9369f1","ssdeep":"192:izTK2z9OmGLTNM+ny0xXAbu0JDL45yNsLzsfrEyl:z2zoz5dPxQDL45yNsnsjHl","tlshash":"0122b86d037918a4e73d0290980436af9a4db7f2e1fc7d5d2f89cb5d688989cc7085bd","first_seen":"2026-07-10T09:45:03.538242Z","last_seen":"2026-07-12T22:01:35.321706Z","times_seen":16,"resource_available":false,"data":null}},"time_used":91,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":91,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/sport?_rsc=1otn0","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.144Z","timestamp":1783882458144,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /sport?_rsc=1otn0 HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Q45duUkNBIXTXhFO3%2F%2BKIt%2Fo4PPFT4vqsAJ58RqFkOOe6X7E%2FPhOhSmoUz%2BIzUYnzlBBAyPi1Fz7vCa9%2FjtJxvd5TN%2FJdzvCW1ZixD93yqf5RLayJV%2BXbz4Y%2FTZCuA%3D%3D\"}]}\r\ncf-ray: a1a2417369b9b51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":150,"size_decoded":1207,"mime_type":"text/x-component","magic":"ASCII text","md5":"58dfd66d86ef41e0dbe017c5b7e355aa","sha1":"36d41337111ebea1844b4ce57f53a44899d98d93","sha256":"96bc05c57ac0edf0e2a5fedcaae23bc9f76f68e272b587454b2eaa39c54bc23a","sha512":"dc7904a78b124aa12553520a5e26687b56576e45ee054b476d0e7892df4b30f468e490f0eb9e0ecd30e7f471006435b5f2fdb6724fe4b3fd21d88a4adbe4401f","ssdeep":"","tlshash":"b7c08c2142483ef56cba2888156ec60f760e410b22c658f4a0d24b14a73723006035e8","first_seen":"2026-07-12T17:38:11.924846Z","last_seen":"2026-07-12T22:01:35.248934Z","times_seen":8,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/avatars/avatar-09.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.111Z","timestamp":1783882458111,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/avatars/avatar-09.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\netag: W/\"3b6a-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zmMqpRbQZbNMYYIawvkgv2eA7hX1IqdvY002IVA7aFyVy9LOuoXGQuL8zlbfRQqannMHeYCqfBkqedzViMXjFSATXlxFeXtnR4Rouqib8mzgAb5H4SXvSE3uZqOfYQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2417339aeb51e-OSL\r\ncontent-length: 15210\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15210,"size_decoded":16204,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"2a78743d1476c3c31c278098d05aa442","sha1":"0171fe525153dd0fb03255535502ecf1262e0458","sha256":"c3e6f099611d8d3faf622bf7a6f48302be66da2d4a26e2463f8977462024ae11","sha512":"415db81487d3880d7725c004ae56deee7809dbcd6a946761bd15aafa00ddb2d24b21a2a48c93f3db855114b2d4a698115d3612473cbd7f13fbd95668d4e776c3","ssdeep":"384:NbMdd3BQ7u8wpujsdFXaNfo+PQ615yq1jQS0w:NbMdrQ7ubkwdFX0PQlqpQS0","tlshash":"f3628d09392245a4dfea2bbafaac160f88338c773c2105ff8d3491167503d91d7b9b24","first_seen":"2026-07-10T09:45:03.573888Z","last_seen":"2026-07-12T22:01:35.301749Z","times_seen":15,"resource_available":false,"data":null}},"time_used":139,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":120,"receive":19,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/avatars/avatar-03.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.297Z","timestamp":1783882458297,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/avatars/avatar-03.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\netag: W/\"b4a2-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tP3%2F%2FP9dOQsvsBPDkhIizRmkg2GBmlGlSBqYzttBhlu2ZyLm0H3ug6tZk748N3KWBPRioEEGARFy1x1xKV9q3aWkD729Aks39AYNyC9eDPbxg7cSxbmFc8idVDis%2BA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2417459d9b51e-OSL\r\ncontent-length: 46242\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":46242,"size_decoded":47245,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"4fa74b80fc23a23ba9722e49be63a1e2","sha1":"1528f3b571fa660a31c45512b9e03553e98196c8","sha256":"b1bd6d8981b4f1567ab01976abfa8ced2a98cbaa78c8797b705353358a037545","sha512":"e1dc691b8ce5b9a5967c0a68b07789240f8780229c66086a289d3111a3e5bd532d6a8e98f012a0eeda7b18766b9945d49e1983fc9c5dbbbf79ec0d165d2b092c","ssdeep":"768:w1QjAVPlh5VliciOsObs+1nZSlK7NVOv/FtdM0tPKiHHvKo6IkECeVW0D4bq:wh39imbfbOvvC0NvKo6mbxDy","tlshash":"5b23029f7b51abcb0970a3b1545f8bda7e58f43941e27337eba10d908fa025d0825c6e","first_seen":"2026-07-10T09:45:03.501591Z","last_seen":"2026-07-12T22:01:35.284527Z","times_seen":16,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/play/1309?provider=hacksaw\u0026_rsc=1otn0","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.525Z","timestamp":1783882458525,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /play/1309?provider=hacksaw\u0026_rsc=1otn0 HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 18:54:26 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=X0l%2FeTSq3VSlgxqb3ED4useljAWS%2BlSt2drjt3UGhNwmYCI%2BCc2Ug1e2Fe11GJclqKq4JpZYIYjO72JPba6vMjp72vkjTDub2WV4PmU1qejRnKdZlBL0IUCaqnlSag%3D%3D\"}]}\r\ncf-ray: a1a24175c9eab51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":210,"size_decoded":1230,"mime_type":"text/x-component","magic":"ASCII text","md5":"61f86c62e5d4185f2cb14f4f1d7b8b6a","sha1":"0f7974d6e4c05b361224dc4e4396496458456f0c","sha256":"3c998ee62c0a9023e983cb7e7a4e0243fb99129f71add0a7c28b0ee95748b635","sha512":"2da772c21bad59375b7bdb73865a739b3abe7aff1adbcf613df43178bbfb5697ad6e28c22405b12a77f255fe7fff22a6cbef2defb24d8fdbbf86c8138948e789","ssdeep":"","tlshash":"f9d0a72647053af16c7a1884467dc64f791e100b61c80af190d35a31536302115036e5","first_seen":"2026-07-12T17:38:11.691866Z","last_seen":"2026-07-12T22:01:35.268591Z","times_seen":8,"resource_available":false,"data":null}},"time_used":7528,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7528,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/avatars/avatar-07.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:40.687Z","timestamp":1783882480687,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/avatars/avatar-07.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:40 GMT\r\netag: W/\"450a-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4iufMRSZ0ZrlJOomwi81kfHKV9HWXd%2Bx2SQ0XYvvAou4sdnCC7zsy4U4%2BeGzzsY7mNQOhrJUqEJpqQZEaXkEn24tFKhc00iYZUNl8K8BInGbqyAENMlPkJe1%2FIlVBw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2420049d3b51e-OSL\r\ncontent-length: 17674\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17674,"size_decoded":18677,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"2f04ece7f55be80ca5c7c5a84b68a4d9","sha1":"19c15be6f6ccba61003ca2bee22fda50982d6453","sha256":"e892676bd399ec5732a3a5232893070177cf3f4a252990f59d2d9ce96e2424e6","sha512":"6c749d39b3e718788b42c0067b1488e0e989bbbc1c6b8bf75de9811acf26cfcdf47bbae2a6fbfdf5c8e0377747b62025fe28a59a3e246892eb1330c90272d619","ssdeep":"384:WLsoy8QxUzRTQBlEXypgyXGS2HxN/XhA/YDmNAB+:WL5yNxUAKyptcxN/09","tlshash":"3d82c0b1e3cf6b19e5b19e3c9c94b24248ba8949661d023da4ed1f090f84f475647772","first_seen":"2026-07-10T09:45:03.493916Z","last_seen":"2026-07-12T22:01:35.299506Z","times_seen":11,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":38,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/api/fx/rates","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:17.938Z","timestamp":1783882457938,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /api/fx/rates HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: no-store, no-cache, must-revalidate, private\r\ncontent-encoding: gzip\r\ncontent-type: application/json\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\npragma: no-cache\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qtCl%2FU%2FbboCbSM32PkUwOApe2s2YFpItOEyaql4356sOWtOKSAZZaAVrpVxp0Kpsg0WA1o4U%2BZogyT1jiZ%2Be85wBh2FystlBMpjf2xPncnjlQLGI1RK%2BgGQMdJwWhw%3D%3D\"}]}\r\ncf-ray: a1a24172199cb51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2515,"size_decoded":2476,"mime_type":"application/json","magic":"JSON text data","md5":"50841b8752636bf55e4a635cbe386b8c","sha1":"c049de7771cb7783675df2abda86000bf7f41547","sha256":"02e8828276ff632935cd781e21ba2b8eb04c807d1671ffada1b2289d5d8c13fb","sha512":"60b0e092e5a21b7714d5cf0808a6a021d64915e178ac4c839e6b9ccd09ba7c9e2d423b6eb2109f18685eff8276781d2fe55e39d39c7363b879d3df96ef4ef2fb","ssdeep":"","tlshash":"9f51b386eeeb19ef0366c8842e64569a3d6631c9f142dff3d400f780288367375a745a","first_seen":"2026-07-12T17:38:11.867592Z","last_seen":"2026-07-12T21:19:31.916683Z","times_seen":7,"resource_available":false,"data":null}},"time_used":138,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":138,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/_next/static/chunks/8347-2cdd515f34b89f12.js","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.938Z","timestamp":1783882454938,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /_next/static/chunks/8347-2cdd515f34b89f12.js HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 18:54:15 GMT\r\netag: W/\"20f6-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=V51Bcdi%2B36xprumJ9LPAny%2BL8eWzfDkqsxe5Mjf%2FHNBXMnkhPnJ9CvFbdY6KUCAnWWjPF2M%2BV2Cme5m0SNX0USFVEn3Z%2BGP8KG8B2h67uMj6iC4BhxjkCTQdG75yiA%3D%3D\"}]}\r\ncf-ray: a1a2415f5886b51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8438,"size_decoded":4196,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (8438), with no line terminators","md5":"49950202b034f7c0521d2f2129c83c84","sha1":"b39a0b9a93e867cf8675f483507f08d29d1375f9","sha256":"b35f82e8ce5a7a8b3b1083a9731c3d7351973f866106ebffd0c69b90405e5db6","sha512":"e40aac677169b6d180e3fe9b824cb491c49e9c1298c17f6a222b00343907f3ae29daa5d7b2a5c9af388e54bfcd0f92611283a303bb310752b5721c51c943be04","ssdeep":"192:njk3KSwJQV71am/oOJZBOcIkQmAYxDvLZNIw:jk3z1D/9JZQkQmAYdvLZNV","tlshash":"8f02daf5b762383149ebc2d6b5722942f318078e6628d81051f50d2e7358e0eea52fd8","first_seen":"2026-03-03T22:08:14.650035Z","last_seen":"2026-07-12T22:01:35.278324Z","times_seen":27,"resource_available":true,"data":null}},"time_used":128,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":128,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/slots/fruit-party.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.986Z","timestamp":1783882454986,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/slots/fruit-party.