{"report_id":"12319e5d-4882-4f00-ab8d-ba4739d7d9b8","version":6,"status":"done","tags":[],"date":"2026-01-30T07:01:35Z","url":{"schema":"https","addr":"shibw.top/","fqdn":"shibw.top","domain":"shibw.top","tld":"top"},"ip":{"addr":"172.67.149.45","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"shibw.top/","fqdn":"shibw.top","domain":"shibw.top","tld":"top"},"title":"REWARD Portal v2 | Latest Web3 Wallet","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"shibw.top/","fqdn":"shibw.top","domain":"shibw.top","tld":"top"},"ip":{"addr":"172.67.149.45","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-06T07:01:35Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"shibw.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"shibw.top","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-12-13","domain_rank":0,"first_seen":"2026-01-30T06:01:32.428112Z","last_seen":"2026-01-30T06:01:32.428112Z","alert_count":15,"request_count":15,"received_data":6652823,"sent_data":7074,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"shibw.top/583e07b1-3513-4e3e-88cc-a7197e7003d3","fqdn":"shibw.top","domain":"shibw.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"f11bcdc7b7757c117a8de0db3a4c25b8","sha1":"962e4d08a960106c829d0f9d492d7b891927adab","sha256":"b60b89c0c92cf57329c8590a2c5540cece4def64e4e7bf04f2d39b8ffa3b2748","sha512":"7461553dadb09db423bda8c47a58f8cdade82aa710a0f4415cde912e7a88cd4471ea86aa58a2e5097c90e2cb45ac410104019c56a04c35955e827f0bb0796040","ssdeep":"6144:vkWGL6BSn5NGCk3zi0mCw8wLPNU2HZjGfty3:cjkSnv1k20mCwFnHRGfty3","tlshash":"1044810609ac4f7986ec22e015f72cc401794e0ad9dc3cbfb9ada1579e25bd6e0c279d","size":259964,"data":"","first_seen":"2025-07-13T03:04:16.940864Z","last_seen":"2026-04-24T13:51:29.422084Z","times_seen":4994,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"shibw.top/","fqdn":"shibw.top","domain":"shibw.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"a71f4c7a5c59e3cdf205bc8573c81a6e","sha1":"e6ce6a4c675a8315ff14f5a9133a6e5cd043b0cd","sha256":"4641264f656ee0929cdefcd5f094eb9a04d60115f62dc3ebf63aadb7dc64ebef","sha512":"d7ba08f02b1c22f34940584b48f1ed1135f7dbeaa507db679a0f3e622b08cb7a65ee2af14ddbf1d4b70922ca6be51db0282c7f26d6e6be713d46b035f9291d76","ssdeep":"1536:OXeIyA9XeIyAKMsJGQnCyDrfoRiHAxlU3fCt5tqFo:9tRJGQroRiHAxlUKjo2","tlshash":"e683b5d8594bd4d04e0512ded873e949e1288e63cdacf067a22eddc1b66df2286c317b","size":88575,"data":"","first_seen":"2026-01-24T13:42:08.577959Z","last_seen":"2026-01-30T07:01:39.056989Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"e718565daf69b38adc8773c01c4b334d","sha1":"e6cb7d0090b16f5dda673e648b57a723125e50c6","sha256":"c79af11be6976f878ceaff95f9192d21cf3a88fd0f1cf2c11058d5b9ba0900a0","sha512":"680fe7a31d49b637a0dac817491fce0010715f13a7d6e7663abe2e181b6baf9ad607d0ea189a965fde45cc1d99c4e8988a69ff74ef48761c61d2ad24525537b6","ssdeep":"","tlshash":"02d023d92876c8307195034660b6d7d436613090b711b50081d9cc3b5e31dd318b365c","size":217,"data":"","first_seen":"2026-01-30T07:01:39.058212Z","last_seen":"2026-01-30T07:01:39.058212Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"shibw.top/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"shibw.top","domain":"shibw.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6090563a085b7311dd6680fa9494499d","sha1":"b75503f8fce867949dc6b65cd4979363164dd035","sha256":"27b693017aafae35f9e8ef8c82d3eacd54128c52c78e92e60e8131afe5f05c3b","sha512":"a068f5e5ad0d1f30fbed1575bfc302c067eaa0eddf43f2751ec3e41d7c66191741d383a9ae8804102c4a1d1fc31c6ded11f4f0de68ff75ba417eb158a334737e","ssdeep":"384:WDaluQXiSWB503tHDWXb7QDJJ6kAK2en/zO4yVTRuQC5eSySmhVcg0MRe:2XB+3tHDyknAyS4mTgKcgn0","tlshash":"c9a2b88b79eaf56153377474106f74cab6aaac637408ba04c360dca8bc7134cd657fa8","size":21807,"data":"","first_seen":"2026-01-30T06:39:08.42094Z","last_seen":"2026-01-30T07:12:44.705162Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"shibw.top/zoom-1.6.9.js","fqdn":"shibw.top","domain":"shibw.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"41f8adb97798a901d2803ee7672f9925","sha1":"54fc7b29497a5d164c8ac270d316ddee090d9496","sha256":"a1be01ced39ae2a635ec4f31ab3c8f39b918dd19145f6678b7de9a81967efb36","sha512":"297a6404e552433aeabf2e6be1eadc8f31c8b3e87f2d817b60da3326fb359614e41fd5287b0bf3b8290a8387be7a86767f20da3b4cc89290fbbc7f97bf4e91ca","ssdeep":"1536:LXeIyA9XeIyAKMuHUqVxbVJ62c2hm0DXPvoRiHAxlUVdebV1X8D5:2JnU4TJ6wjoRiHAxlUGR1M1","tlshash":"6993a6da194ad4d44e0512dec473e948e1188e63cdecf057e62edcc2b66df26868327b","size":91959,"data":"","first_seen":"2026-01-24T13:42:08.561716Z","last_seen":"2026-01-30T07:01:39.050902Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"shibw.top/","fqdn":"shibw.top","domain":"shibw.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"133887e92c2f55390a1a90109b8ee3ba","sha1":"9f6d95197babf2483111859dfe23afd7bfaa90cc","sha256":"61bf2bd4a2ac60e4286acc7d8190a01c5d4b8fb3bdd950159e031d3cc186cc4f","sha512":"1d9875ae0a132e8b8ef53275b5983573d71ae44f9d9a7ca7b7eba509f9ca8aa2e5b43a786a4f4dde2557d6940ed89114928711206e8b1ad05ee5d466b2b7ed9f","ssdeep":"","tlshash":"9111c4b53a165534d5c54147317ee7a93d3260617a02a044c26ccc355d18dc714efdbe","size":902,"data":"","first_seen":"2026-01-30T07:01:39.060108Z","last_seen":"2026-01-30T07:01:39.060108Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"shibw.top/assets/471c09743f2ae171051f13575fa99b3a0700ca77.ttf","fqdn":"shibw.top","domain":"shibw.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://shibw.top/","date":"2026-01-30T07:01:12.998Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"shibw.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Dec 2025 18:53:03 GMT","end":"Fri, 13 Mar 2026 19:51:47 GMT"},"fingerprint":{"sha1":"FC:D0:AA:59:B5:DF:36:A5:9C:B3:30:A6:2D:2E:28:47:20:44:2A:08","sha256":"04:A8:AA:21:00:1C:C9:A9:BB:50:23:15:72:6C:64:3C:75:9D:C2:0B:39:7D:B7:8E:36:B4:5D:64:D0:A5:C8:E9"}}},"request":{"raw":"GET /assets/471c09743f2ae171051f13575fa99b3a0700ca77.ttf HTTP/1.1\r\nHost: shibw.