{"report_id":"13cefded-2682-4830-a2f1-69a3300a59be","version":6,"status":"done","tags":[],"date":"2026-02-13T23:57:00Z","url":{"schema":"https","addr":"cookie-fun.sbs/","fqdn":"cookie-fun.sbs","domain":"cookie-fun.sbs","tld":"sbs"},"ip":{"addr":"216.198.79.1","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"www.cookie-fun.sbs/index.html","fqdn":"www.cookie-fun.sbs","domain":"cookie-fun.sbs","tld":"sbs"},"title":"Cookie.fun Early Supporters Rewards - Claim COOKIE Tokens","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"cookie-fun.sbs/","fqdn":"cookie-fun.sbs","domain":"cookie-fun.sbs","tld":"sbs"},"ip":{"addr":"216.198.79.1","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-20T23:57:00Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":10,"urlquery":0,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-13T23:56:41Z","timestamp":1771027001,"ip_dst":{"addr":"172.67.74.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":48750,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI","source":"{\"timestamp\":\"2026-02-13T23:56:41.589775+0000\",\"flow_id\":871370384333197,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":48750,\"dest_ip\":\"172.67.74.152\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2047703,\"rev\":1,\"signature\":\"ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_08_22\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"reviewed_at\":[\"2023_08_22\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"External_IP_Lookup\"],\"updated_at\":[\"2023_08_22\"]}},\"tls\":{\"sni\":\"api.ipify.org\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3435,\"start\":\"2026-02-13T23:56:41.579981+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-13T23:56:41Z","timestamp":1771027001,"ip_dst":{"addr":"172.67.74.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":48740,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI","source":"{\"timestamp\":\"2026-02-13T23:56:41.591745+0000\",\"flow_id\":737045282150641,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":48740,\"dest_ip\":\"172.67.74.152\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2047703,\"rev\":1,\"signature\":\"ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_08_22\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"reviewed_at\":[\"2023_08_22\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"External_IP_Lookup\"],\"updated_at\":[\"2023_08_22\"]}},\"tls\":{\"sni\":\"api.ipify.org\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":915,\"bytes_toclient\":3511,\"start\":\"2026-02-13T23:56:41.579825+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-13T23:56:41Z","timestamp":1771027001,"ip_dst":{"addr":"34.241.153.113","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"ip_src":{"addr":"Client IP","port":52382,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Smart Chain Domain in TLS SNI (bsc-dataseed .bnbchain .org)","source":"{\"timestamp\":\"2026-02-13T23:56:41.697839+0000\",\"flow_id\":186885741321625,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":52382,\"dest_ip\":\"34.241.153.113\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2058780,\"rev\":1,\"signature\":\"ET INFO Observed Smart Chain Domain in TLS SNI (bsc-dataseed .bnbchain .org)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_01_03\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\",\"TA_Abused_Service\"],\"updated_at\":[\"2025_01_03\"]}},\"tls\":{\"sni\":\"bsc-dataseed.bnbchain.org\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"50a9e7b112931e541503e8a2499252b9\",\"string\":\"771,49199,0-11-65281-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":927,\"bytes_toclient\":3168,\"start\":\"2026-02-13T23:56:41.630169+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-13T23:56:41Z","timestamp":1771027001,"ip_dst":{"addr":"34.241.153.113","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"ip_src":{"addr":"Client IP","port":52376,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Smart Chain Domain in TLS SNI (bsc-dataseed .bnbchain .org)","source":"{\"timestamp\":\"2026-02-13T23:56:41.700504+0000\",\"flow_id\":962969151839445,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":52376,\"dest_ip\":\"34.241.153.113\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2058780,\"rev\":1,\"signature\":\"ET INFO Observed Smart Chain Domain in TLS SNI (bsc-dataseed .bnbchain .org)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_01_03\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\",\"TA_Abused_Service\"],\"updated_at\":[\"2025_01_03\"]}},\"tls\":{\"sni\":\"bsc-dataseed.bnbchain.org\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"50a9e7b112931e541503e8a2499252b9\",\"string\":\"771,49199,0-11-65281-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":789,\"bytes_toclient\":3168,\"start\":\"2026-02-13T23:56:41.629973+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-13T23:56:41Z","timestamp":1771027001,"ip_dst":{"addr":"54.75.177.192","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"ip_src":{"addr":"Client IP","port":56580,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Smart Chain Domain in TLS SNI (binance .nodereal .io)","source":"{\"timestamp\":\"2026-02-13T23:56:41.718637+0000\",\"flow_id\":1464067281250127,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":56580,\"dest_ip\":\"54.75.177.192\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2058791,\"rev\":1,\"signature\":\"ET INFO Observed Smart Chain Domain in TLS SNI (binance .nodereal .io)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_01_03\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\",\"TA_Abused_Service\"],\"updated_at\":[\"2025_01_03\"]}},\"tls\":{\"sni\":\"binance.nodereal.io\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"50a9e7b112931e541503e8a2499252b9\",\"string\":\"771,49199,0-11-65281-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":921,\"bytes_toclient\":3168,\"start\":\"2026-02-13T23:56:41.649039+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-13T23:56:41Z","timestamp":1771027001,"ip_dst":{"addr":"54.75.177.192","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"ip_src":{"addr":"Client IP","port":56592,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Smart Chain Domain in TLS SNI (binance .nodereal .io)","source":"{\"timestamp\":\"2026-02-13T23:56:41.721859+0000\",\"flow_id\":368468368680924,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":56592,\"dest_ip\":\"54.75.177.192\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2058791,\"rev\":1,\"signature\":\"ET INFO Observed Smart Chain Domain in TLS SNI (binance .nodereal .io)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_01_03\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\",\"TA_Abused_Service\"],\"updated_at\":[\"2025_01_03\"]}},\"tls\":{\"sni\":\"binance.nodereal.io\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"50a9e7b112931e541503e8a2499252b9\",\"string\":\"771,49199,0-11-65281-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":789,\"bytes_toclient\":3168,\"start\":\"2026-02-13T23:56:41.649180+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-13T23:56:41Z","timestamp":1771027001,"ip_dst":{"addr":"104.18.11.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":42488,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Smart Chain Domain in TLS SNI (bsc .drpc .org)","source":"{\"timestamp\":\"2026-02-13T23:56:41.927242+0000\",\"flow_id\":215095086485159,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":42488,\"dest_ip\":\"104.18.11.59\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2058812,\"rev\":1,\"signature\":\"ET INFO Observed Smart Chain Domain in TLS SNI (bsc .drpc .org)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_01_03\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\",\"TA_Abused_Service\"],\"updated_at\":[\"2025_01_03\"]}},\"tls\":{\"sni\":\"bsc.drpc.org\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3432,\"start\":\"2026-02-13T23:56:41.921255+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-13T23:56:41Z","timestamp":1771027001,"ip_dst":{"addr":"104.18.11.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":42496,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Smart Chain Domain in TLS SNI (bsc .drpc .org)","source":"{\"timestamp\":\"2026-02-13T23:56:41.931035+0000\",\"flow_id\":1877247430037352,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":42496,\"dest_ip\":\"104.18.11.59\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2058812,\"rev\":1,\"signature\":\"ET INFO Observed Smart Chain Domain in TLS SNI (bsc .drpc .org)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_01_03\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\",\"TA_Abused_Service\"],\"updated_at\":[\"2025_01_03\"]}},\"tls\":{\"sni\":\"bsc.drpc.org\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":914,\"bytes_toclient\":3508,\"start\":\"2026-02-13T23:56:41.921448+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-13T23:56:42Z","timestamp":1771027002,"ip_dst":{"addr":"3.254.41.76","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"ip_src":{"addr":"Client