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:15 GMT\r\netag: W/\"13b8c-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eBlrWbWFSRvOuAEcQe9aORWITZDuuZMeOoS0tjeUsPGGxaE0VvgZmTEVFktsvplXy%2FNstdJJO2W%2BPY%2F%2B36TvZRvtvhIfty%2FwIAUu%2BXW%2FEwSnLFuiopahq2vDiQvE8g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2415fa8acb51e-OSL\r\ncontent-length: 80780\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":80780,"size_decoded":81789,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"76124d66fd092f1fb46a2fd2d5baea5b","sha1":"a018a643b11d58fae6dd05ab45649a1b1ed87654","sha256":"898d2a436e53af8b4b276cdbe618f1bb8180726af0f59360789b2b2a9d8f9604","sha512":"6d50bd5aec5f9831e6f2c6a83f347530b1849abbccbd6120f11c32ca00b916cfffe9d30fbaed1538f3fa94372ca75ce6c3cd992fdf2bdc76bd353fdc9263a59e","ssdeep":"1536:FQsFiQFgi0PoyiGjaRt8HPYQ+3elQO0+Cyf+klBCsRR+PWVpWwhxP5EqUncxT2:FQkPT4iGjaRt8HPYGlQb+aSR+PWVpbVw","tlshash":"198312289c92e5274b45d345c37e570ae89f0de77d032ad6e40f97d2cac1639f82ac68","first_seen":"2026-07-10T09:45:03.482021Z","last_seen":"2026-07-12T22:01:35.320765Z","times_seen":17,"resource_available":false,"data":null}},"time_used":190,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":141,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/images/payments/mastercard.svg","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.990Z","timestamp":1783882454990,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /images/payments/mastercard.svg HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-encoding: gzip\r\ncontent-type: image/svg+xml\r\ndate: Sun, 12 Jul 2026 18:54:20 GMT\r\netag: W/\"204-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iidsTtLVUsLySplq%2FnbMo6CIvPhVV554eA5cpoUdvZaIczIYN4EwdXab8DQE2wT3I%2BtGbd4BEkzWV%2BYlPSO565Un0w63AV90bCIum3NsEGV9avmi9OuWuhqrCf%2BVRw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2415fb8b0b51e-OSL\r\ncontent-length: 278\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":516,"size_decoded":1253,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"5b10a5a92e4c713db4c2296ef3383274","sha1":"d4e8b3ffdd780a0e0ddd7b910410e94de00fabad","sha256":"228689600d87172162ceaaa0befff30ed32810abbfec1120b3a09613e37c4c9f","sha512":"567cd2a0882e6b1f9808a4a413db172f7f1b96bd82653abba4d578de6c03fa278d3f16ba0fb9cff5c0d93f7f669a371d80614253f01d002a1cef1e12524eaf9b","ssdeep":"","tlshash":"28f027a0e08790344819465c6f6410212e0fe2c8e344853eda52f5f53a686efe07b9ec","first_seen":"2025-06-26T00:57:44.560445Z","last_seen":"2026-07-12T22:01:35.27063Z","times_seen":22,"resource_available":false,"data":null}},"time_used":5532,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5532,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/images/cga-badge.png","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.991Z","timestamp":1783882454991,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /images/cga-badge.png HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/png\r\ndate: Sun, 12 Jul 2026 18:54:16 GMT\r\netag: W/\"407d-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uVJk4NtHX82zm%2FRsbJvwERmA3xMT%2F9314vvpC1oKGEKwKm732viOFxSzN%2FK7f00zPN1vb94Z0tzhrqKLUFCXF9Q%2FAxbxO6lky67EcRwE7WgzVUtEItMmvzmeOltXRw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2415fb8b1b51e-OSL\r\ncontent-length: 16509\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16509,"size_decoded":17436,"mime_type":"image/png","magic":"PNG image data, 625 x 388, 8-bit/color RGBA, non-interlaced","md5":"af14168ff77d6f9b2b12bd8654d4ad86","sha1":"fcf4136dd6768b58f4b741581aab701c5bb4adbb","sha256":"90e8c0ae68316e5fca1da08d89a98338c37826f820c77ca856940636778f1de5","sha512":"28514fde7aac1c74c0f011aabad1044cf20887f80cde86e246168221c19081aadad105d28622fc7a1686c60cf100a5079b7b61765df574ecf2156f99df9fab4f","ssdeep":"384:B99999999bFek/E6fhVC9FmgjhUZskdtMwAf999998Jy1L2+pkqQyynJSh:nek/EUhIjhydtMw56BynJSh","tlshash":"fc72cf39b745a91fa1a93dc26911c7f2b63c51c1d028535b1ef3cc8c26e94cf6c22ea6","first_seen":"2026-03-09T20:13:42.379668Z","last_seen":"2026-07-12T22:01:35.305622Z","times_seen":27,"resource_available":false,"data":null}},"time_used":1877,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1624,"receive":253,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/api/site-config","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:17.942Z","timestamp":1783882457942,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /api/site-config HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: no-store, no-cache, must-revalidate, private\r\ncontent-encoding: gzip\r\ncontent-type: application/json\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\npragma: no-cache\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=d2aVF7jejSeNIIcPtK%2BWloEgWF3X1nY5vYa99QAQVL9CEM9%2BJKR7tdOfbCnQaXB%2Fb0pMkJpPaIdlTV1XfgLuf2Y%2BbpDmiO5zlhKgftWKXeI2HUERWNS6UcZ6Q8QHow%3D%3D\"}]}\r\ncf-ray: a1a2417229a0b51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":684,"size_decoded":1516,"mime_type":"application/json","magic":"JSON text data","md5":"32eda1da258dac02accdd3fa6a89def7","sha1":"b55286482003b095a535d51fc307dd257e171dba","sha256":"f7cfdd2e80062fade8249cf05d76c82f771fa7b62d71eb23e4ae59f0abd34d8a","sha512":"5039dc7383aa0c86ba9127937663f0932398da91d07bb914305c1cf3daa8862c78e09826320f290a7425df3d8e72f8e2bf7528ff1f5635bb3ba4beb819766254","ssdeep":"","tlshash":"c9012357436f2e2737e674c03d9f7c9814c829f46a80e8354d0d6954069a3009cf43ce","first_seen":"2026-07-12T18:55:07.433554Z","last_seen":"2026-07-12T18:55:07.433554Z","times_seen":1,"resource_available":false,"data":null}},"time_used":171,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":171,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/games/trytostart/vs20fparty2.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.234Z","timestamp":1783882458234,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /games/trytostart/vs20fparty2.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\netag: W/\"31246-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=49ot2vosc0b%2Bkca4GibnMHiD1QVDaUHkN2i0L72gWu96fApsAkLnbVAqbtYSjiA3GmO0ZnYhnIp66hEnoKXGUPtLGCYc5TKlnI34bX1fXzn2Oc%2FEtrSdCwILmR9H1Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a24173f9ccb51e-OSL\r\ncontent-length: 201286\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":201286,"size_decoded":202212,"mime_type":"image/webp","magic":"PNG image data, 360 x 472, 8-bit/color RGB, non-interlaced","md5":"4dbe1ad237ab45ef9472ddc3b8454d2d","sha1":"b393424472562ce7bcc2d214bede0c8b2653d069","sha256":"a4eeaad89a11e9c5fa29f6ae9e6e69cd75db74d4ebbdf8c00683942ba281188d","sha512":"d81ed3d39e11d3ca21a8b80fddccf9fa8a9d7fa810db7517f51432391ac3e0dfaea290a84c7dcef26f074d994525fd6f9ca0ca70efe7a0fdb025c3e20b400281","ssdeep":"6144:m+OD05Br44TS/a0f/9Wxf5wmlEquieLgj:PD5x44TS/ai/9Of5pEqPj","tlshash":"13142386764c20543fefde8c645a556a6aaa22b0ef825cfa01f3dcff804d105da16f52","first_seen":"2026-07-10T09:45:03.515685Z","last_seen":"2026-07-12T22:01:35.265291Z","times_seen":16,"resource_available":false,"data":null}},"time_used":215,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":120,"receive":95,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/crown-icon-512.png","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:19.444Z","timestamp":1783882459444,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /crown-icon-512.png HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/png\r\ndate: Sun, 12 Jul 2026 18:54:19 GMT\r\netag: W/\"3d605-19f1a0f2520\"\r\nlast-modified: Tue, 30 Jun 2026 19:43:48 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nserver: cloudflare\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Q73lL3blRuXkfXHOuzx8VRr84ReLeN0%2B8ZPFYRBDdl6%2BV6jUAHoKR91j3BxPrA%2BPrSYset0V2HVnSgtbC5EMHeixPyWaQb8nK0cTEXgN2i19k%2FFKwtDS3uDrYdV3%2Bg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2417b8a43b51e-OSL\r\ncontent-length: 251397\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":251397,"size_decoded":252408,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGB, non-interlaced","md5":"80d4744555e10615fd0705451496696b","sha1":"cdbb7f742437134f1a5d60165acf86ad5213db97","sha256":"6e73823fa9392ebc0bf9d73a2d4125b570b38729f8d9ea310afa814fd6256abd","sha512":"c9bfda11e02a25c4582ae239c6e168d59accaa434e697ce2aa6d510edf759e3a24f623e9219961edf63a7a4a1f0dca027a8f06f505a2a544c73b0d3607457b3c","ssdeep":"6144:NVPLp8eA7j5PdHoachilP1Odjbn36A3EHgbmODh5d/FJH4VAvLX:NJNEtPh8ldjbnKTcp15ddZ4VAvj","tlshash":"8534232db096f918cc4e7f515e3d4f4a95b773eec97db804619865ae8a3d29030c4b2c","first_seen":"2026-07-10T09:45:03.470767Z","last_seen":"2026-07-12T22:01:35.244679Z","times_seen":17,"resource_available":false,"data":null}},"time_used":136,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":97,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/_next/static/chunks/app/(main)/page-1242cbe80559576f.js","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.945Z","timestamp":1783882454945,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /_next/static/chunks/app/(main)/page-1242cbe80559576f.js HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 18:54:15 GMT\r\netag: W/\"111bc-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XD2joR3bdfb299B16ztlWufQKMGAoyhG8nFYV7VpfqH0CNYlFmG0%2B3XLWN7xYJWuTI7rtRZuVdCn7TWsohGW9S6tjWVguljqvK%2BaApp85NI%2BpoeuR8Dahlr7eoN%2BfA%3D%3D\"}]}\r\ncf-ray: a1a2415f688db51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":70076,"size_decoded":21624,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (64865), with no line terminators","md5":"2ee880e294b488be8baf2ca00c36378c","sha1":"8097afdbc5ddf81116d40b3ee666e00de6c6f3e0","sha256":"ef032dd04b290288f2ae2edc7770a8d5b9326fcef21f5bc58b25227269543da0","sha512":"3eb17709c4aec980db281cba79a3b2a34ab80a6faa5937533e6b892184a66f54ccabf143dbee2d30eb530a94f2627e766a7452702e844f442e436f1d413dcf8c","ssdeep":"1536:7cJf0hkZ9geTeIY6rGa5cd1Q8g993275WBWVQ4u:7y3ej6Ka58g993UZQ","tlshash":"8863193a975a7918f837ca8c769f410cb16e4528a34e0db4a7bbac3113854f4b667fd0","first_seen":"2026-07-10T09:45:03.50869Z","last_seen":"2026-07-12T22:01:35.305089Z","times_seen":17,"resource_available":true,"data":null}},"time_used":163,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":138,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/promotions?