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://shibw.top/assets/C.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:01:12 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Fri, 23 Jan 2026 18:38:36 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nage: 3604\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7HzUldo2DVRL0OMQY25T22g3wfnPAL%2F6NZKSNFuIxyinUS404xeGOTnWIfV18vJg4Twsj1F0wVHXqQ437CuAp1Up7RT%2BNRI%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9c5f18c439770b59-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3523,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (365), with CRLF line terminators","md5":"5ac305cf0dc9ecdb6befafab2314e6ef","sha1":"cb4028d3ad12472ee1c99464be40a9ae5ae7a9de","sha256":"1edb7b2319d4c9cf94d14be3e056156520e65cfee33ae023dd226dd0eec57e67","sha512":"24542fc4cf860f32b8b57e839b1dec34c27767c7b04705773520cc64d14d961231125804b49dc6630bebb8cb14dc646c8aca25dee12b496824cbc06c710727db","ssdeep":"","tlshash":"71710d9044d194260073c1d599619befeea152038b8ab52431fc3beb3ffbd14982749e","first_seen":"2026-01-24T13:42:08.56504Z","last_seen":"2026-01-30T07:01:39.039024Z","times_seen":7,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"shibw.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"shibw.top/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"shibw.top","domain":"shibw.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://shibw.top/","date":"2026-01-30T07:01:13.020Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"shibw.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Dec 2025 18:53:03 GMT","end":"Fri, 13 Mar 2026 19:51:47 GMT"},"fingerprint":{"sha1":"FC:D0:AA:59:B5:DF:36:A5:9C:B3:30:A6:2D:2E:28:47:20:44:2A:08","sha256":"04:A8:AA:21:00:1C:C9:A9:BB:50:23:15:72:6C:64:3C:75:9D:C2:0B:39:7D:B7:8E:36:B4:5D:64:D0:A5:C8:E9"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1\r\nHost: shibw.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\ndate: Fri, 30 Jan 2026 07:01:13 GMT\r\ncontent-length: 0\r\ncf-ray: 9c5f18c449820b59-OSL\r\nlocation: /cdn-cgi/challenge-platform/h/b/scripts/jsd/d251aa49a8a3/main.js?\r\ncache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public\r\naccess-control-allow-origin: *\r\npriority: u=3,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=2OElJVWWusy3h3cDLOzkz29OUxVTHadNieqh%2FB0QbED89RZr%2F590sSnoHoGBiT%2FL644nFSFNLxsdfd19jGnk7D%2BaWuYL8QvbbL6G3SEwgJvHtczSsItQu6WXOIw%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=3205\u0026min_rtt=1100\u0026rtt_var=2927\u0026sent=265\u0026recv=28\u0026lost=0\u0026retrans=0\u0026sent_bytes=291002\u0026recv_bytes=4636\u0026delivery_rate=39817243\u0026cwnd=134400\u0026unsent_bytes=0\u0026cid=4f37d12b460b20df\u0026ts=454\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21807,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T11:55:25.345466Z","times_seen":14177140,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"shibw.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"shibw.top/secureproxy?e=jscdn/getFile","fqdn":"shibw.top","domain":"shibw.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://shibw.top/","date":"2026-01-30T07:01:13.027Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"shibw.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Dec 2025 18:53:03 GMT","end":"Fri, 13 Mar 2026 19:51:47 GMT"},"fingerprint":{"sha1":"FC:D0:AA:59:B5:DF:36:A5:9C:B3:30:A6:2D:2E:28:47:20:44:2A:08","sha256":"04:A8:AA:21:00:1C:C9:A9:BB:50:23:15:72:6C:64:3C:75:9D:C2:0B:39:7D:B7:8E:36:B4:5D:64:D0:A5:C8:E9"}}},"request":{"raw":"POST /secureproxy?e=jscdn/getFile HTTP/1.1\r\nHost: shibw.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://shibw.top/\r\nContent-Type: application/json\r\nContent-Length: 37\r\nOrigin: https://shibw.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":37,"data":"{\"permit_key\":\"b3waf62ps3t6nidubhco\"}"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:01:13 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding, origin, access-control-request-method, access-control-request-headers\r\nx-content-type-options: nosniff, nosniff\r\nx-xss-protection: 1; mode=block, 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hKL5EgV0T7CJzk7DiBe3StSmVyVCRhtcrPwsCswKSdUdOdSESpwlRyZqiBvr3CiMF8kfn9oL4DL%2FdDzbxdX5lvpRbN9jiNdcQUJl%2FGdrYSMSBA%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\npriority: u=4,i=?0\r\ncf-ray: 9c5f18c459910b59-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6009870,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"7d6506cbfd4fb48b8cbcd8796a1c7ff1","sha1":"ffe61a10602f5c8bec8d0ab580798fab96d15b4f","sha256":"7e700cd24f82ea2ff424a2641aa233037cb3a6069d431f46a32b26a8f7564026","sha512":"211931fe34f88228f588459d28811eda9fb0adf6429f917123bfc11fd4b647f89cdbb3f36737ff9ea39aed5a2263d705465fe72923b89ac05e3a6a99b9ae5b6f","ssdeep":"24576:Vqkpq1V6Qpit8ThhoT2H1wmfuj1PDFywW014Kbn:sgq1V6sitiMyGouj1PBySZ","tlshash":"b92513c7f01260c12a58b536bbd25dea289b604d2ed291752b8cfd1820ef974c7d5be3","first_seen":"2026-01-30T06:01:39.128084Z","last_seen":"2026-01-30T07:01:39.042974Z","times_seen":2,"resource_available":false,"data":null}},"time_used":858,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":350,"receive":508,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"shibw.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"shibw.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/d251aa49a8a3/main.js?","fqdn":"shibw.top","domain":"shibw.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://shibw.top/","date":"2026-01-30T07:01:13.054Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"shibw.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Dec 2025 18:53:03 GMT","end":"Fri, 13 Mar 2026 19:51:47 GMT"},"fingerprint":{"sha1":"FC:D0:AA:59:B5:DF:36:A5:9C:B3:30:A6:2D:2E:28:47:20:44:2A:08","sha256":"04:A8:AA:21:00:1C:C9:A9:BB:50:23:15:72:6C:64:3C:75:9D:C2:0B:39:7D:B7:8E:36:B4:5D:64:D0:A5:C8:E9"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/d251aa49a8a3/main.js? HTTP/1.1\r\nHost: shibw.