IP","port":55008,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Smart Chain Domain in TLS SNI (bsc-dataseed1 .bnbchain .org)","source":"{\"timestamp\":\"2026-02-13T23:56:42.298430+0000\",\"flow_id\":1426207144575712,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":55008,\"dest_ip\":\"3.254.41.76\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2058795,\"rev\":1,\"signature\":\"ET INFO Observed Smart Chain Domain in TLS SNI (bsc-dataseed1 .bnbchain .org)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_01_03\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\",\"TA_Abused_Service\"],\"updated_at\":[\"2025_01_03\"]}},\"tls\":{\"sni\":\"bsc-dataseed1.bnbchain.org\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"50a9e7b112931e541503e8a2499252b9\",\"string\":\"771,49199,0-11-65281-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":789,\"bytes_toclient\":3168,\"start\":\"2026-02-13T23:56:42.230112+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-13T23:56:42Z","timestamp":1771027002,"ip_dst":{"addr":"3.254.41.76","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"ip_src":{"addr":"Client IP","port":55016,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Smart Chain Domain in TLS SNI (bsc-dataseed1 .bnbchain .org)","source":"{\"timestamp\":\"2026-02-13T23:56:42.301805+0000\",\"flow_id\":466947673850732,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":55016,\"dest_ip\":\"3.254.41.76\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2058795,\"rev\":1,\"signature\":\"ET INFO Observed Smart Chain Domain in TLS SNI (bsc-dataseed1 .bnbchain .org)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_01_03\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\",\"TA_Abused_Service\"],\"updated_at\":[\"2025_01_03\"]}},\"tls\":{\"sni\":\"bsc-dataseed1.bnbchain.org\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"50a9e7b112931e541503e8a2499252b9\",\"string\":\"771,49199,0-11-65281-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":928,\"bytes_toclient\":3168,\"start\":\"2026-02-13T23:56:42.230252+0000\"}}"}],"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"bsc.drpc.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"bsc.drpc.org","ip":{"addr":"104.18.11.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2005-01-09","domain_rank":2964008,"first_seen":"2023-11-21T22:39:48Z","last_seen":"2026-02-08T18:00:57.209923Z","alert_count":2,"request_count":2,"received_data":7330,"sent_data":1013,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"bsc-dataseed1.bnbchain.org","ip":{"addr":"34.241.153.113","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"domain_registered":"2020-01-13","domain_rank":2973508,"first_seen":"2023-08-09T23:52:32Z","last_seen":"2026-02-13T20:14:19.55576Z","alert_count":0,"request_count":2,"received_data":1110,"sent_data":1040,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.cookie-fun.sbs","ip":{"addr":"216.198.79.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2025-11-29","domain_rank":0,"first_seen":"2026-02-13T09:15:23.135233Z","last_seen":"2026-02-13T09:15:23.135234Z","alert_count":0,"request_count":5,"received_data":7335018,"sent_data":2313,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}]},{"fqdn":"api.ipify.org","ip":{"addr":"172.67.74.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-01-05","domain_rank":8166,"first_seen":"2014-10-06T12:38:43Z","last_seen":"2026-02-09T08:52:44.317696Z","alert_count":0,"request_count":2,"received_data":512,"sent_data":874,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"bsc-dataseed.bnbchain.org","ip":{"addr":"34.241.153.113","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"domain_registered":"2020-01-13","domain_rank":2077582,"first_seen":"2023-08-03T06:51:11Z","last_seen":"2026-02-08T14:08:48.855054Z","alert_count":0,"request_count":2,"received_data":7443,"sent_data":1039,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cookie-fun.sbs","ip":{"addr":"216.198.79.