_rsc=1otn0","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.149Z","timestamp":1783882458149,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /promotions?_rsc=1otn0 HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=js%2ByyGD%2BFDDOFDGnOJLkMfgC9TeybEtxuEeDGKw5K6kR5wjdbghUPVByp1W9konujTyflhEsTXHqImDKajK2Ff0W4BtYrRklNYOuj%2FQPapB0l19HL2wv%2FIpQKzVxCw%3D%3D\"}]}\r\ncf-ray: a1a2417369bab51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5070,"size_decoded":2641,"mime_type":"text/x-component","magic":"Unicode text, UTF-8 text, with very long lines (2646)","md5":"e1f40c2a41070f6115d749be2197c86c","sha1":"230e02329f243a6abdc7b15427e29e886a520594","sha256":"1b32e39f55d3b2d88f129c777dfa4537785bffa477f7d8c2eab40713406e4500","sha512":"5b4d7346bc7267577842b78a9c3de9a30f6742dab3662a1e937a04fe78867d72a3a89502fda389da09616a2445bcd95260fd84230fb48b7b2bfb521f2f1211ab","ssdeep":"96:W4SB6Z5ODVIAvZpeOdETyptVBnvX949KhsG60ZiTlt79QfM5LY7qg7H70DQ8T:WpWODVIAvZcOdETyntgtOs79QfM589Dk","tlshash":"f4a1f33fab015e7fe7eb8141449f6249375c4b3bab50c9b6c0ed5e18028b66d3e953a0","first_seen":"2026-07-12T18:55:07.436404Z","last_seen":"2026-07-12T18:55:07.436404Z","times_seen":1,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/gh/lipis/flag-icons@7.2.3/flags/4x3/br.svg","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.17.208.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.294Z","timestamp":1783882458294,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 22 Apr 2026 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"65:D9:C4:7E:04:4C:FD:DD:60:E0:CC:18:B5:B7:01:68:B4:2D:C7:34","sha256":"50:6C:A4:F6:ED:74:C7:E9:68:DB:32:56:5A:68:4C:98:ED:01:28:36:F8:13:BA:CC:19:A7:FD:7A:0A:6E:E7:D4"}}},"request":{"raw":"GET /gh/lipis/flag-icons@7.2.3/flags/4x3/br.svg HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 2769\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 7.2.3\r\nx-jsd-version-type: version\r\netag: W/\"1fa0-F5abWsDNckUsWGPTTgDw9d7Bxs8\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-eddf8230038-FRA\r\nx-cache: HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=5,i\r\nage: 2137671\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gVAo2c%2FMUXIvm3LLAv1EpF8lvEvas0rsexeIaU3KTQRFDvfQE%2BKChqooldsc2DPoiWGeEDDT3x%2FiRfJWEobdBqglJTSgX9B4N76gGW4EZbvmW8R8whTjhmjSNV0gQi42zQI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: a1a241745c97b50b-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8096,"size_decoded":3881,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d5fc3717384cd954040873edb3061a68","sha1":"17969b5ac0cd72452c5863d34e00f0f5dec1c6cf","sha256":"45531de3e2b3e8a7f6db53f8021ba18482176600bd5cf66e547b3e7fc8aa99ea","sha512":"8d13cd413061736f506d580b37924aa472c3cc472df3961cf5777e73b670db829359980ebf3f4f1090f2ab023a793a40790916e78649a348dfa8913dd236c92a","ssdeep":"96:0GRMoBsOat6xhf5W2JGRU7edrp39bgWT00zmkJ14JVK8jWLJ3pkREYa:9RMoyOait5W2JGZXn9efTOpeEV","tlshash":"1ef189bc466cc2ec9ea696bc9f3ac0e0920de1eeb1e5c351a76cc17026935c9e14f456","first_seen":"2024-07-04T03:51:54Z","last_seen":"2026-07-12T22:01:35.254723Z","times_seen":120,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/api/auth/session","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:17.943Z","timestamp":1783882457943,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /api/auth/session HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nContent-Type: application/json\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: no-store, no-cache, must-revalidate, private\r\ncontent-type: application/json\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\nexpires: 0\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\npragma: no-cache\r\nreferrer-policy: strict-origin-when-cross-origin\r\nset-cookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; Path=/; HttpOnly; Secure; SameSite=Lax\nauthjs.callback-url=https%3A%2F%2Faurexss.com; Path=/; HttpOnly; Secure; SameSite=Lax\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: zstd\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wqaNOoUrUbsuTL8TuI7lcuf3gTHMsMjYfI27oHDRsDHTk6sF0MoZr7rPrxzHZATBkX%2Bw1SxV0M1U3b%2B88hdMPX49ux9v3zOxtEjkTnq9xI0kYUT366PjYrwym%2Br2ug%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a24172299fb51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4,"size_decoded":1366,"mime_type":"application/json","magic":"ASCII text, with no line terminators","md5":"37a6259cc0c1dae299a7866489dff0bd","sha1":"2be88ca4242c76e8253ac62474851065032d6833","sha256":"74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b","sha512":"04f8ff2682604862e405bf88de102ed7710ac45c1205957625e4ee3e5f5a2241e453614acc451345b91bafc88f38804019c7492444595674e94e8cf4be53817f","ssdeep":"","tlshash":"b9300000000000000000000000000000000300000000000000000000000c0000000000","first_seen":"2023-03-07T01:02:14Z","last_seen":"2026-07-13T11:19:32.518561Z","times_seen":271577,"resource_available":true,"data":null}},"time_used":134,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":134,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/community?_rsc=1otn0","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.138Z","timestamp":1783882458138,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /community?_rsc=1otn0 HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bGI2%2B9htsNa9aKbSb0POcbOhA98f2MqELHcoEf3gbt69274bTh458odKc1OVa%2B7unPnrksMtQoXFOLj7hX3xZBmf6a8iUJbkSfCXVtAOZqs0Z52S91p06EUmAp12Pw%3D%3D\"}]}\r\ncf-ray: a1a2417359b6b51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":158,"size_decoded":1196,"mime_type":"text/x-component","magic":"ASCII text","md5":"1b0334705ee22e8a7d17bed69bac5a45","sha1":"3465996fda1b5a83c87e02b97b8df6ee0f9bed44","sha256":"f76a15b0ea09f5f901cf09bf4070cf841680c410472ec28c75a2f6ac0d8d2dd3","sha512":"2e444a8bf36dfff8dba923a3fe6ded8a12f0830293d60cd2a7bfc9a0a97849ec2e7da3c860aa937da2f4941a12f0b9b0358cc8061fe212b81f5bb853f8d9879f","ssdeep":"","tlshash":"a9c08c3942983ef66cbb288824aec64f360e430b21c611f0a0934e20f7370a00803de8","first_seen":"2026-07-12T17:38:11.869575Z","last_seen":"2026-07-12T22:01:35.246609Z","times_seen":8,"resource_available":false,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/_next/static/chunks/4038-49fdd8ae32fa9982.js","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.943Z","timestamp":1783882454943,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /_next/static/chunks/4038-49fdd8ae32fa9982.js HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 18:54:15 GMT\r\netag: W/\"1415d-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ESIXhMd%2BmbuqJ0%2FUg0naQ74W%2B6SAhi48QpIzRRZBvJc%2FxyLn37%2BQhXA3kSTp4yTUjb8NgoTRnhJVGVqMZ7Z1Ar80VdcQfe5pKOFL452T1IOKCnw6Bd0b1Q6mrwRNCA%3D%3D\"}]}\r\ncf-ray: a1a2415f688ab51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":82269,"size_decoded":25766,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (60669), with no line terminators","md5":"fcc0345f008acbe8f529de677f7ea0b8","sha1":"4709ac8c02289d17f1a27caf9f719c3199e33199","sha256":"94702b098b138dcadab4016ec2aaa5431ce4daf3592629f2b1bd4bfea2c18363","sha512":"40efb9d579d53f9a2b66c219b459d80829c15026ef38f76021613ef87027131a8a09f3ad0c4cbc7d7421f37e3632c419088eeafc6f2907fd8b471081a65c4f18","ssdeep":"1536:kjI+qNzajw1Muc9T05eMK89JgRPWSEtmfPjvss85QxnpYQoQCsdZ:k0plajw1Cez9JgRPItmf7v85mnWRmdZ","tlshash":"178319256609315cf17bc58872cfd91db26e362ce61ac578bf3e7829179a0f4b126f80","first_seen":"2026-07-12T17:38:11.838423Z","last_seen":"2026-07-12T22:01:35.286472Z","times_seen":9,"resource_available":true,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":126,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/slots/mustang-gold.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.969Z","timestamp":1783882454969,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/slots/mustang-gold.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:15 GMT\r\netag: W/\"127bc-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DnmsxiAaXGxM7c78gfD9fUtoE5HQ3Vdc3Ntcn5cFnX%2F3GsCsw13GuXEqXfIoeJs%2FBIBarWVaRzsk2Del2qyOI1ZukOJ8Fi6J9zmxcNPU8%2F0M%2B0GO%2B3pXSp96vUPtqg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2415f889db51e-OSL\r\ncontent-length: 75708\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":75708,"size_decoded":76713,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"6ab241a7011336ffafef1ebd67ec8f1e","sha1":"3ca9a556b634622656866885324eaebf326f9368","sha256":"84c0464497b0d3865d6e034f1bac30e08fdd9bb511aea21786fc0b7201614db4","sha512":"a39af5b7e6cdbab5a5d79334fe1308205ac5657d4a379e639324523c4048f4e910f667b553ae09ac4d0f35f9630d250dc8475d97d65e5cb5e2abb3df1d87d29d","ssdeep":"1536:tI+PhCbNLoTfYF13LlEZeBu/KQRSV443SRSi5TwN9Qg3j:u+PsoTf4YgBGKRG434Si5TwLQ","tlshash":"407302efca561fc4c4432938759e31eadd13765e6ef13e961a0048755a032a1886efc7","first_seen":"2026-07-10T09:45:03.435418Z","last_seen":"2026-07-12T22:01:35.266508Z","times_seen":17,"resource_available":false,"data":null}},"time_used":191,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":142,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/avatars/avatar-04.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.108Z","timestamp":1783882458108,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/avatars/avatar-04.