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:01:13 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncontent-encoding: br\r\ncache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public\r\nx-content-type-options: nosniff\r\npriority: u=3,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=CWQmH3SyMfdSin84wiqXU5Z01oSiKWIRuWyjgs9Dw1zmgtitG%2F8scwK2HX1My6imDPVPqxfdAVY%2B%2Bn5BZ1LQMKFiCWZFDXKdS1w8JOFJA6Hfs%2B1sTF1OWQT3JwI%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 9c5f18c499a70b59-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=3000\u0026min_rtt=1100\u0026rtt_var=2605\u0026sent=267\u0026recv=30\u0026lost=0\u0026retrans=0\u0026sent_bytes=291750\u0026recv_bytes=4944\u0026delivery_rate=39817243\u0026cwnd=134400\u0026unsent_bytes=0\u0026cid=4f37d12b460b20df\u0026ts=495\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21807,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (21807), with no line terminators","md5":"6090563a085b7311dd6680fa9494499d","sha1":"b75503f8fce867949dc6b65cd4979363164dd035","sha256":"27b693017aafae35f9e8ef8c82d3eacd54128c52c78e92e60e8131afe5f05c3b","sha512":"a068f5e5ad0d1f30fbed1575bfc302c067eaa0eddf43f2751ec3e41d7c66191741d383a9ae8804102c4a1d1fc31c6ded11f4f0de68ff75ba417eb158a334737e","ssdeep":"384:WDaluQXiSWB503tHDWXb7QDJJ6kAK2en/zO4yVTRuQC5eSySmhVcg0MRe:2XB+3tHDyknAyS4mTgKcgn0","tlshash":"c9a2b88b79eaf56153377474106f74cab6aaac637408ba04c360dca8bc7134cd657fa8","first_seen":"2026-01-30T06:39:08.42094Z","last_seen":"2026-01-30T07:12:44.705162Z","times_seen":5,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"shibw.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"shibw.top/assets/C.css","fqdn":"shibw.top","domain":"shibw.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://shibw.top/","date":"2026-01-30T07:01:12.733Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"shibw.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Dec 2025 18:53:03 GMT","end":"Fri, 13 Mar 2026 19:51:47 GMT"},"fingerprint":{"sha1":"FC:D0:AA:59:B5:DF:36:A5:9C:B3:30:A6:2D:2E:28:47:20:44:2A:08","sha256":"04:A8:AA:21:00:1C:C9:A9:BB:50:23:15:72:6C:64:3C:75:9D:C2:0B:39:7D:B7:8E:36:B4:5D:64:D0:A5:C8:E9"}}},"request":{"raw":"GET /assets/C.css HTTP/1.1\r\nHost: shibw.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://shibw.top/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:01:12 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Fri, 23 Jan 2026 18:38:36 GMT\r\netag: W/\"6973c02c-85bf\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 3604\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=m36u8Ia4OZImux19OZHHpfZ3xepB72vcOPpplzZzT2VjeBGr7Jqch5pwjaFqg9Val1%2FBAC2bIOawid85NJf%2F%2B0fBchFheOQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f18c288490b59-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":34239,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (383), with CRLF line terminators","md5":"4583fd9217bf39632ef43a05ae22da4e","sha1":"1ee1bb9382cc635753d01301b371110bd0cf1553","sha256":"d59de1c4f49d3fb143d0697e8dafb5f616ea443a6634f2c69037e0155bf9b770","sha512":"38c222e824420c59f12f3ebd56e971a4dc09b9fc474aef0f79c4b35a86fb6585566cf66299c3dca5778cb3ba61aed7a657d90d2e00a27a612be370f489670452","ssdeep":"192:Vk0zi2BPkSGw1dZk/5AVpk6pVTPDt90sBq3B2tK1pe+jikFNrT+nDrl6CDwU1Xzo:Vk0zVPh1ofHEbNJVXK","tlshash":"26f2231a850211029133eea46bf60609f7e504278f4392e97ada7255cfff67846e2fcc","first_seen":"2024-07-06T23:44:54Z","last_seen":"2026-04-06T22:57:01.766113Z","times_seen":119,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"shibw.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"shibw.top/assets/ionicons.ttf","fqdn":"shibw.top","domain":"shibw.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://shibw.top/","date":"2026-01-30T07:01:12.932Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"shibw.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Dec 2025 18:53:03 GMT","end":"Fri, 13 Mar 2026 19:51:47 GMT"},"fingerprint":{"sha1":"FC:D0:AA:59:B5:DF:36:A5:9C:B3:30:A6:2D:2E:28:47:20:44:2A:08","sha256":"04:A8:AA:21:00:1C:C9:A9:BB:50:23:15:72:6C:64:3C:75:9D:C2:0B:39:7D:B7:8E:36:B4:5D:64:D0:A5:C8:E9"}}},"request":{"raw":"GET /assets/ionicons.ttf HTTP/1.1\r\nHost: shibw.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://shibw.top/assets/ionicons.min.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:01:12 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Fri, 23 Jan 2026 18:38:36 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nage: 3604\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=O1p%2BncKZnXxZbnv8HGYO4pMkeQVXEBPNQBE%2BC3KiC20JSOGWmgz4bZcN3M4B%2BaeovjM6tfLwXJ%2FJRzjKj3LzENPYjQLiJJI%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9c5f18c3d9420b59-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3523,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (365), with CRLF line terminators","md5":"5ac305cf0dc9ecdb6befafab2314e6ef","sha1":"cb4028d3ad12472ee1c99464be40a9ae5ae7a9de","sha256":"1edb7b2319d4c9cf94d14be3e056156520e65cfee33ae023dd226dd0eec57e67","sha512":"24542fc4cf860f32b8b57e839b1dec34c27767c7b04705773520cc64d14d961231125804b49dc6630bebb8cb14dc646c8aca25dee12b496824cbc06c710727db","ssdeep":"","tlshash":"71710d9044d194260073c1d599619befeea152038b8ab52431fc3beb3ffbd14982749e","first_seen":"2026-01-24T13:42:08.56504Z","last_seen":"2026-01-30T07:01:39.039024Z","times_seen":7,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"shibw.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"shibw.top/zoom-1.6.9.js","fqdn":"shibw.top","domain":"shibw.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://shibw.top/","date":"2026-01-30T07:01:12.729Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"shibw.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Dec 2025 18:53:03 GMT","end":"Fri, 13 Mar 2026 19:51:47 GMT"},"fingerprint":{"sha1":"FC:D0:AA:59:B5:DF:36:A5:9C:B3:30:A6:2D:2E:28:47:20:44:2A:08","sha256":"04:A8:AA:21:00:1C:C9:A9:BB:50:23:15:72:6C:64:3C:75:9D:C2:0B:39:7D:B7:8E:36:B4:5D:64:D0:A5:C8:E9"}}},"request":{"raw":"GET /zoom-1.6.9.js HTTP/1.1\r\nHost: shibw.