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2025-11-29","domain_rank":0,"first_seen":"2026-02-13T09:15:23.129595Z","last_seen":"2026-02-13T09:15:23.129595Z","alert_count":0,"request_count":1,"received_data":1909703,"sent_data":483,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}]},{"fqdn":"binance.nodereal.io","ip":{"addr":"54.75.177.192","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"domain_registered":"2021-07-19","domain_rank":1804985,"first_seen":"2022-10-20T10:44:48Z","last_seen":"2026-02-08T14:08:48.808882Z","alert_count":0,"request_count":2,"received_data":5971,"sent_data":1027,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-02-08T22:25:44.117365Z","alert_count":0,"request_count":2,"received_data":798869,"sent_data":906,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.129.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-02-08T22:32:21.331091Z","alert_count":0,"request_count":1,"received_data":239257,"sent_data":445,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.cookie-fun.sbs/index.html","fqdn":"www.cookie-fun.sbs","domain":"cookie-fun.sbs","tld":"sbs"},"ip":{"addr":"216.198.79.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"261fa5f948bd99fdf005f80595805744","sha1":"51d57156b1974322b3ba8542f48893082199d5e1","sha256":"1dcf3b0e1f92d593867169c5ee26771d2f3b77f552eee6c73beba961b91d61b7","sha512":"532ff30dfdd593068e7afc5f98cb1bc72408e594f297911c0a7c590c97a2ed6be6b91981322dfe3b3e90f21241404ae8692139732372f119279dbdf29f3ae429","ssdeep":"","tlshash":"a6015927222233707ce9d5dca8b6dd8e39bb501ae40a0090a09f944d1834bc644f7bec","size":847,"data":"","first_seen":"2023-03-07T01:03:07Z","last_seen":"2026-06-05T13:49:07.111844Z","times_seen":3576,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cookie-fun.sbs/cb4217b9-7970-4558-be1b-1a24b1421e27","fqdn":"www.cookie-fun.sbs","domain":"cookie-fun.sbs","tld":"sbs"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"ec26a722169cb2cef03353fcf8dd144a","sha1":"6eec6673abcde3d29547796a38361256d9efde1c","sha256":"01861fcd47bc63bb7be76c480bad4c6cc987c8996ab0e023a4e692b68c94b05c","sha512":"c885e5d94bd96fa4a573524356e0ca7398b1489f5a39fc1120cf7f4e469950630ad3e9f48dd0392acd36da390c27a4be1e81da943d1d9ecd48890d1691e416cf","ssdeep":"6144:Ufg7z90bnvLZqnWTI9esVTMuyEvtzXNglxQP92L:VzBe6kEdOxQoL","tlshash":"bf740980b261b07247da24e10477540af339e96c744a40acf6a8d8fb7dbd589957ff38","size":357754,"data":"","first_seen":"2025-07-12T22:38:09.13306Z","last_seen":"2026-05-13T03:42:14.185593Z","times_seen":5084,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cookie-fun.sbs/index.html","fqdn":"www.cookie-fun.sbs","domain":"cookie-fun.sbs","tld":"sbs"},"ip":{"addr":"216.198.79.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-06T13:10:17.302646Z","times_seen":686468,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cookie-fun.sbs/ca9d1601-5c04-4604-b74e-1aa4aa7d3095","fqdn":"www.cookie-fun.sbs","domain":"cookie-fun.sbs","tld":"sbs"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"05997da4a9c3d58ef33a7cf3d716af57","sha1":"3a7a7913c31aa2787a11dc6ba6fb5b5f2c525ac1","sha256":"e268ded9f58238c3885b4e0e83ddf10ea9552c488dd25538c8569ec2beff7eb9","sha512":"83413571115e6b39abe7e3b6573a81b3198125b35ae13e31d14c7cb3c81790b24a11cd81531a58922386bbf6e2d41ab6e449fc3206c8b7f20932820cdf58aefe","ssdeep":"49152:D+2KKNjyR5WP4CQjNn9GU6lCLsSPOnLUfJ8KZTcbQQqG7r8aQO/iSJNHoRO2sxSQ:RD8ew45JV","tlshash":"20f591496bf660358213f0795e6f8801b234a40b2949ed5c7e9c92f09f4953c8bf6fe9","size":3517001,"data":"","first_seen":"2025-07-12T22:38:09.134446Z","last_seen":"2026-05-13T03:42:14.184973Z","times_seen":4171,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/crypto-js.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d9c6de0df2bf028d93924aff92487904","sha1":"6596050516dd12af52d9b0e7b18ed837f1d81300","sha256":"769a555de553babc35a3338f344dd7aa16260c93cea2c7db290707c90484e7cc","sha512":"6be4940eec0dcd70efcf85eb21c5c7b827f4f3dfe2240a0de259ab5c9835f179ddb8a2ba6250c73516a5bf8c9dd4de3438a23cd2d162745faba9314a18fa1615","ssdeep":"1536:R8K6Znxmj9rlvCOhI64j7AtSPtNPU9ArHMLlk:RV6+jKOh4z","tlshash":"65535bc0629c5491a3b76480087f740b7073353b0a1d5aacf658faefacacad6907cd39","size":60819,"data":"","first_seen":"2023-11-02T21:20:28Z","last_seen":"2026-06-06T12:00:46.147513Z","times_seen":31121,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/ethers/5.6.9/ethers.umd.