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\netag: W/\"94f0-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yapGcl0XpA2m4KfLNciY%2FToyycRpR0teehrfgkD4RSvFca4oBn8VAUJ2K0JQz1HJ3T%2FOSbyrFlQKetxrk3ONw4Sz7HH04hry%2Flz1P1FduhaIXlP6yLdH54dnh9YlNg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2417329adb51e-OSL\r\ncontent-length: 38128\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":38128,"size_decoded":39128,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"2d1c641d7f049af251a09cc0612e3d4e","sha1":"78322f070a54ebf93d74d7a8c0866f7db2881f51","sha256":"648865fa8c4429e627aaba9d6d51567f845c8aff7b8342ba684d2e014e4538b8","sha512":"31349595037ecd2825a344ce198fc486a4839bbe2ed62424cc1dcc6eca865ea42166a414b44da70e78d2ef646f1dd60f49e0e7613794ab0f4d127c3a71821f88","ssdeep":"768:7RA7zfI1kCGn8v2gRs2OOq0UY5paW/1xlY5njEaClicAsp3JLgwhzR:7RmfAynLge2OOPmM17YuaCli4p3JLLl","tlshash":"7e03f115d030bf43b8a5c5b5c7cfd8c62e9adba542bb83e152540a8410af1f1bfa2d21","first_seen":"2026-07-10T09:45:03.517578Z","last_seen":"2026-07-12T22:01:35.287301Z","times_seen":15,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":44,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/avatars/avatar-06.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.116Z","timestamp":1783882458116,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/avatars/avatar-06.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\netag: W/\"8f7e-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3vQvP%2Buj4kPRPMKk8R569N3UiNobWTggE2CvJnkDET2fx8JmqGm2Udi8Zehg29SnDktDrM3Q1NU039rm61Y%2BEPu7OqNyWnMGWr7%2FNOab9FPf8P%2FoRNISzzr5j8ORIg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2417339b1b51e-OSL\r\ncontent-length: 36734\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":36734,"size_decoded":37736,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"8415c57ab324120f06dcb58f4a3642be","sha1":"c2643dfb4399333571036c100e8b6ef751331845","sha256":"56480fdd85dfea62d1c1e8c2bb50f439335898b297ba0252bede15905feeab03","sha512":"b854b06dae393078db8d160da65e2b0dbdd3e4abc09a3885f12ceb555390628ce4f15a1096d07008a235d424a01fb52e48ef1a28441c3fb851560f0f3887a7b5","ssdeep":"768:Kmf28ZprnqhaGpxAP1xASrjxVZuDsVPy1U7HQegWebUOgHdZxhF2:h2aZqMCA97rjTZciy1iwTHg9PhF","tlshash":"70f2f17ae574300acb98e8183c133892fec35869158791d0291f27c6afe3b9fe61585b","first_seen":"2026-07-10T09:45:03.463406Z","last_seen":"2026-07-12T20:48:52.771005Z","times_seen":12,"resource_available":false,"data":null}},"time_used":143,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/vip?_rsc=1otn0","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.381Z","timestamp":1783882458381,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /vip?_rsc=1otn0 HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=U5msFMmOXJJXF5hQhm0AdJWew3IpAZei0qanb3LDhkPSDnXnDu6qxBFH1SfLfkeaKWStrF9tzMD3FM55LbDgVQGDyhuhY4rAKeDKu6MoyfkNaC6fnqPTMt2wr4VecQ%3D%3D\"}]}\r\ncf-ray: a1a24174e9dfb51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":146,"size_decoded":1186,"mime_type":"text/x-component","magic":"ASCII text","md5":"9031317fd0e3ec6aeda46a94c6ed7377","sha1":"9a8ea25a9dcc5262d71d07d196082de5048cf31d","sha256":"de9c10d92f2ceb5be34715f7c33ec394dee95576adaf6d07ba05ed243a05de2b","sha512":"76ef7a530b2231604ff64a7a961a4c91548aa2cdf60c998c67f571a2dba109f4cb84860c2d5582bef620b24aa0ac9d86baeb4863ff1e2d8250a9b7df9368d9c8","ssdeep":"","tlshash":"e8c02b3146083ef66cbe2898456dc70f360e420f30c810f0f0934a10b73b02028075e8","first_seen":"2026-07-12T17:38:11.801639Z","last_seen":"2026-07-12T22:01:35.3Z","times_seen":8,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":38,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/images/payments/bitcoin-btc-logo.svg","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.987Z","timestamp":1783882454987,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /images/payments/bitcoin-btc-logo.svg HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-encoding: gzip\r\ncontent-type: image/svg+xml\r\ndate: Sun, 12 Jul 2026 18:54:15 GMT\r\netag: W/\"815-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CehILWlepQOX7aBkOztKgSPbwtdr9cPTV8B6QfRysrUEE4NGTR4Fa2%2BBTBGn58W%2FFRFR0TVLaZpQ4B8ZOkBP03V7%2FTA1bpWADG2S9GYloxsq8b6AONBX1hJWEnXdGg%3D%3D\"}]}\r\ncf-ray: a1a2415fa8adb51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2069,"size_decoded":2121,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f92890de8d6512e2597d378f00254e71","sha1":"ae4f3414bffd2594adedb794d4f9eefb2a86c382","sha256":"51a4362311aab24ca9f1b68d3ff5faf423385db8ffdade0894bd6acb799e53d3","sha512":"6ab7b81fef67d104a6fdf5c9523efc3d03d6039913a3cd3dac6d22fd4975d2449be7043953c840ff0ee8fdc7226894b07c287790381b0fb653579d8dd55f140f","ssdeep":"","tlshash":"cc41a5fcca1a8952ca9e4b6ceafc4c5e2f23604f016d01fcc58296f57c125f58645a9d","first_seen":"2023-07-06T20:31:23Z","last_seen":"2026-07-12T22:01:35.242849Z","times_seen":814,"resource_available":false,"data":null}},"time_used":137,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":137,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/avatars/avatar-07.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.106Z","timestamp":1783882458106,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/avatars/avatar-07.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\netag: W/\"450a-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ryis8IoWPeJAb6CjFZl5VTvh7p5MJOCZyjMmJldW5nz5bI9sXb%2Bfv2Z6%2BfLpsV5HhIeDua0SiLaQr6wE0bV270RLCOZT0%2BM0CMdvLMqDF4yZ3WySJXgvnhiDxMQeuQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2417329acb51e-OSL\r\ncontent-length: 17674\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17674,"size_decoded":18674,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"2f04ece7f55be80ca5c7c5a84b68a4d9","sha1":"19c15be6f6ccba61003ca2bee22fda50982d6453","sha256":"e892676bd399ec5732a3a5232893070177cf3f4a252990f59d2d9ce96e2424e6","sha512":"6c749d39b3e718788b42c0067b1488e0e989bbbc1c6b8bf75de9811acf26cfcdf47bbae2a6fbfdf5c8e0377747b62025fe28a59a3e246892eb1330c90272d619","ssdeep":"384:WLsoy8QxUzRTQBlEXypgyXGS2HxN/XhA/YDmNAB+:WL5yNxUAKyptcxN/09","tlshash":"3d82c0b1e3cf6b19e5b19e3c9c94b24248ba8949661d023da4ed1f090f84f475647772","first_seen":"2026-07-10T09:45:03.493916Z","last_seen":"2026-07-12T22:01:35.299506Z","times_seen":11,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/games/trytostart/vs20olympx.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.227Z","timestamp":1783882458227,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /games/trytostart/vs20olympx.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\netag: W/\"3e27f-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QqLNFc2gSoEOe8mU6cxbM0DX9P9z6OfpBPKu6IQC%2F7ZzEPWyzqzeSxoFq%2BVS6ugmWYSE0NRTfdYkLFHCqH3wPj4gsiXH%2Bh%2FK6k1efWXD7f8DksMVyHvuH9WlBMpyWg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a24173e9c6b51e-OSL\r\ncontent-length: 254591\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":254591,"size_decoded":255521,"mime_type":"image/webp","magic":"PNG image data, 360 x 472, 8-bit/color RGB, non-interlaced","md5":"7257e7983f3fc7614dbcc9f60d78e675","sha1":"708154f72258ce55b1e1954a62fcff0d0fc8369a","sha256":"fc9fa196019d6323ea1284aeb52dbca0b466ecdd3c5f28cfdd0a7138daff2870","sha512":"7ca60d36efbb7f6eedca2c18f617f207f04c0fa79a06f9166ed0509e5dfd893b75352ffc31a73a209f1d4a4ea7a21feaf55964f20b51374b6ce6d63b1470a88e","ssdeep":"6144:CiN4IwkOCuSMJO5F14DNQE1+u5n+zY/PhLPhlAkzEe0+X+:CiNgXCuMMDNF1Tn+MBLQkWE+","tlshash":"0b4423b1d86dae1580bbfc317d6837eb2fad593aa9b32129c780c55c715e8dc970c218","first_seen":"2026-01-30T22:42:01.211792Z","last_seen":"2026-07-12T22:01:35.273749Z","times_seen":96,"resource_available":false,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":97,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/api/auth/session","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.254Z","timestamp":1783882458254,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /api/auth/session HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nContent-Type: application/json\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: no-store, no-cache, must-revalidate, private\r\ncontent-type: application/json\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\nexpires: 0\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\npragma: no-cache\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: zstd\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EmCGddZ0%2BPTw8DYBSYws8zf6E8Lxo4eRPeQKfrcXi4UfSk78fiMv0OoAIDl0ZElI6dto91CqR4JVX2wtsroCwl4EQBwbInSughgufc7NeuiCXDNS3dBpmpOQ8ApxGA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2417419d0b51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4,"size_decoded":1066,"mime_type":"application/json","magic":"ASCII text, with no line terminators","md5":"37a6259cc0c1dae299a7866489dff0bd","sha1":"2be88ca4242c76e8253ac62474851065032d6833","sha256":"74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b","sha512":"04f8ff2682604862e405bf88de102ed7710ac45c1205957625e4ee3e5f5a2241e453614acc451345b91bafc88f38804019c7492444595674e94e8cf4be53817f","ssdeep":"","tlshash":"b9300000000000000000000000000000000300000000000000000000000c0000000000","first_seen":"2023-03-07T01:02:14Z","last_seen":"2026-07-13T11:19:32.518561Z","times_seen":271577,"resource_available":true,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.954Z","timestamp":1783882454954,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: application/javascript\r\nexpires: Tue, 14 Jul 2026 18:54:14 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BlorSkRxoTKNrUjIF4cDTFraXpudf%2Ff2Mxdowr93KYa2CzJy1Da061LD0uCes0KxQCo7Gd7bK7jtWCUH22zfgLTmOHeTWM62JuH%2B%2BYMmvfwT6171oKBxbz7Mmqvn3g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\ndate: Sun, 12 Jul 2026 18:54:14 GMT\r\nserver: cloudflare\r\ncf-ray: a1a2415f7895b51e-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1239,"size_decoded":1288,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1238)","md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-07-13T11:17:59.153235Z","times_seen":394642,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/dmsans/v17/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K6z8GXhnU0.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:15.306Z","timestamp":1783882455306,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Jun 2026 08:37:23 GMT","end":"Mon, 14 Sep 2026 08:37:22 GMT"},"fingerprint":{"sha1":"CD:5B:53:23:61:72:75:37:AD:E9:F1:74:B2:D2:EE:09:81:05:55:E1","sha256":"9F:07:21:2D:14:EB:C5:C0:D4:2B:42:E4:55:80:7A:BB:AF:47:A8:BC:0C:5E:05:F3:2A:2B:1F:2A:78:4D:FF:D7"}}},"request":{"raw":"GET /s/dmsans/v17/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K6z8GXhnU0.