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://shibw.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:01:12 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Fri, 23 Jan 2026 18:38:36 GMT\r\netag: W/\"6973c02c-16737\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 3604\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=93SUPRHgEwqgr2CQizi3%2BnImdcBaylrHWIU%2F5Vo9LFnUxwEWyeHnjCDQGI96SA8mqlKa9ZCQJ3bZTtA6Db75%2FvQ1waFpDwA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f18c288450b59-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":91959,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"41f8adb97798a901d2803ee7672f9925","sha1":"54fc7b29497a5d164c8ac270d316ddee090d9496","sha256":"a1be01ced39ae2a635ec4f31ab3c8f39b918dd19145f6678b7de9a81967efb36","sha512":"297a6404e552433aeabf2e6be1eadc8f31c8b3e87f2d817b60da3326fb359614e41fd5287b0bf3b8290a8387be7a86767f20da3b4cc89290fbbc7f97bf4e91ca","ssdeep":"1536:LXeIyA9XeIyAKMuHUqVxbVJ62c2hm0DXPvoRiHAxlUVdebV1X8D5:2JnU4TJ6wjoRiHAxlUGR1M1","tlshash":"6993a6da194ad4d44e0512dec473e948e1188e63cdecf057e62edcc2b66df26868327b","first_seen":"2026-01-24T13:42:08.561716Z","last_seen":"2026-01-30T07:01:39.050902Z","times_seen":7,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"shibw.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"shibw.top/assets/f2fa90d264ae0063b0cda7fee6721b405dd4b866.ttf","fqdn":"shibw.top","domain":"shibw.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://shibw.top/","date":"2026-01-30T07:01:12.929Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"shibw.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Dec 2025 18:53:03 GMT","end":"Fri, 13 Mar 2026 19:51:47 GMT"},"fingerprint":{"sha1":"FC:D0:AA:59:B5:DF:36:A5:9C:B3:30:A6:2D:2E:28:47:20:44:2A:08","sha256":"04:A8:AA:21:00:1C:C9:A9:BB:50:23:15:72:6C:64:3C:75:9D:C2:0B:39:7D:B7:8E:36:B4:5D:64:D0:A5:C8:E9"}}},"request":{"raw":"GET /assets/f2fa90d264ae0063b0cda7fee6721b405dd4b866.ttf HTTP/1.1\r\nHost: shibw.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://shibw.top/assets/C.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:01:12 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Fri, 23 Jan 2026 18:38:36 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nage: 3604\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ns3UyjE0tkQ8ZLnhZlc8xQ9OgPMiarZWSCAnAn1GFKu%2Bc6nr0rDDlLdDBDVpC1h4AGkA%2Bw2dc1418KgTZcXdmX%2BVhTqOJ7E%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9c5f18c3d9390b59-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3523,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (365), with CRLF line terminators","md5":"5ac305cf0dc9ecdb6befafab2314e6ef","sha1":"cb4028d3ad12472ee1c99464be40a9ae5ae7a9de","sha256":"1edb7b2319d4c9cf94d14be3e056156520e65cfee33ae023dd226dd0eec57e67","sha512":"24542fc4cf860f32b8b57e839b1dec34c27767c7b04705773520cc64d14d961231125804b49dc6630bebb8cb14dc646c8aca25dee12b496824cbc06c710727db","ssdeep":"","tlshash":"71710d9044d194260073c1d599619befeea152038b8ab52431fc3beb3ffbd14982749e","first_seen":"2026-01-24T13:42:08.56504Z","last_seen":"2026-01-30T07:01:39.039024Z","times_seen":7,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"shibw.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"shibw.top/assets/logo.png","fqdn":"shibw.top","domain":"shibw.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://shibw.top/","date":"2026-01-30T07:01:13.002Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"shibw.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Dec 2025 18:53:03 GMT","end":"Fri, 13 Mar 2026 19:51:47 GMT"},"fingerprint":{"sha1":"FC:D0:AA:59:B5:DF:36:A5:9C:B3:30:A6:2D:2E:28:47:20:44:2A:08","sha256":"04:A8:AA:21:00:1C:C9:A9:BB:50:23:15:72:6C:64:3C:75:9D:C2:0B:39:7D:B7:8E:36:B4:5D:64:D0:A5:C8:E9"}}},"request":{"raw":"GET /assets/logo.png HTTP/1.1\r\nHost: shibw.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://shibw.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:01:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 160579\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Fri, 23 Jan 2026 18:38:36 GMT\r\netag: \"6973c02c-27343\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 3604\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WwY8VBvBa4yq8WDp6lylg5UyyrFq9Z9FlHDUDr3ExegQAR%2FEPTKTvhy6oeUXm4U2zhTw9nx%2FmTrSUCheFAsLBv7xGmiTaUs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f18c4397a0b59-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":160579,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 3258 x 3258, 8-bit/color RGBA, non-interlaced","md5":"86b356aa4636232f3e200c65d2a8b6b4","sha1":"3f415cd75e8a755a032ae16a3406c41dcc2d667a","sha256":"7af0cf14f1d0a35e2446b1ad8db4fc424c6735c4ca2ded1410f8d3ad69456913","sha512":"a2e8a2b8039b0a0f3fbd8d4a89554b313f7cab24530426eafc2d9a1b63e5c126fb419b61826894a2cc5f42f2c298151cec05d0e73aae55f419da60ad02b45a38","ssdeep":"1536:oU+xMzsj5wW0nmkkIX0fJNWuimucyv/QqBqdXi532C6yeoGBtAtFpj9j8GgG8cSx:3+az2GRnb3p/532RFK7ph8GZ2qiXK+","tlshash":"59f34beb9f2bccf9856a317f7baf0c2296d1db656395928653c1c11f7f8d0200a05a8c","first_seen":"2023-05-21T17:02:57Z","last_seen":"2026-04-25T06:09:05.282175Z","times_seen":493,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"shibw.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"shibw.top/assets/ionicons.min.css","fqdn":"shibw.top","domain":"shibw.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://shibw.top/","date":"2026-01-30T07:01:12.731Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"shibw.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Dec 2025 18:53:03 GMT","end":"Fri, 13 Mar 2026 19:51:47 GMT"},"fingerprint":{"sha1":"FC:D0:AA:59:B5:DF:36:A5:9C:B3:30:A6:2D:2E:28:47:20:44:2A:08","sha256":"04:A8:AA:21:00:1C:C9:A9:BB:50:23:15:72:6C:64:3C:75:9D:C2:0B:39:7D:B7:8E:36:B4:5D:64:D0:A5:C8:E9"}}},"request":{"raw":"GET /assets/ionicons.min.css HTTP/1.1\r\nHost: shibw.