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://gavewex.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 36932\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Jul 2026 04:44:35 GMT\r\nexpires: Fri, 09 Jul 2027 04:44:35 GMT\r\ncache-control: public, max-age=31536000\r\nage: 310180\r\nlast-modified: Wed, 10 Sep 2025 16:31:03 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":36932,"size_decoded":37745,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 36932, version 1.0","md5":"7c87a648293fbb5b2924aafaa59e8aea","sha1":"c57593e0adc4cf99dd9e67cb782242220a061a9d","sha256":"9fea608a947e67020c33cad9a6fe3d60c54119dfb8cff87768a8117a15ed7543","sha512":"764ced325a768dca84e1fb0cc458818239ce379dbcbdb324ee8849bbe15f54e3f0254ae6e52ee5a92741840637b4f9885d246a0978af23176b3acfe5b9cec23f","ssdeep":"768:mMQPOAQQKW6GccoXQ+OGpHNzXgtDM0SVu7P3nqtPl9Bf2csDpHUjbYE8j2:mMQz4W5og+tpH6tDJku73EPlPOcs5U/l","tlshash":"c0f2f23e7ea5691487c2b0be506b00935344c9bd37c18121bbb953f44ea67addc5d63c","first_seen":"2025-09-11T17:08:25.889763Z","last_seen":"2026-07-13T10:54:12.396632Z","times_seen":29702,"resource_available":false,"data":null}},"time_used":112,"timings":{"blocked":29,"dns":0,"connect":0,"send":0,"wait":62,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/deposit?_rsc=1otn0","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.385Z","timestamp":1783882458385,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /deposit?_rsc=1otn0 HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4DS2622Jr6cCxR%2BOqM5zdqtcJoitUXZCfWfqapL%2FvsXyokmD2SZaH36WDX0GFFGuX4iDXa%2Fqhz6SnVSp49rjjc7dWj1epcHjHMJGtZqQZxPNkezGcgR1EiR62o7Pdw%3D%3D\"}]}\r\ncf-ray: a1a24174f9e2b51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":154,"size_decoded":1197,"mime_type":"text/x-component","magic":"ASCII text","md5":"9876c10da7ccffbf190536b98dd3372e","sha1":"e514dc4db0e327e868e419c1d127c2751249764c","sha256":"0b92f700a78f7e4589dd7a1033cecd337cf04e41b2a2fd4c475f0173218bd3d3","sha512":"f0090ee4f182e4278813a920edee2da3fad2083e2c5e1ba3fca8ff791919278a02178ffd24e7fd7fdcfa5aa5e0e6272e9a372bc46a37dddff7c391f14063daa9","ssdeep":"","tlshash":"a2c08c2142093ef96eba3a88656dca0f260e410f21ca18f4d0925f20b7b702204075f8","first_seen":"2026-07-12T17:38:11.665541Z","last_seen":"2026-07-12T22:01:35.299012Z","times_seen":8,"resource_available":false,"data":null}},"time_used":83,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":32,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/play/vs20olympx?provider=pragmatic\u0026_rsc=1otn0","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.644Z","timestamp":1783882458644,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /play/vs20olympx?provider=pragmatic\u0026_rsc=1otn0 HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 18:54:26 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RfSfecitME%2Fi0OGERfVL7qpPbWpEpyXGQ5GLortNPDCoM6Y4JLhUN%2BojWYRgWjPUje2lgXtIE9vRDGP9fmc%2BmLJggKuZzw0MI%2FqSIXYUfCKci%2FBCxQ4NBNmPMwVZIA%3D%3D\"}]}\r\ncf-ray: a1a2417689f2b51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":218,"size_decoded":1236,"mime_type":"text/x-component","magic":"ASCII text","md5":"d8a630dc6bded0f890ce0e6f1b87a2f8","sha1":"312baace2a8d4d83da7690fb50da433f3042fc79","sha256":"079ddc09e7f26a8bbeebf886b27703b895f36c9fb6ff8e721cbe410fb62fea60","sha512":"9e458527f0bba7c7d206b1e32f09be3d90948f3bfb3d08f1c92de16d0db041ce97bf265371c1dd8a23a1eece699ca9e4c86f93a53c95ce1e2c613e741d5dcfda","ssdeep":"","tlshash":"12d0a72642053af56c7a28c805bdd65fb51e519ba1c846f550668a35976303129035e5","first_seen":"2026-07-12T17:38:11.884346Z","last_seen":"2026-07-12T22:01:35.269174Z","times_seen":8,"resource_available":false,"data":null}},"time_used":8132,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8131,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/crown-icon-512.png","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:19.445Z","timestamp":1783882459445,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /crown-icon-512.png HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/png\r\ndate: Sun, 12 Jul 2026 18:54:19 GMT\r\netag: W/\"3d605-19f1a0f2520\"\r\nlast-modified: Tue, 30 Jun 2026 19:43:48 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\nage: 0\r\ncf-cache-status: EXPIRED\r\nserver: cloudflare\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=thrQWRLsfNpJd44eaDgIE2KW95hHDSDsvSNXq7z4pe2dS%2F%2FPMXr4YcwPHVJ%2BcfMT%2B9QhrELINpJnvVOw%2FdIkDUqBTPKCepZG4gdai%2FuFpjliOsLVApsFf2uULilbJQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2417b8a45b51e-OSL\r\ncontent-length: 251397\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":251397,"size_decoded":252418,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGB, non-interlaced","md5":"80d4744555e10615fd0705451496696b","sha1":"cdbb7f742437134f1a5d60165acf86ad5213db97","sha256":"6e73823fa9392ebc0bf9d73a2d4125b570b38729f8d9ea310afa814fd6256abd","sha512":"c9bfda11e02a25c4582ae239c6e168d59accaa434e697ce2aa6d510edf759e3a24f623e9219961edf63a7a4a1f0dca027a8f06f505a2a544c73b0d3607457b3c","ssdeep":"6144:NVPLp8eA7j5PdHoachilP1Odjbn36A3EHgbmODh5d/FJH4VAvLX:NJNEtPh8ldjbnKTcp15ddZ4VAvj","tlshash":"8534232db096f918cc4e7f515e3d4f4a95b773eec97db804619865ae8a3d29030c4b2c","first_seen":"2026-07-10T09:45:03.470767Z","last_seen":"2026-07-12T22:01:35.244679Z","times_seen":17,"resource_available":false,"data":null}},"time_used":136,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":38,"receive":98,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/hero/hero-crypto-v2.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.964Z","timestamp":1783882454964,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/hero/hero-crypto-v2.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:15 GMT\r\netag: W/\"dfa2-19f1fac3ba8\"\r\nlast-modified: Wed, 01 Jul 2026 21:53:29 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ac%2BFDS%2BvKYjJxq45p6M%2FFv%2BcZxHf33Z1DYhHPz1keeQ5auOkqTa3CMEeuYZkDb9SAxzX6ryxABDUmE0RADuwaQsopcNPFT2%2FNHM04Q%2FXqQN0ljT1ld4W4jkks8ECOA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2415f8898b51e-OSL\r\ncontent-length: 57250\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":57250,"size_decoded":58256,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1080, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"56c58dba7ad45338604758c52e42af70","sha1":"491d07877f76c506fcadfc44a78f9de50271b96c","sha256":"6ddf7100c55662774a5dd5586a4895e0beda986e0ebb317899bc4029afd121cb","sha512":"b59a876576f35c880216286c5df93e91623335010175890c89f64e8e3b1ffa27a9bc7dcc4729ea30bf503ebfd15e9599fe2e73e96c91c115eaf81168fdf384d5","ssdeep":"1536:xywBsATj+mNGuSdV/idOIuArwisjvouYmptY3:xDTjltvdH/wiKvoZmptq","tlshash":"3543f1193565594a2f015cf9f56b0ed68eec835608ec18635df6714eaceb3430e32d62","first_seen":"2026-07-10T09:45:03.452699Z","last_seen":"2026-07-12T22:01:35.282632Z","times_seen":17,"resource_available":false,"data":null}},"time_used":193,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":145,"receive":48,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/slots/sugar-rush.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.967Z","timestamp":1783882454967,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/slots/sugar-rush.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:15 GMT\r\netag: W/\"12dca-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Lom3S1jtUKhwiuWT1n%2FGdoUktMlcCy2%2FW5TRfEeyvgid60j%2FaPVUBqfw0D6aYEQkApBrjLNL5ezG%2Fx4aVQeRM4AqAA1eHdh1VSUfdPs2yc3fBv8vj%2BHVhHFZ%2BPtclA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2415f889cb51e-OSL\r\ncontent-length: 77258\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":77258,"size_decoded":78265,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"bf41d2e5df715e30ae5765e27035f41e","sha1":"dcf2c0669dd20ad1b99ea77df4e3f6ccdeead5ab","sha256":"f737baadd156371777dacf433a53ad815758d08052959eb468d9f88e061ad90e","sha512":"b6993d81aab072729107d0d1d86fe16ccdf884f439d987f4cad006dc18158deeb30976237f695a306f65e299f828bee73d82148e2b0b09bb43249dede4c8558f","ssdeep":"1536:HMA87FnJmqOd5Zq0NK7TL4poJXAtB7QN1bbY:HpUnMq+u0NsTkoJXAz7+1vY","tlshash":"da7302d366435f630ec3b099ea9c8feabb66511cf0f602071e6a8744359c974a06eb74","first_seen":"2026-07-10T09:45:03.490538Z","last_seen":"2026-07-12T22:01:35.250373Z","times_seen":17,"resource_available":false,"data":null}},"time_used":204,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":51,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/crown-icon-512.png","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:16.112Z","timestamp":1783882456112,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /crown-icon-512.png HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/png\r\ndate: Sun, 12 Jul 2026 18:54:16 GMT\r\netag: W/\"3d605-19f1a0f2520\"\r\nlast-modified: Tue, 30 Jun 2026 19:43:48 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OPJhTxyHRduNBDZf2ueOB5W8tdSQrjlFK8X0DkYzasr8IfQjsRmSJUmI4iSfoh0DL6FxQ%2F4aNjl9x9SLSZcd%2F%2FqM6SRb9QtWThEz1msGV4l7RwTXepkyDC9ylbdU%2Fw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a24166b924b51e-OSL\r\ncontent-length: 251397\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":251397,"size_decoded":252403,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGB, non-interlaced","md5":"80d4744555e10615fd0705451496696b","sha1":"cdbb7f742437134f1a5d60165acf86ad5213db97","sha256":"6e73823fa9392ebc0bf9d73a2d4125b570b38729f8d9ea310afa814fd6256abd","sha512":"c9bfda11e02a25c4582ae239c6e168d59accaa434e697ce2aa6d510edf759e3a24f623e9219961edf63a7a4a1f0dca027a8f06f505a2a544c73b0d3607457b3c","ssdeep":"6144:NVPLp8eA7j5PdHoachilP1Odjbn36A3EHgbmODh5d/FJH4VAvLX:NJNEtPh8ldjbnKTcp15ddZ4VAvj","tlshash":"8534232db096f918cc4e7f515e3d4f4a95b773eec97db804619865ae8a3d29030c4b2c","first_seen":"2026-07-10T09:45:03.470767Z","last_seen":"2026-07-12T22:01:35.244679Z","times_seen":17,"resource_available":false,"data":null}},"time_used":225,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":126,"receive":99,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/api/reviews?locale=en","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.019Z","timestamp":1783882458019,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /api/reviews?locale=en HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: no-store, no-cache, must-revalidate, private\r\ncontent-encoding: gzip\r\ncontent-type: application/json\r\ndate: Sun, 12 Jul 2026 18:54:25 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\npragma: no-cache\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Host, X-Forwarded-Host, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fgUcb0gnZTcUehVE0BRH%2B0k4BGF0ETnJzabyZ0n%2FMkPHzZTIi9Gm4CHSf1A749d5lQj4zI9xoCKyYMEOx6nRR8%2FnsvCSCyBFSxVb4LZTgqlIMl%2FNcP7RSATwmURkPw%3D%3D\"}]}\r\ncf-ray: a1a2417299a6b51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18928,"size_decoded":6360,"mime_type":"application/json","magic":"JSON text data","md5":"b11141a66f4acc85ed5e8454faad7a42","sha1":"3d71f3eeb23dca8836476d92476e3ec7f0fd0dd1","sha256":"cc4d5f8a74d81683a6495eabfac2cecd552382d748e26c5b8505e36b4f0391a5","sha512":"6c69e192889a6c781f01101d15dd4e61d270513520e4a52576d23f4ebadd68a58dcd2dfc258c56475a7c457353c5a87b51ba558c0d414a0cf1a3e0b5541a43a5","ssdeep":"192:3uY56Ned6PS+FHHadWNuYdyU5VEYiFdMPVVyqvRJldQlMf3kaGJIXwQ/Br5MnR3x:ZgN08X9tNfkaGCuXFibmi08RfHEKnNeB","tlshash":"b48253676518663c7a7320eac54b7fa4671c7d327302dca4ed0ecebe41e25f8407649a","first_seen":"2026-07-12T18:55:07.382111Z","last_seen":"2026-07-12T18:55:07.382111Z","times_seen":1,"resource_available":false,"data":null}},"time_used":7810,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7786,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/avatars/avatar-05.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.112Z","timestamp":1783882458112,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/avatars/avatar-05.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\netag: W/\"6c80-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9kvW%2Bx0NbfC4YE6RVHPQMuEnyGq6C4LSXCIf7oSla2YindNELKTRsbKWF1BoP93I8C673cObBMbPUxg9%2FDvjhCzEy5NBcSsn9X3L4XEY09t9mTB73sPNLDsjh6AaEQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2417339afb51e-OSL\r\ncontent-length: 27776\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27776,"size_decoded":28774,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"6e793b51845ab5490d571ca386013d33","sha1":"b41b56854224b49bb3c52221590c07154bb01b43","sha256":"0478f021f3a2c9eb30f2589ede241013b251e2aad9cd454c2601895e2a8554ab","sha512":"4535edf2e2cb2cfc1007f468796364e9e961a07704ef1b501434695cba44bd6cda927863e7dc32bd951df85765b999f528402a8075f2858e1bf67819fa453151","ssdeep":"768:CqHyqocAy4Typ6eqt/pzx4LU83Z6/kO/nheetlaKV:SqU5TypaZpztEYXweL","tlshash":"3dc2e003abf46fa6d53f289769dbe7b246242530139cdd4baa36554531820b6200defb","first_seen":"2026-07-10T09:45:03.486194Z","last_seen":"2026-07-12T20:48:52.747631Z","times_seen":11,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/games/trytostart/2032.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.231Z","timestamp":1783882458231,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /games/trytostart/2032.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\netag: W/\"13a12-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WAEHbtjXSRJ1rHSDwjbsDgXOh7GhMwWLzkTjSjBDCWG%2Be9kt9OEe4Nol2s2UTf5Nj%2BFcdcUgTnsVOSvnlPmy17rwxfTcwAdy3bdOBnfU94SHaMdpODhDEpWJohMTlg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a24173f9cab51e-OSL\r\ncontent-length: 80402\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":80402,"size_decoded":81327,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x1714, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"e7dc4522e10474c081773974610ab511","sha1":"3181b650b874a6f00af8cec083cc17dc01c003c1","sha256":"3c6e6e37ff2520c65c5ad44b99b019b5089360f30b99a435b54e11d80908704f","sha512":"3756ec09c7d883607f9bedceabc3d21dd409db40a12bdef1972a83395e851e570d605bfe51318ee476215efe60ff6a1416ab09a70a33914efcde43b792f04c47","ssdeep":"1536:MYPvqxixFFUpIiaxvmXukpnHyAlj5EYGw4n68VVHiP2:PPHeifxvmVHDOyO68fCP2","tlshash":"617312f11f9a0df6a1ac63a05a91c95e33bc1b5de1c745ff06c58e28f62e04642e4e6c","first_seen":"2026-07-10T09:45:03.513887Z","last_seen":"2026-07-12T22:01:35.289626Z","times_seen":16,"resource_available":false,"data":null}},"time_used":168,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/slots/wild-west-gold.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.970Z","timestamp":1783882454970,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/slots/wild-west-gold.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:15 GMT\r\netag: W/\"1267c-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8uJyNS%2F%2F488HvqGWPCcIZdbntq56mxDrJ6XXtFS05hpXpIUJ8jbX3q5dpA8m9NyqRpNHTaQO7M57Xg9hTxsXHjkicNkzHEoumRrj0zA3egzQfkhQrg7CyoZmgOA7Wg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2415f989fb51e-OSL\r\ncontent-length: 75388\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":75388,"size_decoded":76387,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"a4d08f2ce7d608f3f8c032b0822a72b1","sha1":"4af5325f2834e09cbac50c22145eede287e20ea0","sha256":"3f856fd2ffad9148db6e06b06306c8753774c51fe02bb3f189702b14d0be6a30","sha512":"e182a41e1df5f49e6bcb4212c0ff417ad34a0534fa86c3f5f8350230b00325b85b15f065202c4745694b6e742793208ffd6ef59fef11f2b3f62f212f1ecb72d9","ssdeep":"1536:xCht2pj7iiYngyCZguVap90E6+dd5QHIyJtiQj3Yj339wQOVMP:whYp7zIDuVapeEjdd5QHVt78j3tIOP","tlshash":"c77302ac830ce2953ee17c7bfdd56457c0804ae6326b5ec92a01b4d61737ce5cad3a1a","first_seen":"2026-07-10T09:45:03.496757Z","last_seen":"2026-07-12T22:01:35.295138Z","times_seen":17,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":136,"receive":48,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/predict-banner.webp?v=2","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:15.564Z","timestamp":1783882455564,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /predict-banner.webp?v=2 HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:15 GMT\r\netag: W/\"763e-19f43a771f8\"\r\nlast-modified: Wed, 08 Jul 2026 21:34:35 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DKwjJ7QPjxc66u6xxfsx8KhE3xeauRvJs0yxm%2F5EcIX70TB6%2BSwaHe6%2BAqXraspk%2BnQEYvzyaDo9Ydo%2FK9Zkw4e69dEzTmWUbe%2BWgf6GX%2Fqr0fWb%2Bwm%2BqQw8Js3kug%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2416348feb51e-OSL\r\ncontent-length: 30270\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":30270,"size_decoded":31282,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1600x893, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"f476b1ccbc123437a7b7358274626d97","sha1":"d4c5e7152a7061a5b8931bef466bf9daa34897c0","sha256":"d1b4bf3a703a70b2d125e2ea489dde042d66aac73538bcb0f9c773cb16c8b819","sha512":"c6846787fd7dac1965d5792bc2102d6c2b7e2f0d2e1cbe179d0cceea985c7004f24ec26568eadd6db023d64499e227965f30ebd084cb78666391ff109f3fd343","ssdeep":"768:m0OJ99zV1m/W5ZS4QxA8e/WA0ik9E11OJW1amWRng:mv9SGSVmbLk9E12DmW9g","tlshash":"87d2f13a255e166f7ee8a814b1308017902fff35ca375e6f9c1052e1e9b2199a13469f","first_seen":"2026-07-10T09:45:03.557227Z","last_seen":"2026-07-12T22:01:35.257547Z","times_seen":17,"resource_available":false,"data":null}},"time_used":145,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/news/provably-fair.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.280Z","timestamp":1783882458280,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/news/provably-fair.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\netag: W/\"c05c-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WsCdEuYLzpNUHAjTemuH3rdZzfGcC3hCaCNGPDisYEiWJ4cqgHBE1aPUDm0OlrC8qpZHeWAsESsStb3mjMnGK40TU%2FUsicKsV3G3OrhVNYjuQ0Eq3r721osh03dvxw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2417449d3b51e-OSL\r\ncontent-length: 49244\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":49244,"size_decoded":50240,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1376x768, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"7cb9cd43359de54e7564c725bb9517d3","sha1":"1245094b8fc133d439c2612cf4dd9fb47e3184d0","sha256":"8399ac55ccc149cc474c6441e1bf099afb1d89dcac48e6898df23203e13388d8","sha512":"e4a6ee358263129d6fd50c7e98367f83d92955c35abe7367b8e081757483319934cf8c10c76a54cc91e3ebdcc1562b4f16c1bed6bdaa6014c22319a457669783","ssdeep":"1536:dc7h8uOGfEiIWwtbwyn2ej2/4/S4uyrhXaetd:dMwGy2es4/S4uyr4+","tlshash":"152302dcfd0b7f91e3172448c110d0a5b5f565fa93596e825398d883b68a83fc6f428e","first_seen":"2026-07-10T09:45:03.524343Z","last_seen":"2026-07-12T22:01:35.323973Z","times_seen":16,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":126,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/_next/static/chunks/4bd1b696-100b9d70ed4e49c1.js","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.934Z","timestamp":1783882454934,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /_next/static/chunks/4bd1b696-100b9d70ed4e49c1.js HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 18:54:15 GMT\r\netag: W/\"2a3e1-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YdBnn2kTD%2BrcVk1Wso8cAcR1z3f95gUGWqrargz%2B0PvEHMUkQmHGEqzLxF4tAjzloO0v1HBGPhCpWjNTYSJtHJFFJS%2F2f%2BRHyGlFTwyubNCPidRkADn9xZpGJWJjEA%3D%3D\"}]}\r\ncf-ray: a1a2415f5881b51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":173025,"size_decoded":55361,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"2a9c2166a0ae63c27a466c7fb5903d80","sha1":"51f1c90c3f1e1d32d0c81e836ded7ed5ba0601d6","sha256":"5421e13a91a9389517b66179f3b4b5eaa0d95245438066d4d7b19ac30aeb809b","sha512":"8dc6274f2637076f1b5c4cd3f61b14259ec5552d844245c8b93a64f19c8b6b7347554a03b994b0f880b7dae74ad65e54eaa00be81783c2cedbae82a7fd4b89dd","ssdeep":"1536:DWET9Lwegcl2MywYleojBFOQLfioEV7hNc7lFlgXGhJx4bzZc5zg5tgW/zAe6c0:Z9LwzMyh1vLEE7RgXOQ5SIA1","tlshash":"ecf3f8ec3999e611aeb342a700df28037378261b240d4d60a614fd9ea57845bb17bfde","first_seen":"2025-08-21T15:49:50.637902Z","last_seen":"2026-07-13T10:45:18.945199Z","times_seen":13110,"resource_available":true,"data":null}},"time_used":186,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":141,"receive":45,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/_next/static/chunks/app/error-33d1788fed5ffb4f.js","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.952Z","timestamp":1783882454952,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /_next/static/chunks/app/error-33d1788fed5ffb4f.js HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 18:54:15 GMT\r\netag: W/\"93c-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=L9NJoRT4B05vU4yHKxAf1IhruYfQFQcc4KP4NtbRX%2ByDrn99e4Rfm0wjb4it9SLLsGoKGc5m7TlU60crapl9%2BS%2FhcbVs9Ld1DxepPyVY8H8tssfpM3yKCW02e%2Bvudw%3D%3D\"}]}\r\ncf-ray: a1a2415f7894b51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2364,"size_decoded":2118,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2364), with no line terminators","md5":"5127c8a0bf18bf19c981c4c0f5fd3b5d","sha1":"f812e3d7611042d8be29a2491fa3cbbaf991d54a","sha256":"937b53427e51b436510f6512d504cecc2f6b5478328d3f8e1ce04c45758345b6","sha512":"46314691bf04c743c678ec3b850bf7fc634132b3102eff1279ab430bee9398efe937e8b5021231f5193dbaa3e459cdc12bfcd4e31160df42ac8d8f7fdebdba59","ssdeep":"","tlshash":"cd41621766056e18f437c94877ff900c71eb4428712ade7867a89d3a11d64e53a2b7d0","first_seen":"2026-07-10T09:45:03.569736Z","last_seen":"2026-07-12T22:01:35.294604Z","times_seen":17,"resource_available":true,"data":null}},"time_used":132,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":132,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/games?_rsc=1otn0","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.141Z","timestamp":1783882458141,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /games?_rsc=1otn0 HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=k45hitJfmRjxpGGu20eTMozKVR8gSmB7EVqvH7%2BDx8fZ9Fya56IzUsmT6zRzT%2F%2Bepz7%2BzzMhiXA%2F9yBWyFRnVf3ErOjXEFN5BfaRjv5LGS9Qn8FJkJ9i6rqqVRINJA%3D%3D\"}]}\r\ncf-ray: a1a2417369b8b51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6494,"size_decoded":2729,"mime_type":"text/x-component","magic":"Unicode text, UTF-8 text, with very long lines (3468)","md5":"776ade8c9c7c4e27e09ed95833a1610d","sha1":"01aad66b3045f6e700852cfab572afeba406b28c","sha256":"39b120cfda99814a021cb6f23efbd12507d3f6a1d445e1bc9ddf9fdffc39aa8a","sha512":"a5756ae9c129ca17dd65009f746b8153ec67684be02e9b004e12c6528e7f1a4ecef15be210235d2a2bfb83489ac0ceafd1f3e491d6b6c148623025cd6857657a","ssdeep":"192:Wp9Id4t5LqJgXf8N9NuNfNoNRNSNzNMNFNHN2NFNMNbNaN5NQN6tgtOs79QfM58+:W8IiPQl+rchK3tY3KpEzmPsY","tlshash":"35d16a3fa6024a6fd6ff4142445f1299671c4f3eab60ca66c0ed1e39068a99c7f89361","first_seen":"2026-07-12T18:55:07.451586Z","last_seen":"2026-07-12T18:55:07.451586Z","times_seen":1,"resource_available":false,"data":null}},"time_used":47,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/_next/static/chunks/9792-bbed82e0e875a1e0.js","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.950Z","timestamp":1783882454950,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /_next/static/chunks/9792-bbed82e0e875a1e0.js HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 18:54:15 GMT\r\netag: W/\"2479-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YXjSE9hFFzy%2BKQNHUIYuhQA%2FeaH7htY2kZjjGmFFdMijAqRLEkH0qGF2jhgwFRspX1cnGru7C70Ns1Kq3gqfs0xHehimo%2Bn5FDoP%2B%2B5DO1zy6z9Gk0pMtP9MskYGsQ%3D%3D\"}]}\r\ncf-ray: a1a2415f7892b51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9337,"size_decoded":4400,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (9337), with no line terminators","md5":"b082208296b9b3705076807c6a765752","sha1":"df9d0a8602debe4cc087445f2f2928428a8dd8f8","sha256":"e5cc5cd6fd587fd300815648759a627ef8c4dc295d75f12440f6d27de6b02924","sha512":"44a1bafc5746c002fc285d55b8f9240e4dc493c65c631114334e52b732499504fee8c0449fbebf9d50205593347c073ebedd5e48fb1e606a37f7cb474066b846","ssdeep":"192:O3Yaic4We1aowaYz4n6rUGUCKbLgcJ/t/ml/6/hYmPE:O3LuWsYn/8rc/8E","tlshash":"76121b92baa2f8b291bb6552683703863130277b790b4441a3bb4cac2354f59b4d3f5d","first_seen":"2026-07-10T09:45:03.521341Z","last_seen":"2026-07-12T22:01:35.311525Z","times_seen":17,"resource_available":true,"data":null}},"time_used":127,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":126,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/slots/bonanza-gold.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.977Z","timestamp":1783882454977,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/slots/bonanza-gold.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:15 GMT\r\netag: W/\"19894-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=j1CSPUIELrOS%2Buvyn0TdPu4NQDuyqO3sfAgcvpCWtvZFtfuPK8dm4h5Vt%2BEkuky2gUBNfbFYM48i8lSrMc1FBFHWCOSPWiZ4%2BeCWSS43d5VAr5MAZqFIV4VZkqwlKg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2415f98a6b51e-OSL\r\ncontent-length: 104596\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":104596,"size_decoded":105598,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"41a60a105c2cfe76d0467a5b09ae0a33","sha1":"551e9c83845fba6fc18db7a4ac086c215ff8a179","sha256":"b78350512b1d85e07b3ef58b82aad59ddb661cb83c0575faafe676525f215907","sha512":"1ea5a610329876344d027bec3868e54d569ea08899bf3bb565e0750b3fc468a48d78b675344162e4555d61112a30c161a8a4430502547898cee97fe320c5ec38","ssdeep":"3072:4kSF2Y4Jf5pFoQqvZ798oWHprJMkhu9uAvX5iQjgw1H:pSUX5A79dWJrJMkhuZvX5g4H","tlshash":"60a312c579393f7d83899a43ec1da0c3f026f9e51edd2f42dc4c5606ea3182918a4b67","first_seen":"2026-07-10T09:45:03.469823Z","last_seen":"2026-07-12T22:01:35.312172Z","times_seen":16,"resource_available":false,"data":null}},"time_used":194,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":143,"receive":51,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/images/payments/litecoin-ltc-logo.svg","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.989Z","timestamp":1783882454989,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /images/payments/litecoin-ltc-logo.svg HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\npriority: u=5,i\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/svg+xml\r\ndate: Sun, 12 Jul 2026 18:54:15 GMT\r\netag: W/\"1e9-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\ncontent-encoding: zstd\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DWoxH%2Fh31tmlmzwlhKVS30V1l32hb57845N2baPxxlKYINhnWN7ZcN5W2J1lWzZWR52bOqcCgfHDiRtil9wR9FEWZm3Nn7%2FDsFewkpmupWJ2XvyBZm9bECo0XCp5Yg%3D%3D\"}]}\r\ncf-ray: a1a2415fa8afb51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":489,"size_decoded":1256,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6046cca14ef5741d48469675250f8d1a","sha1":"e5d3cb531aa29112387e94a9d68a1ea583576c8b","sha256":"20dd004b22b76d98151807b3ca99196f84edf24cc5d66c33e3aaabfd9ada6d19","sha512":"e4153f5893945f12cf4bcb8b0a66e1b360fcbdd62be00058ec3e6d32452e3aaed2913e3328ca99a3067acb5ed5964df60796b7e56199dfb316790bc413877b31","ssdeep":"","tlshash":"f6f0d47bdb50ce2ddb50472cc0c2b50210704542f1c24294ef97012cf80b8b3747c9c2","first_seen":"2023-07-06T20:31:16Z","last_seen":"2026-07-12T22:01:35.279612Z","times_seen":793,"resource_available":false,"data":null}},"time_used":137,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":137,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/news/how-to-buy-crypto.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.279Z","timestamp":1783882458279,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/news/how-to-buy-crypto.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\netag: W/\"137f8-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jJBGyaoC8AIW87Fbudki6G3HspumU9Hjg3j0jaaTAotbIyud6nFVj%2F8Xm5NsMoLuTXbU0INgFveJr0PIUF2UI4pmHnK7rNtGz3XseTbpkMmpyJ%2BMMrakehKk9vJKOg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2417439d2b51e-OSL\r\ncontent-length: 79864\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":79864,"size_decoded":80863,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1376x768, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"1107d21122506f88e0850792ab1fcaad","sha1":"30d895ba8c7434e748ded830911cc67a502baa28","sha256":"9704548ed0dae59ff4ce90cdde49cf54d0ed4bdcf9c4347235d4fa2da39265d3","sha512":"8a81780ea3078a9edb6cd267091142643ff671411b5152501df605d03186e070012be84c5dea9406f4067c07ef7c5ccd50aa399ec90bb3c7bcb65030d7cf6234","ssdeep":"1536:Hg62YCdvJWD5zcs/FGAFmu2J7hLSFAmdNb2V6WEvwpVkAPWWr33qM:AtxW5zcssBVJFLNCNb2kzkVkpWrnqM","tlshash":"91731222c523bf9908717e948403d04bb9205562d2e43b0a97b26adf6a334fe39d5ff5","first_seen":"2026-07-10T09:45:03.461412Z","last_seen":"2026-07-12T22:01:35.290266Z","times_seen":16,"resource_available":false,"data":null}},"time_used":86,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":48,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/slots/big-bass-splash.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.972Z","timestamp":1783882454972,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/slots/big-bass-splash.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:15 GMT\r\netag: W/\"105be-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=U9fEg7EmBq3a9v%2B77JIHanYlFuEja6PK47CGoHJe7uaXXopvu%2BZBAfhY4kxbL5IN%2Fvvv1B9b66MKMXJPcbaBkn1D9Fa1afkw%2F8bzCGGp7kZbuRIDt6DH%2FrqxiU7rFg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2415f98a3b51e-OSL\r\ncontent-length: 67006\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":67006,"size_decoded":68011,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"862f079aaebca7a9a7d6281477920833","sha1":"122ff8ea76c323dfbd5884d328d07a950af1703b","sha256":"917a5f0533529b7796b0d8e07cf304b7edec38169b6accaebd163c0775b8ff8e","sha512":"d6a81891abb189520f4fe8688057e024334449f28430778ca79e0c94e89cc944d141253448248766701e647cd11a957cf95d0abdd9d88d50cf9a5e1d78e5339e","ssdeep":"1536:Rj6UVBfMz71V3m5xMZs5u7v3XJtDFbBa4Bnp8CaE6j+CL8v1d:RbSz71VWCdJlX6iCYD","tlshash":"5f630297af62dce98f029830765ece909ba1c47404f780ac8f050e1eb7f87a97391c59","first_seen":"2026-07-10T09:45:03.563064Z","last_seen":"2026-07-12T22:01:35.261302Z","times_seen":17,"resource_available":false,"data":null}},"time_used":189,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":140,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/dmsans/v17/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K6z8GXhnU0.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:15.304Z","timestamp":1783882455304,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Jun 2026 08:37:23 GMT","end":"Mon, 14 Sep 2026 08:37:22 GMT"},"fingerprint":{"sha1":"CD:5B:53:23:61:72:75:37:AD:E9:F1:74:B2:D2:EE:09:81:05:55:E1","sha256":"9F:07:21:2D:14:EB:C5:C0:D4:2B:42:E4:55:80:7A:BB:AF:47:A8:BC:0C:5E:05:F3:2A:2B:1F:2A:78:4D:FF:D7"}}},"request":{"raw":"GET /s/dmsans/v17/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K6z8GXhnU0.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://gavewex.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 36932\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Jul 2026 04:44:35 GMT\r\nexpires: Fri, 09 Jul 2027 04:44:35 GMT\r\ncache-control: public, max-age=31536000\r\nage: 310180\r\nlast-modified: Wed, 10 Sep 2025 16:31:03 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":36932,"size_decoded":37745,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 36932, version 1.0","md5":"7c87a648293fbb5b2924aafaa59e8aea","sha1":"c57593e0adc4cf99dd9e67cb782242220a061a9d","sha256":"9fea608a947e67020c33cad9a6fe3d60c54119dfb8cff87768a8117a15ed7543","sha512":"764ced325a768dca84e1fb0cc458818239ce379dbcbdb324ee8849bbe15f54e3f0254ae6e52ee5a92741840637b4f9885d246a0978af23176b3acfe5b9cec23f","ssdeep":"768:mMQPOAQQKW6GccoXQ+OGpHNzXgtDM0SVu7P3nqtPl9Bf2csDpHUjbYE8j2:mMQz4W5og+tpH6tDJku73EPlPOcs5U/l","tlshash":"c0f2f23e7ea5691487c2b0be506b00935344c9bd37c18121bbb953f44ea67addc5d63c","first_seen":"2025-09-11T17:08:25.889763Z","last_seen":"2026-07-13T10:54:12.396632Z","times_seen":29702,"resource_available":false,"data":null}},"time_used":116,"timings":{"blocked":29,"dns":0,"connect":0,"send":0,"wait":46,"receive":41,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/games/trytostart/1352.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:18.230Z","timestamp":1783882458230,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /games/trytostart/1352.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:18 GMT\r\netag: W/\"37a2f-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nCrHvJPIls6ECUyqt8rTg2zXZ7xpIc0zE1Lo8vHasSgATw52ZinI9MykPdv1M6mJvXsiYtDt0JRIi9TQa6ySJD1Zk7HN1E8CP%2F1RKKJU%2F56dOd1ECT9ot5ct8WMQUQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a24173f9c9b51e-OSL\r\ncontent-length: 227887\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":227887,"size_decoded":228813,"mime_type":"image/webp","magic":"PNG image data, 360 x 472, 8-bit/color RGB, non-interlaced","md5":"73175af9bbb796c9ff980818588755af","sha1":"12fa456b38b4674f9af18c3fcdd7867f791fad98","sha256":"d8d021ab1afb609bb0ce1937610b4cc1029c01efe935041569c240dd686f204d","sha512":"b468a98d7f5b297af1ba4f37596ed133b2d90064148c3bbc33e7bc217e6e1a41220c9c1c4b26e079a13400dcde8097fe94748df7fd9b13825bd6ee0008128825","ssdeep":"6144:5qcAhqfzGIpDobWf1WWzvnX840aumhm6YDbod:72qYW9WWzf84dBhsod","tlshash":"392423903e33db65a2778e3458fd93583b66e9069060d62cbcbb48eec524f93450bb25","first_seen":"2026-07-10T09:45:03.498623Z","last_seen":"2026-07-12T22:01:35.259349Z","times_seen":16,"resource_available":false,"data":null}},"time_used":134,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":99,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/slots/gates-of-olympus.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:45.202Z","timestamp":1783882485202,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/slots/gates-of-olympus.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=cd41ed34de2ac3de76932a8b749c5d730909013f8f9d61088bb21da66ae9f534%7C7ba07ecba927bcb8416ec32c4b08c0e0e95acc359e315e06cb5fc42905debb32; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:45 GMT\r\netag: W/\"f0d8-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=c4dF3v%2FSqle4RdYumZaTBvMQWqbzk%2F9Fss44I6L9CyoP29QTJGXi0aLYjXvdIo6lMz3bL6yFJaQ4Tf1ZHiDgN3gBvPlpsAKYC8SwYzwFpYNm7Wiyxa64X%2BlPnOZKMg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2421c8bb5b51e-OSL\r\ncontent-length: 61656\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":61656,"size_decoded":62659,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"5385dc5af3e323a64c8d460d53b38ea7","sha1":"afc4f25c210eac7f54158ffd13150d59beeeadeb","sha256":"5ffe571c58535b5f6923bf0b35f0b27c36c239359e768471b98115af0412fbd3","sha512":"c7a53ad11441621d6e599f71718d8688d94957852071c5599d29b56fd31de6c11780a9b5f21978ff6fdaad1893f2081d561f1687e0997b53186b26c744d0f1bc","ssdeep":"1536:GoHQqhP4lyxAukMALYYqYxxYw8XA6e4cr2Qfm:fhP4cWnMAI+xKXnc3fm","tlshash":"ed5302d492d4b92234c2583c7abb02585424e6e42712d59a737b769cfc32e89fcef885","first_seen":"2026-07-10T09:45:03.47386Z","last_seen":"2026-07-12T22:01:35.276397Z","times_seen":17,"resource_available":false,"data":null}},"time_used":90,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":48,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/slots/starlight-princess.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.978Z","timestamp":1783882454978,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/slots/starlight-princess.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:15 GMT\r\netag: W/\"17660-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PlXBlXLvHdfT%2BvYeiRHJ2Fek7v7SVIUzq0FQMIaipRXOBv7WyJoGpzMhIOjspyRAS9BAMf6m%2FLeHz9tO3J7t0obaqHm%2BtazXTFeCcWbkDoJLqGMUzgzftLSmACryKA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2415f98a7b51e-OSL\r\ncontent-length: 95840\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":95840,"size_decoded":96841,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"9824b494b8ade7c0157812b4aacaec2c","sha1":"d57539bf59f9115e0ed688bf2a0d6c52463e8fcf","sha256":"6c5adb95eeb1a45770a8d30d019378335141a52e1af4472b0cf4b4645ed93f6f","sha512":"e1942c4af37eb41984eb54b63afdf61f4264b023afcec48b8fca603883093002d21f90db0aaec5ef65ff0bc485fa5991eba74393b18181ea1c146c039c058d42","ssdeep":"1536:HGXhI6Tit+KvC2DM768fnbxPExl0l9lWlXY+nuCnt+8V+b5I7GKI6Izs:mS6Tu+KvXY7JfnbxsDa9liXY+nDt+8YS","tlshash":"769302da9eb729e7f6419b36062479c256fd49dd66239e3032c9e18ccf740f442ce892","first_seen":"2026-07-10T09:45:03.50984Z","last_seen":"2026-07-12T22:01:35.260154Z","times_seen":17,"resource_available":false,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":143,"receive":73,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/lab/slots/big-bass-bonanza.webp","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.979Z","timestamp":1783882454979,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /lab/slots/big-bass-bonanza.webp HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:54:15 GMT\r\netag: W/\"169c6-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Dw2pMIx8SFVlddUtuNuUE63CnuiOYZ7EOXx4BrG8JXaet5sKMseyO6Rrj3nPBcsa24iIvMZolVnvW1MXgCewSTLbOYfivM6VXJh%2BFWe2J09etUvm5B3e8BOO%2BwWCtQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2415f98a8b51e-OSL\r\ncontent-length: 92614\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":92614,"size_decoded":93613,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"443881f8c79d4de0a637df4ce96b3c19","sha1":"cbd10da798bfd8caf5d234360dc274c93b600900","sha256":"2e4b3955d6828099b57a5ccc9d325301b8abb126295de75f5317130d43a76691","sha512":"4d88e453ae4284e8fb7c32ebf84c645b5999e417279bccecc045871908df72432d08792bff06f102720ded6ebb7c282c54939150ce7d9125c2cb1b63e9f0bf98","ssdeep":"1536:bxW89UOQSeptnJIDxEwfsD6bM/o6mcf/CVu87qON304H+1+tydijszMYrFVGL:bxWMUOaudPs+bMA6NKfX304HNIdig4Ya","tlshash":"619302db442be59d773b0bbc7aa98f7669db11446824d316313ca0253af826184ec1f3","first_seen":"2026-07-10T09:45:03.456319Z","last_seen":"2026-07-12T22:01:35.307519Z","times_seen":17,"resource_available":false,"data":null}},"time_used":196,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":148,"receive":48,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavewex.com/images/payments/ethereum-eth-logo.svg","fqdn":"gavewex.com","domain":"gavewex.com","tld":"com"},"ip":{"addr":"172.67.140.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gavewex.com/","date":"2026-07-12T18:54:14.988Z","timestamp":1783882454988,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gavewex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:48 GMT","end":"Sat, 03 Oct 2026 19:16:21 GMT"},"fingerprint":{"sha1":"76:07:BF:52:7B:78:48:5F:25:11:77:4A:50:74:6D:90:41:0C:62:8F","sha256":"98:F3:DE:83:60:38:FB:C8:D6:D1:58:40:89:9D:8E:25:69:4A:E6:9F:D3:4D:6D:A5:04:2E:B7:70:D2:C6:B3:FF"}}},"request":{"raw":"GET /images/payments/ethereum-eth-logo.svg HTTP/1.1\r\nHost: gavewex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://gavewex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-encoding: gzip\r\ncontent-type: image/svg+xml\r\ndate: Sun, 12 Jul 2026 18:54:15 GMT\r\netag: W/\"541-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GcOi5ZYaP6A%2B%2B2ELjetKTDZnAjbvCByqd%2B0PPVEnKZXbzr%2BfaOnHQmntvvAqcXLFu744w%2FB8q62Hdr20797o2pKT0t3FNPnuZnsv0p6C3QB7CrzaOFssH4nAH9x3tA%3D%3D\"}]}\r\ncf-ray: a1a2415fa8aeb51e-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1345,"size_decoded":1563,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"7c19954628081bf6fd772fa0d0819547","sha1":"9c1d03cc04bb9d2e2f8577ad561abb9c9ac9dae5","sha256":"066b2a60df66fbe2c11bbf7d37201552fd27e4edca73cac4a3e7ebda3ceb2486","sha512":"3f40c39fa2e06194f6957ad2bb7cf6c752dd9ad12eaefe891a56380496d85f383331fc4c557b42f3cd897bdfa02c87d4f27ff457b1c11ecdbba6053ff2549ff4","ssdeep":"","tlshash":"fc21eef5ad9e6991c5fe83b4b5fc91532853c0cf008a0880fac07681ac066fe4e42adc","first_seen":"2023-10-24T01:06:33Z","last_seen":"2026-07-12T22:01:35.247599Z","times_seen":825,"resource_available":false,"data":null}},"time_used":140,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":140,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"gavewex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}