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://shibw.top/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:01:12 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Fri, 23 Jan 2026 18:38:36 GMT\r\netag: W/\"6973c02c-c7fa\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 3604\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7WfKaikvm8UKiDNnZWo28BKFOd3g%2FRtMf6i%2BGWL9PpJiCZiiD%2F89GYNycNbPjyJicHWw8T8VCQV5aYqqU5j7%2BvWMd%2BDxMV4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f18c288480b59-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":51194,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (50712)","md5":"5d44a6d5067054794749ce8fa51b4831","sha1":"e490960af9916cfbfc700a2b938132c26d4367f1","sha256":"2935156540a7039310270c0598c48982bd8c0b18d5b93f3266cb08e82ed36962","sha512":"b44a508b9df68ecb70f7429ef08f8647573a2c3834b9fb440d7ab3304dceb930046934896aba986b114620c793f4e53bc9769363b09df8a992e8a23cc32621c4","ssdeep":"384:R48VIQhhJhjRqFdtYRjJIjsjaHnNfc2C4741mf5HRzL:R48phhjQFduRjJ7uHFcu7Smf5xzL","tlshash":"1d33f8e4d20c0dd0ab35c447ab49674858b5f7fbe4584ca8e42fd4ac39cb224a3e5b6d","first_seen":"2025-08-31T15:59:17.876224Z","last_seen":"2026-04-06T22:57:01.762927Z","times_seen":116,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"shibw.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"shibw.top/assets/ionicons.woff","fqdn":"shibw.top","domain":"shibw.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://shibw.top/","date":"2026-01-30T07:01:13.021Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"shibw.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Dec 2025 18:53:03 GMT","end":"Fri, 13 Mar 2026 19:51:47 GMT"},"fingerprint":{"sha1":"FC:D0:AA:59:B5:DF:36:A5:9C:B3:30:A6:2D:2E:28:47:20:44:2A:08","sha256":"04:A8:AA:21:00:1C:C9:A9:BB:50:23:15:72:6C:64:3C:75:9D:C2:0B:39:7D:B7:8E:36:B4:5D:64:D0:A5:C8:E9"}}},"request":{"raw":"GET /assets/ionicons.woff HTTP/1.1\r\nHost: shibw.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://shibw.top/assets/ionicons.min.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:01:13 GMT\r\ncontent-type: font/woff\r\ncontent-length: 67904\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Fri, 23 Jan 2026 18:38:36 GMT\r\netag: \"6973c02c-10940\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 3604\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RZ4FXOKGyZl4MfuOspPrYCHDb2uqo28Szw4iymTgMquY941AKM6QUReDpiSJ9hKv%2BKV8l%2BRzBtlQTM08wJF%2Bh8vr4BgejKw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f18c459880b59-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":67904,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 67904, version 0.0","md5":"2c159d0d05473040b53ec79df8797d32","sha1":"5524e1137e3552ccc4b142e64703bf4123b4e9b1","sha256":"a75e381026eced44f4e8d6ea4dc40e28e6a64dd953e8c0b6c239d1ac844c4a2d","sha512":"0e0273be313fc5c8ad48c4b697c7ae08b946888327755298cb87a3b3f4a39a0225ad6e9d46bed78cf4f498c66c6c83b4dc1d76b0c1891883d1edac480277f9c9","ssdeep":"1536:MWDL6msnGPDV3swi74RvqWjsUbG05GJyMkYb17hn0M0Rm09Z5QOybdVo:Z3MnaDzi4qWjrS05GoMkYb17hn0Nv8dO","tlshash":"39630226a2fe48b2cd9be4382e0c9fde538fd59c657c572c3234e0bf194d241598d964","first_seen":"2023-05-07T22:30:40Z","last_seen":"2026-04-23T21:28:08.793821Z","times_seen":233,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"shibw.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"shibw.top/assets/favicon.ico","fqdn":"shibw.top","domain":"shibw.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://shibw.top/","date":"2026-01-30T07:01:13.141Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"shibw.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Dec 2025 18:53:03 GMT","end":"Fri, 13 Mar 2026 19:51:47 GMT"},"fingerprint":{"sha1":"FC:D0:AA:59:B5:DF:36:A5:9C:B3:30:A6:2D:2E:28:47:20:44:2A:08","sha256":"04:A8:AA:21:00:1C:C9:A9:BB:50:23:15:72:6C:64:3C:75:9D:C2:0B:39:7D:B7:8E:36:B4:5D:64:D0:A5:C8:E9"}}},"request":{"raw":"GET /assets/favicon.ico HTTP/1.1\r\nHost: shibw.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://shibw.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:01:13 GMT\r\ncontent-type: image/x-icon\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Fri, 23 Jan 2026 18:38:36 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nage: 3603\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\npriority: u=6,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UVUP%2BNq3mH1XH3%2BkZo%2BZJtw529Xf7cNDTutlBaW4X3QxesDUlszOsYTfUtijPFpDdH83G4r10XYoEaJkhq2mjINIzfbF55I%3D\"}]}\r\netag: W/\"6973c02c-27343\"\r\ncontent-encoding: br\r\ncf-ray: 9c5f18c529e60b59-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":160579,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 3258 x 3258, 8-bit/color RGBA, non-interlaced","md5":"86b356aa4636232f3e200c65d2a8b6b4","sha1":"3f415cd75e8a755a032ae16a3406c41dcc2d667a","sha256":"7af0cf14f1d0a35e2446b1ad8db4fc424c6735c4ca2ded1410f8d3ad69456913","sha512":"a2e8a2b8039b0a0f3fbd8d4a89554b313f7cab24530426eafc2d9a1b63e5c126fb419b61826894a2cc5f42f2c298151cec05d0e73aae55f419da60ad02b45a38","ssdeep":"1536:oU+xMzsj5wW0nmkkIX0fJNWuimucyv/QqBqdXi532C6yeoGBtAtFpj9j8GgG8cSx:3+az2GRnb3p/532RFK7ph8GZ2qiXK+","tlshash":"59f34beb9f2bccf9856a317f7baf0c2296d1db656395928653c1c11f7f8d0200a05a8c","first_seen":"2023-05-21T17:02:57Z","last_seen":"2026-04-25T06:09:05.282175Z","times_seen":493,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"shibw.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"shibw.top/cdn-cgi/challenge-platform/h/b/jsd/oneshot/d251aa49a8a3/0.2620623429797771:1769754247:p-HVatQP1jwMDvPx-NaBN0vVFXiZBkhvdcxGpUs8rfE/9c5f18c17b8e56c9","fqdn":"shibw.top","domain":"shibw.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://shibw.top/","date":"2026-01-30T07:01:13.206Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"shibw.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Dec 2025 18:53:03 GMT","end":"Fri, 13 Mar 2026 19:51:47 GMT"},"fingerprint":{"sha1":"FC:D0:AA:59:B5:DF:36:A5:9C:B3:30:A6:2D:2E:28:47:20:44:2A:08","sha256":"04:A8:AA:21:00:1C:C9:A9:BB:50:23:15:72:6C:64:3C:75:9D:C2:0B:39:7D:B7:8E:36:B4:5D:64:D0:A5:C8:E9"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/b/jsd/oneshot/d251aa49a8a3/0.2620623429797771:1769754247:p-HVatQP1jwMDvPx-NaBN0vVFXiZBkhvdcxGpUs8rfE/9c5f18c17b8e56c9 HTTP/1.1\r\nHost: shibw.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 12132\r\nOrigin: https://shibw.top\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://shibw.top/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":12132,"data":"92KpaZHz0kewHwHnoHoI$oo$J$90$9pHDHnfK$QpYDej$bJ77sM4RDeoKIF$ep7r4$3zXpen$f3qHc4zhBFMF$7EFLF$0ru4$HZpH1$J7DH3kKf2QIaBJnKHPvJ1hVaP2p$CUXK24Q2uC2J-6s$$9zqfcku0$I4YHzS64sAeppYPq6CcfjhZUunyU4q$rk4B6pk8o$HSL5Vk0q30t0w9AX$H5+p$X$YCbxqHgB-DJCYEItMKQ2CLj-K0pt$Hrzp$hfImBgToFgp$iTbo+jCg0$$SLy3$uY$HThxpWYefU$eTIymY3dgoUs$$gzQpvcfzULh+Vvc294$fvqDV+Qc$$xYi0UYM0DffDfwD4$F8G$smUA4$Kc0qv1yTBC4HSvYYqgV+KeR-SRbuhxYACW$5K3g2JRKLGqAgdhHD7Epp00SyLtUi$0B+yaZoy8vQqTyi4lZz3oI3nf3tCaumA64HUzfp$ekfbjK-0u77Fn1iR1l97wMgQKx4w9v7TxMIS7-WhUI-r5KFvK$D1YZCSGbr3S5EZ$fh+Kj3fGym5xDy+6zZDobvIV2BJ0mJlUmAEHEoTtcyD49or50I+HXa+z8DEvb4$nedu7+ipI+AkiZ9kLkHqV6pVybXoUejgcfBFSumzkyfEvQUgHid4Ry4su+whcLL-kig2t-i0hz6Qptcjht+fo6zhQiygtpZySylXjX2p9$gD$SnQiup+t+awHFLZGyZb-nJ9btQIARcXLArxcAyUV9ZMGpf+$UdwZhyUcAl7MwnaEEK4FeYxG$eM3BZ8Za0ya4U$39UZpVgGoeMZOTHpeDRQIe27FDKnrEin79cjK2rc-VZmly0G2cPx$1mJ$KP$6mzIHkaUFZPKDFc0eDZyy94a$0aqUe1nYpm19qZmzk4S3Q94KQpYwDpZ0KJuEgKhHpaUDpqL6yKJy$k3qM42ZUsBFZux$$UtxKCc$pFxSF8ZRVAxK+pex$lcQok48VYB+Z6n4FZTRB9m9T4zo8G7I$30KXHTxK5fWzBtSZBPW4akYYA-hp4d3e92P27g-8gn41e20ZP$gu7FoSs0AjaBPuyokBHdHBPrUQ4gsfemfvYyIZFZA9q+Q$-UojR0q+p7fFvPpb4RVPRCtqcSASeEz9$0n1eHo$huLh0la0hpgeC7KR$uTUs3q2clnGOcFp39ewhyZqX0Rhga0Uw4F0KMDCZw76O0COm4Kpgm99A69defk4D$qVUXhJ74Ig9SqIJfYeDHSnmDcZsmlvYeaZald2IuWH7U0XkK01ZkUxwj9bOeJkmk9aH6pup0gxkpHf5AWKzCy8bqD0RRfsQpk47Uumk+cKZGPpxvC-3ooGw7UIZUAHDD9ZYqZRfUuRDHuqWwI+bqKp8x$-U-DWI08144uilqFZCJWFQ2pegH-l$BfOzDFppADk8bnEK$02Y-H2$5U$wkKRT0dpA-xYDkUxxW$WTOduMm2db0uahI$pqK9Zx76ZOP2Gi7bHXjiEQX1K8QXA-6fGZLARY9z+2n76AWPK0Agz9OVtsxw45sycJKtiaXltFp+UQeOWWXFpY$vth$wDSH$c$vszqCeSHp$qY$bOmWt+APdxGrHOzX$+l4I$C$3wc$paq5$EHup95JenKYSDWW5Hi3D0w9MjSYQgl1p$9S2xKSZFpHZ8R+e4DjI$iRCeDkqlQECkESSc7DD4tfjDny5QVmj1eiRajz0KhYF$972$31KwJYCkcYRYh$GYQcU$faqkBHJM2VboR6eq+LaUEKXYhcAzq+W9UZBzo0v8VcvRBuF1DhnK$hYMKS$YQly73HM0LYwKG5Qv52eQ$Z87I$DgU970Vr7Z7pVPf+QXT7u4Hp8HD9CP7KH0gFhKxf27$qjYopx8UBjnT24FkyKfLGDQSQpHhVbx-Z4zc2Hn18opeSL$HhQ7mvnZ44QUKyo$5pK9ZDHoZ5YGG-7V8FmAw4u4tm3HSH-ZqY4QCv7P3PLFh$rq5e1$3VPHl0f8-S4xK44GlzgxbKl5qS2IlAgb9ca3TGhl4eKc58Zopi7HQEmYh6T+PfLC$xCU08$yGfUf8fDL1h8yYyi-poEIo0VzCMgl5$VkO-6+KgHUH+UbGf1q7-kvHaGr40AuuE-ThFCVzqak85wjJIDrYXwCy9SYhTzp7A-FPK+vCKBhuyy8p-4$8ljuSvJPSrgB7wk8A+f64S1ZQz6PFcTpLH7Ab6M7gPnr$whQLFZ-qaoAqy1y4Z3YLv6XMS5TY$qieYYORZmUheiVzbIb1IMup$A9kW-DKq8zhVbnBT4rMeaYZy-HVgKBl1Gv3PnChfrKKtfXReuYG7A1eVR7waxzBISIS7LFo$mjg0UvGZomeBrI$ayA3Y$G94F6iABmq0LJJCuqAv0MexwPil6QZ1YY0-gaa-uSbZVA4lvazdfBwa39pC36dSSPs6WYgP7CymDzKB1k8KDpROBfmADHu$R9D7VvJl5iC3bYklGG5e57T8$DLbr2+aulAukGGBgECuv7wBU+qS+OjPPG0auxn3h8pCM5f0LYWnvWweom0JDpgcf0JmoX$MiR7pBcRbRjDQcd2Bh506q1QlHUoI422pjEOfzm$HzhLg9qj6h2fYKBIiy9GjL-83-dynkMdrgxGBSy$08kkTgc-$9KOYXeGi$XuewXW9kx-KZHfkBF+QDSmURu02ps8kkopakfXeUPXe6qKjk5GKRwGQvrZ1rKXHhawdjT5$DvpOi09bXfpw4SZ0uxdf0WS-KcK$d8IjUYv+nhSvtfYKl6ZoeZ+2dpHByaf9uuYKqZMWxXH$CRw01wgPKQVMLJ27uX9EFaBgmA02s9DdfqEzqlana0$pUYn1r9qqIR5a0MrC$mL+Qwx8n6EarSx-I12-6ocbiovVAXQ8O-SuZJweAEgvZa1B$v0xrKu4R0pc-Tx2fXmJRoDE4aCvSp-Tu391QMxgDKpjHi+1w0y4p7c$P5ou2T4fJRhBk88zvQiKvgWuuowVW++RnlwSkZvZKQI5jBk7uJxcjgZ-b$0eT4A4oe2RXgzgl13jrFTG$62aLbt9qtwlCj-WmzsDECOGsO0kU$bvfYkqnBJ0quk2UZUVZu8knRjdgVTmBOc2x8fkM19ponYDOMflSHrBmqZOc8UjqJ9XwLHykwr5aMJgldbme2Kp$JWSu6UtPn+UVjGMy$fV-axrZxl1y-oFkGdZ8j-KCxyLGngh4Uf1rVyhak$CgTE63B71JDzFfqq1$vPX1YOu6q8oS$kA--gdgpw-FShiD5CY6jsSZ0Sl$RaZQSkyv+hn32KS8Bf+k7DaHgsrXCBm53B2rV6OcIdD-FmEXCoPWweF8jm$UHeEn5mz94+T-dLn+yqsf7QnqrMul6-t1hkAxDQGh$mLiFuwflEpB5Xa-vxScEX$+IEdGjujKumykoe+UY0eaiJbcexE$Bpkf2EGQI5d8GcHH5aIDR2Ur17EUy8b2P2KQarX-lDjedqTap34bf0wmu2lqdb0F1aJ0wyX-w$M3ob6-1cS+8+aiz+6GQiS85cyDTFKq80fH4py5Hua-K5gDeeS+gUX$s$2r2rfRg89D6p4+pYnyc+W+c4f-f-Uum0c4SlIKW0+lgrmqpDW0seh29yX4xK4KqYc2KQM0w0zEQ--FwbGpl-lLw7feGLfKC-VFDqbeY$j3ueOH4Zui6qSiiLKL8$00z3HuzRc-lr2D2x0xlU4B1il5l+8HrKQEmFiR1$5K3HFmPDxBsmVLrF-+flGcT2lKy4qFU7Huo3u2BpSbz4ocuFqQeaz0-4n+d2A3dFDEcGW-iygKKFlGs-xaw3Kcy2aqQFSK3FnFIYvrQiGB$LoYfYb3Y08YKZ8+BK7Q87$GT7PYsD7FbajLcq60Y0cx577x++Yr1QIYOYTbOYpHw7lZ8a4+yLAcSYZ2jYOy5psHArU46aILs0bDmRtqiEnlMq6eX2WFubsEEawGbmn84G3032o53Fg4qpw0UDAUr+QFU88cAGdRcGe$L$ki2Rr5Ae-rT2w4bGnEkyAlBD4gD5HLS36KjHhE+y7lLEHDqpnqcDnDb0JHUKaRexmEruHFwgUay7tegmyGn+3-BHD0txsFx$$C3D9mCHIBH4Q4cDQE3EwUVek08e2qsDQii-z49yf3RxiLhaqcRxB8gEbl0VarB753yepY6y4xll6ESu0JZVY0f$v3XR62qpgxyeyQ$Gz7W50$z7zK6l1+yJ94BRLH$QZUH+o+Zpr3zek0sH18k7$G0GEQi4CRTZgGy5455Ez0E2wyc+yL4VzgBeycHe$RqQH268EZFyY$4iJ$c4ZHw8v0a5HVCeWRBEfeM5$QWlfqSiBKzKXefHiDXBc4MJfVm+uVcY$--J8V4rWezeAeFVvD6-Zx0C5GPlCr$cuyRDs$VDpZuEwqplHgp$BULed31VbLnxm73iCCyymCMmu2Lbz$-2wGeeGaqcbruC57UHfihEyuTJ7GGCKgBesHFmu4hg4b6+iBLD7B5aP522WF-gSaRxj$X7t0crGbZe1Cyg$SDRqZcY4BKc1rx0DVnF$ZY0tiU-S0GYkR2+$v-RrFpB$oAcw$5Zw41x$vhiX2AvuuWxI3V8Sgp2Pg5UPV4iaCoZCUxeVLybRmoek4oc++z7JYPRo3d43mbg4oP2qfExEK+5dUnGwFEYeelSAH6ex0xgbKkCaqpimmkUpVZBilXymFT4ymWxLoa$PqyYeuyxxqPq3gYGpeypAH6UMfpYiLw0XElS$Eg83RAe3CDVg8V2MuMEm7v29UaqnoGRWB-J+8KZrU05RxS+e4rgmafBb87CnDp5KZjy6HnmrESyKFW$X0beJHS2M+Y-MGXFH$lxWJqiImxvhu$bU+TbwFaUv-1SMroKOy$ROfR8BHA52HUFqK+fKQeE4V8aJ$RxOYqZvUFyULoBrKnrOfr-jVQGBZCZHez0krLeGR-LllcreSTbyZb$rl2rUueBU7BHfHGfpFaVHGxluHmUnGnlUCZE-+$CJF2$FSgm5bYCh3tHBeuK-yYHTBrLcDF$9$w0zf-41fY-Q41+706SpV1HdELVuSbKlvax$oBa1V$Drfzg6oAlGmuHKCnfPUc2MlrfkdUxbmW5wj+3E8gLCbWYbu0eWDQvXJVS4Z+lcxcQREx0qjybm0I5UoF79+lJQ4WRg88Zg0LbkS4aQ3gKCPZvkCOm9oYrGqXKe-QmpjHuF$Oyy$7mh+1bnijB7SD3IoIFbf85cgIxFCxdH8$QcKeEcg0gvfPlyG2L+3wfCoyLuvz0Y$oEuiR+8Hx$bgfdwJKU6rkgAeZem0aeXSBHfu5ftfopJrhGocCVSUmUxC4fnrB$rxkoPBGUw$3BbKVJEKn5c$prp5Y$ZYSCREQVcYjHmBnFnG1lsemf67kyOqvJafo5nL2-kCTEWxc5WKWqHrFBB$rb$rvLoYGAl22PyJ2CKvrr95u0UvA0w+V0iFuClU2oJgX-fK7LzldxMFDl-SQbTUlG$xxHl-nd17gvkmY3HRHKb4LCSFS25l0irVH27oPeh4+Fxym5Oj70IcIZzVqgpbGZKxAHu-PUXuxedlUBLre2-BxBMV$x6qJAtHBRMJSbKCCS0V1+Kcngb+U-hjcqYbyr95P2Y-EvQg$bPdGqbHWq$jVSAhzy8Q7PCvui4gLHfaH4OvyZrU58$cFy9Uvbt$aar4sFmlVBvG9R1UWiWRDJfqIAlRJeDGl9xlAe8Y1S9r3VA0qA0-gu0GilGCFmqi$S-E4CpgmqW$Wete8++qSF9AY3Da43LeHn8FjF$fqpfJqpn+iLso804-Xu1aRYp+CZU8UpikVAp0QPk4W28ny$r3w3t77o7HV0qrRrIYMkXeGc0Gjd$JI7m31gXxeeeC4n2j+dH8B8BjAPQVAPYPkAwdaagAgex0J08+oSzEQVZhq8AYSScSsrXiTLhGr2T-TbFgSVpE0S42rlmlc+KEKFx7g+ib$jhbRYBCdggymkJHJ0xvigziFmkHqJkoB8ApRo$fSyb3f0vym$IRmPGl+loBqK$LoYBA89BC0DxibLTCFRwqSFTPv-LxzyxYnegq1CkBfekR$crGYKL0yUeUHSrmO5MnugICgPo+Ep6uXnjDOe$i$S0YzpvjH46exx0A$L1PUK$xAfCo7SCG2riUWD3$+h0QaBZfQ+63Uj-+Ynlnd9LedhmhcgDAZ0uAjeOvqozPYAZPb45mqfISvGWPWjfUGMcrWYYLkoKiUppXP5J0Knf0bP73xVjgJVkfPvzw9d4r6MkSnbf9JAHobG-qUU1nb-hA9FWmx0crn-gjA5c2iXV7i1ZdYrLvSA$2nSoGW0c5Lb38a7Zeck-vkyr4b-PJ9hri6lWDJb4YxJwAB2T2bmX0sHwRZ9S06mnJ+2JV-A6C$GQooEMvWjuggYgPlnSPwPJgdV10CrguLVz5hL1Bck1b7LE90o4EPJAp8iRa9JuClfpkYA9w6Y9iXPjxObB5clfqsPxGduZeJkjHIdKRCPZ0uH+2n58JA$1EOSL2qc1-fFWyw$+i6yA9zyXHTf2r$ZJAEdKQ+hFMsHsaQPAggAkwLPSnw0M0WgPwhaeeu$OuKQpdWGHe8AuwYbMxUhnohix$hk292nIqYhdqZ5wbTr7VyEoea$j$$AS2zho2Bdk9E1x-ekLrzd7w5mZdqzSPSUcVnjyGZAZH7gfFiy$-7L8KHyEBc+ej0jOvA$XagX8Ryp82H42VxbdKdd8Mh9$SgJZROfvF9GB1aM851Lo$SFGbYHhP1Ua0Jk0xk-JJnVtRY5wbZk5aiIuUtg7g1Z2rTeu5ogKcRYwMnkw8Rwdw2s5qgvg839sBMqjjOn19roxoZbZLrn+kaKfxqzoko57PjClA2F588r6j7XpCpHfvXrfKpcci8eEjWn7Hk-IbGUFevCdrg4xS8D4X3ncoIpFkPeoH1zAVH7iVhuRgX2ADRicpHXqoYEYEZ1EdkTGf8CdJ6GEf3737PbFXcnAZUJLeEFJsQf-mui39$L0X7oioULClV06UBgfomFSvHeuiHd0Lufir8o$oHv8zpMtrebW-BhGRt0Bl7etaxuZSlkyvVb1VJH0kj3K2Hu54oMQYEcPSlGfYpMkSoju$Z9QmOnJ5ZHHidX-XFBFHdwhdqGMliGH1erh8GSSnMP0M+aXeVwYtP8Qg+RSKgdM+y0AhGA0Ct9AJQroo$fW3CWJnfGOSJDhz4aY+jMsekaPdLHZvKcnu+y6srDFPmI7$hvL$xBI+IJpSjnaIYyveozYFYFVCH5KGUkBGiRqZ8+BEz4KDEuy10Q5yH7KQedU2zS1QD$MsSfYXVor0c5Wgl38g8HLgwElEdl8ZHeL$kqHmEAwIg1+ssDizQmSf88xTRKE-ItfHIReLWu8kL9FuLkpcR1Mjs0W5eJv10K5-vC1g1JbLMwSE1VirgyqbguTnUh5bu9Q1cKT9mleae8bbDfptSuAByVWYCjWWe6M6peGdeHLXITsiOsTKfvcLUsJx8QIB3tQbOCDYbBU8WK0tkXaPzACP-C0+Lt4Gas1FygjT5hLH9BZxgSU78jIuAYFyC4mhV6YaySBxneJ7tC7cYyxffJ9puHMcxnKQ$HpoWKcZBe8lvBWYfHH8xp8c5CKcCVw5j$mA65qChy67IVn2Z9cJ$ZjDoRbCKCwevSMYC9o7QBPZUWkPCb$CZ1kZq5v$oLRaDgk4esb51uwOqT274eQaSuWp0LIc9fcEZmF3MOqm8k5jOcJHWpuk7TZlP2+926$OqzDhOc$HvY5$SyS4vwRYHsu1++k+exG7wiqUoLzua44gYfBF$uCICokCGxdaRDmHD67ueD0s-iuEKO$kQQauABE$bDSq+YLpvnEpQkGtyY4BP0G-x$G+gKxKfJcZx8$YQf9hY$kxyBZ6jC+41H0B0yxmpfQKMaLheY-HjqG6eJzY7fadrr08QD70y7qkKLeGy894UGD9Rr4SFjQrxTinAe+Y4pnQM$L9RAxfFYeGk2KzJYIoiBEHP$14k$ek9LxcDIQ5Aft-nBLR5G-Zz7kb0w9XK3$U$6PnIZxBLBG9pKxeuZbwaY0iTKA3-54wzKiRv0sK1q6X9Cn8xFe2GvfKGyxYwcOf+QP7yC8URRlnKWppKgjR6BOBE$JKKpxRgmC-HT7zGUfmiBYajeYqTCZKqqQYhCxfQfubveiKDf+GA6vKjKlKMZ8OZyFZuyHfCISBJihGlGBK1YvZ8OZDFpuyfYSMZA6cuu842qrQeTjLY4QBDB4l8xHymp7uq4bKWB9kgBBE$MCaw01kY$U-zcMp3O7JR89gler7qkGWce5APpG62uzppmZ3PIm4cIDk$22oUg3qnuLDoAn9-nHURrulljlICTvQKx6qylpo+KvCR1YoT84fKqVgzkC0u184ipjxRiKzBqZCASGWGe+7e$F46QCDikui7i4ETECn42614BoHw2SHiqQleKm$0rcKUZqVk5rBUqBcDJ94Gwv3eaLgZPO2KsBaMeOZmpI$WDFYmkezRLYYiAKsZ$A9iB2-bzBqqD5A8lB9W6$7vxkmDlUDQQkGChheek8QBTYG4+p5TB8kwHf-cln1kSGjn2e9cFUAKKkrjcc8z4nUaDOnRBHdRKZ9qySKr$9$LYHUl6rDXDHVBs8KprQQ3y7XpYaYI4nK34tThFHpDSeZkc+8fyGxGHwHVG0c7lKxdHe$m47d$8xVgfOeI77qxzKmpwKEmqmpuipBHZxPzHEZoGQX50mvRH$946LjzmD-lVm0ppvq2ps$$KRk$7PAI8VDlh7PZRJ$w6ioSxBhHlyqrJK24xq8cp0qzy3G8kBPa-YdKZHH7I$hyYY$CCpHeZMS4UnfcCgi64$szaV-5P1QeKC45Hy-GUvry+w8o0GO4n33T3JHdpX-s$nslhaAUyOW4BTbo4nD74j7wMD58eqw$sFsp+pnShm$1GY1t$HJK3YeBzqn4tuIHHpIpmH$YSpC5YOYL2KlQY1Q$S4IZID$$Hy$qmCRq8zeTUA4porI$i9buO2R+6HruMKR2ubTe8WkIFYvBfBFHEY9ZYK5Me7UHycC7pJFKZxqYJeDlEEBzyPhGK6Hzo6MmQK2Kn$RwJjHasDHf$+5$Qr$7pbyeXgfH2C4QZKusg+lwBE$w65$K+4Un1LmQG-tDLDfJcq2QQbLCvsEpk7G0VCsuegyC83YZHyZY4PzakyxYiCswp7gpe+ryB7uyZhkVC8fy6BBG5u3OgKuJK4BFQyZJUClaisLgrEkKX-9g7gpknH0KpmLcDQTk-hH$Hueu9fcizuZgx4QnUSCyzYF0kmKz3UgKrp$BRiyC3PQu2-zuWnzpr6cUrkg80ZYrV-QDqJC+CMTqo$QuwnvpyqeABulu2iuK4t$-4ef$OuuU2K$4n1BYeLZ4q2qSfTkYL$OZR$em+Aa40IHXHlC28hiyT$Ae-QJLDCIwmv$zpXHu-V4IYL5hZi6UB8vjuZg59xCj3zngk8pKa98po4FHx3h$$FekQmqRKQCDlHEaoZbHr-2mY$eEhvxI$o$zSej43xcCLgDFb$9qDGBk0HHdj-VHl8z03yUlcw9wmns6nWVzuTObw7haR9LedUkFkkanvWgcJvP0F+p7p8Ra3gsuHARw6ooB$5RQloFRztJXvkRm74VZsz3K$VeWVTlc$OVKkgdhBViuiFXYTa9v9zJuKhKOazE-Yptlb3RK$8sVQEkw$U30FgpKj$2$WJmrB$c$tlpFHhV2-1HvzCOzW$WViPEFrdkL9XkaViAlGpxkkg5YsVL$7FZ4Hl7AHt7Vlhr$064YZH9Cw$4BnfIc9SRtCx667q0pdLb0EJ48uF00V6VskaJwuf8poHl$GxcpIlB$hF$Q4VkaV73b6vzElktm2+Bl7H06JHyqYbFtlxBGkIQrw0JZBljBJMeIIm3jlS4IDuju4n6enlo3ZODprHQE9$oYYALvziZ5Op2vGCiBYZLj0$o2vb2vDYZLVkjKWJKlU$3Aa4X4-$FfrY4ZZ3Ho8VtKy8yHX6ZU4ihrpJ8MFICYInIgqv+Z5$zz-J$4-zfwuA0F6inr2GqffahB60AQr2L4vn8bp9pSHzYX0v6uIF$yi74hhGo-ABCVZiUnVgsVOuCgAyP7rlkaVcH-r6G2DRD1pSTH6gwwtD+2YEQH3CUdY9depbEcSae$x6PpeTCCU8YuB3yFzp4nDQk8+nulxHJ21$xB3IggH9IuXnxfqkXDhZ6rrm0woD800R9H-rdKzZZ300RLB-4FeHRX9GkllOrowwio38MF8lgj9kXrZ98hr9py-DvhKHg$5$dCvlKvnbpV7nAWz7QD61SmpGRFQzLYD408SYFF21cyKa61lG+PiBq8w8Hzb8qnuL$z4rxSdKzZqbzBDfHnJXAuody4rm$p7SfyO3A8rppIyJ9aCF3z8v7W06B$yXQeZlU$I8Ojm0y7UVzhr26HaxVqzZ4DTGW83tJR$3cjuOpIfDofT8kQ6apueCkYLIvA2y4EB2K0nf6MOCyusphYn2u8bEpd8cYHRmlh0agv$ZIKsY7YhtqU03ejBdqUleaKUbZLWptwGPzk$QSmqBShkI7fpU9SQamkiAlPryH3BgkJ0ysYPIm8lQ43vC-GwfSelHyPchB8h49vwB8fDP4P0wJofbkk0QLRKS$aj4+1WCMb9Fpzlzhx1G$Q3zF8+1FmkBdgPleSzzFnyJLafLgfFT$5q0oMi80bMKj+W95oX6pPLMSkLCMm0uavglyPSzi1rj1PoJ3xFT+pPIdktLebHArlO1fnb$SobmSD6Q7yJLRou8uPJ4$F4LMVg1qSPz6lJh+Mwea3nYlKAr5lGSoCGvFHLt95jb7pXFrYIiWpYZZ$vPbaFPMB95savvmbhgHL1OoRxxFXLVF+peOzIGSviPgPAilH5IG9o4a7P8+lH5nXbo48pgGxUH4oGSfGa7r4xpdX2GSSDa0pEGiTvpXgvD+PG-L$PzoXbSCa-BPLqK7qjXC8b+Bd+O1Dq-moW4F0W+3QyJw2ScLeSh0gbXq-d70aWlYqiTrKGhv650pfZ2T4L1CoEfJ90ZJcIUMfvCLo9+ZwWvPQf+TlBSnZXuunKSoxaDwoiWZH7gKP0+RupxG3cDw3Vy5S90+yyco-1oJDHgoxQPrbH$doLtB3iO3Tzpmp-bb9Jw7HfFMZfaLs9-Jzezuw6S4+eSyy33+2LBY5ZXP$fzamiCZAPL6gFL6-SMwyABalg3LO1uAXVJP8fPoolJxUGSSF5og9p4iDSMLSx+9kWis-mgXbfVaug8+Mb4qXH495ZLEk0bfzbjv-D01AicbfSGjS1aOUnllp8wbiPTa7FixdrDPMiju766aL1ZcDxtxiLB$kyJDz11AU6c6f4ZLVRFZDeCaq4Pp5-e11FlZ+Wpx2B2klk-$1bm0Y$TkBf0I0g8DPtgu651QJeDSWpaA$4ns3X5icIS2AqMK4uZpt+BHAidTQW8yjSHkuzJlzBxM00h5KTpJcn8+3-R-ps$0lY47$$$eAxnC4$VfG0wu4QOCkyeF$t5opU4a2rHn-0AuhH9YxCTkYMCweEDVpWntuK7Rm$lSkP$$$go0eQ2$QKe$Y6RjeOu7$6F+AxBPz794xKwqbz+ZHIH7ePK9fiURMYgP9ZFTI$B$Rw0A$zi$$B0Y0s$$H8$vSaM2e1BjLiDIq0q$qZxidHD$fg8aMieZikTiM3vSbX9jk0u$RnpCH31h$+i$$dH3X9AD$tTLq4hu3LPpq$54i$evvbGFdt-ADP$eRSp0A0VpCWyIcVTKQJ0xuSpxni$HRGPjxislU$DIBYVm0Uij$gYt4nWw00xrTLiD4q$$B-+4j4lvzqxk$$LWq1Igp$dGx$2$bK3ItFSTx1$7bi$c$BXuq0pcYB7qUA1p4DKSeopAfWOhdLDZpcjuhUpfsPnJHS0UpiWWYa0BVaL8+qtSYK+IpCxMVulBluzQL$dRm$1LkThpTGk5xvjOTA4fH+Aec12H2i0TT4809Tfn0oHvWWGIl0Hk2mopCWxnJABG$md0u2$Rnb4a$YpH7EqWWGaP5Qp+QnuCTI$zB$3LJgvZiufYDSTvJUvoQGS1YEty90k$w$feEIX$xrhsdE4GK9HWPuaCKh-QE4zqPS51YUJ6eAq$$DZVj2YGKrj6XHjJ10GiLZJnER5cXUjM0kTWGSxnKx6yd$$$XGG+$$"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:01:13 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\ncontent-length: 0\r\ncf-ray: 9c5f18c58a1b0b59-OSL\r\ncf-chl-out-s: allJpEAJfJlt38eD6uNR+w==$uoEPaqcH1lGHk69PLvVoSQ==\r\nset-cookie: cf_clearance=iJappjwd88aqgpuuDFTY_5Y.j0aCQqfho_KDJN1QgBI-1769756473-1.2.1.1-bihKsExekcbjoBDKkfe_itddKGuMEYH3GQ5G4.mfOX7NPNzLccKHizQNhmazzt7NFtH1oQPxsbaWU0eu0Ks9Laypisvqn7nvG2JbrXSeWkJLP5sDeR.l5YgwW_VlTSIEN4Pq2VxFFdesCIANup4MQSYXYgrZn_SCARBEiGvTbQM833oQen5MVcIsR1j7LEHkrFabyhEVOj0TN9sQFCBKGdLELqUN16_G4KjZjwr5foQ; HttpOnly; SameSite=None; Partitioned; Secure; Path=/; Domain=shibw.top; Expires=Sat, 30 Jan 2027 07:01:13 GMT\r\ntiming-allow-origin: https://shibw.top\r\npriority: u=3,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=fDrXb2nr135a04Ak1aVAReL47RkCtcQzl0nzrZb5akkiGmlOUhSZcknwUtsOy1RzF8RsPaiDaICWB7xzAPBKS9dKV1rJkGsCI46c7IzJ9zBGlKuBtcL5Ztwed88%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=2443\u0026min_rtt=1100\u0026rtt_var=1563\u0026sent=375\u0026recv=45\u0026lost=0\u0026retrans=0\u0026sent_bytes=415024\u0026recv_bytes=18296\u0026delivery_rate=39817243\u0026cwnd=134400\u0026unsent_bytes=0\u0026cid=4f37d12b460b20df\u0026ts=650\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T11:55:25.345466Z","times_seen":14177140,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"shibw.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"shibw.top/","fqdn":"shibw.top","domain":"shibw.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-30T07:01:12.229Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"shibw.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Dec 2025 18:53:03 GMT","end":"Fri, 13 Mar 2026 19:51:47 GMT"},"fingerprint":{"sha1":"FC:D0:AA:59:B5:DF:36:A5:9C:B3:30:A6:2D:2E:28:47:20:44:2A:08","sha256":"04:A8:AA:21:00:1C:C9:A9:BB:50:23:15:72:6C:64:3C:75:9D:C2:0B:39:7D:B7:8E:36:B4:5D:64:D0:A5:C8:E9"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: shibw.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 30 Jan 2026 07:01:12 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Fri, 23 Jan 2026 18:38:36 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sE6PqeFbk%2Bci0%2BAuRFTuKk0iF990eemmHlLYAEN5ofmoC4nMoBEZHTAtFyV4kLdHyy7kPvRcbs%2BF7NdWC%2BqEB66KWjKEH5A%3D\"}]}\r\nage: 3605\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9c5f18c17b8e56c9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4442,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (926), with CRLF line terminators","md5":"bf60ab03c2901ebff5485221d48ac0e4","sha1":"ac1ff1782c7bf262d693aa4ca1662b6ff8ec6ab7","sha256":"933a9bfa1003e3a476949a93d832019580726fcbd40cfcbd8d8d15f7784f331b","sha512":"2023daa9d4d0846e30d990ccd6486a39c0d5a4d9c463e77c6542b2f4be423182c8f2bd7d9a4f5090f041bfb2c22df3588d53841d53550582f006c2178de7be62","ssdeep":"48:tCL8Wfm7sRFxQMSTgpFJ7SI/FUsOf6Sx121CprRTGLrGWuSTw2wptI8Id62:hURFxtSTgpP7SI/qyQ121cNbnx/IH","tlshash":"bb9161a01891543600b3c1c56971dbeefe6152038b46b01431fc6beb3ffbd50986b89e","first_seen":"2026-01-30T07:01:39.054299Z","last_seen":"2026-01-30T07:01:39.054299Z","times_seen":1,"resource_available":false,"data":null}},"time_used":654,"timings":{"blocked":319,"dns":301,"connect":2,"send":0,"wait":12,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"shibw.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"shibw.top/assets/76662bdb665197e1dd3f2f8933d4d8b4a5dfba80.ttf","fqdn":"shibw.top","domain":"shibw.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://shibw.top/","date":"2026-01-30T07:01:12.994Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"shibw.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Dec 2025 18:53:03 GMT","end":"Fri, 13 Mar 2026 19:51:47 GMT"},"fingerprint":{"sha1":"FC:D0:AA:59:B5:DF:36:A5:9C:B3:30:A6:2D:2E:28:47:20:44:2A:08","sha256":"04:A8:AA:21:00:1C:C9:A9:BB:50:23:15:72:6C:64:3C:75:9D:C2:0B:39:7D:B7:8E:36:B4:5D:64:D0:A5:C8:E9"}}},"request":{"raw":"GET /assets/76662bdb665197e1dd3f2f8933d4d8b4a5dfba80.ttf HTTP/1.1\r\nHost: shibw.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://shibw.top/assets/C.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:01:12 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Fri, 23 Jan 2026 18:38:36 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nage: 3604\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=34iE09aNMUR5aE6xmemGejWM4WeWdO%2FiP%2B%2FWoqYKHtM%2FIUqLAQpMaiK4IIFPqSJew52hTDFRNuG6lAgpMqldM%2BJ%2F8O6X1Fg%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9c5f18c429750b59-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3523,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (365), with CRLF line terminators","md5":"5ac305cf0dc9ecdb6befafab2314e6ef","sha1":"cb4028d3ad12472ee1c99464be40a9ae5ae7a9de","sha256":"1edb7b2319d4c9cf94d14be3e056156520e65cfee33ae023dd226dd0eec57e67","sha512":"24542fc4cf860f32b8b57e839b1dec34c27767c7b04705773520cc64d14d961231125804b49dc6630bebb8cb14dc646c8aca25dee12b496824cbc06c710727db","ssdeep":"","tlshash":"71710d9044d194260073c1d599619befeea152038b8ab52431fc3beb3ffbd14982749e","first_seen":"2026-01-24T13:42:08.56504Z","last_seen":"2026-01-30T07:01:39.039024Z","times_seen":7,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"shibw.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}