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"268d19762594655239a29d058a7e8b44","sha1":"f06da2f7a68114b8dda38a0d782d65ddacc9c0e8","sha256":"95c66625ee20f53d542e23dded002b021b24e9d28c3d193a076d45cba4dc8618","sha512":"55e6b3e48536891a5ad0106b26525e4607c9ece0075ad5496535ef81d1fbb377dfb0b50286594c0aa0b405bf9e791c4696b674ea260813f4772ac7220ab82fdc","ssdeep":"12288:TfLmYQI/yjP+H8Xb29/nNUgE6te1R5WJW:TfCPalnNfE6taD","tlshash":"29f42b80b3b1b0b583c729a4143f6046f63af46a505840a8f659faf279f9d4c957bb3c","size":735973,"data":"","first_seen":"2023-03-07T12:58:29Z","last_seen":"2026-06-06T05:53:08.17766Z","times_seen":8455,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cookie-fun.sbs/index.html","fqdn":"www.cookie-fun.sbs","domain":"cookie-fun.sbs","tld":"sbs"},"ip":{"addr":"216.198.79.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-06T13:02:47.990395Z","times_seen":228072,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cookie-fun.sbs/ed2cb40f-dce6-4335-ae35-1309653627f7","fqdn":"www.cookie-fun.sbs","domain":"cookie-fun.sbs","tld":"sbs"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"0d628f0467a18efa29eab2faa417482c","sha1":"d9ce200445de712bc1b4c15ed32b603ec51fe5a0","sha256":"6ce85d25d87564c73cd6d49f0726c643f827e74c6af8051b1edb1307095750ad","sha512":"6ab7ea527fa0e87ac22c55ed47fd1611bc31b3b415a9181f24628f8bac00e263cc5ac98ab48ff375e10c3c292b227670da7d112f9b498bee95817dd0d9ec1529","ssdeep":"12288:4+otWhleoZw5ck1zTd35ghXbKJoeCYEVKDCYWuXBXtgwiTNfmBWGAmqQlZTrnZjS:4hroZmznK2A/upwJAzxEUITlIAVnWBW","tlshash":"a13685c8ed16cc705d7e83ae9bb75641c0816ec0a51d71c9b45eecaab34cb6390d1ea3","size":4892009,"data":"","first_seen":"2025-11-23T01:20:13.217828Z","last_seen":"2026-02-14T01:56:56.574406Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"bsc.drpc.org/","fqdn":"bsc.drpc.org","domain":"drpc.org","tld":"org"},"ip":{"addr":"104.18.11.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.cookie-fun.sbs/index.html","date":"2026-02-13T23:56:41.889Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"drpc.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Dec 2025 13:39:50 GMT","end":"Thu, 19 Mar 2026 14:39:46 GMT"},"fingerprint":{"sha1":"7D:BD:D1:20:F2:8F:11:02:02:19:89:AC:6F:83:35:62:34:8D:2C:9C","sha256":"6A:10:B6:39:31:98:CD:2B:F4:43:FD:5D:14:10:16:A0:68:D0:15:B4:B7:1E:A8:15:96:D6:8A:07:E6:13:D6:F8"}}},"request":{"raw":"OPTIONS / HTTP/1.1\r\nHost: bsc.drpc.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://www.cookie-fun.sbs/\r\nOrigin: https://www.cookie-fun.sbs\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Fri, 13 Feb 2026 23:56:42 GMT\r\ncf-ray: 9cd8438a283ab28a-OSL\r\naccess-control-allow-headers: content-type\r\naccess-control-allow-methods: POST\r\naccess-control-allow-origin: https://www.cookie-fun.sbs\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T13:09:45.117471Z","times_seen":16178700,"resource_available":true,"data":null}},"time_used":208,"timings":{"blocked":55,"dns":34,"connect":1,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"bsc.drpc.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bsc.drpc.org/","fqdn":"bsc.drpc.org","domain":"drpc.org","tld":"org"},"ip":{"addr":"104.18.11.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.cookie-fun.sbs/index.html","date":"2026-02-13T23:56:42.068Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"drpc.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Dec 2025 13:39:50 GMT","end":"Thu, 19 Mar 2026 14:39:46 GMT"},"fingerprint":{"sha1":"7D:BD:D1:20:F2:8F:11:02:02:19:89:AC:6F:83:35:62:34:8D:2C:9C","sha256":"6A:10:B6:39:31:98:CD:2B:F4:43:FD:5D:14:10:16:A0:68:D0:15:B4:B7:1E:A8:15:96:D6:8A:07:E6:13:D6:F8"}}},"request":{"raw":"POST / HTTP/1.1\r\nHost: bsc.drpc.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.cookie-fun.sbs/\r\nContent-Type: application/json\r\nContent-Length: 136\r\nOrigin: https://www.cookie-fun.sbs\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":136,"data":"{\"method\":\"eth_call\",\"params\":[{\"to\":\"0x158862Ec60B7934f1333e53AC1e148811A2E3BeB\",\"data\":\"0x53ed5143\"},\"latest\"],\"id\":1,\"jsonrpc\":\"2.0\"}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 13 Feb 2026 23:56:42 GMT\r\ncontent-type: application/json\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-drpc-owner-id: cb501251-31a8-4028-8b0a-54679f15c385\r\nx-drpc-owner-tier: free\r\nx-drpc-provider-id: drpc-core-free\r\nx-drpc-trace-id: 79832dad34effcb515e8d3add76efe15\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncf-ray: 9cd8438ada1fb28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6374,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"8cddab4c6b3bdd125741fea6f6871ad7","sha1":"89bdb44fce716f9de64eab2676f97773a15a56c5","sha256":"09895382537cb3db8470f3c9089fffa5259749eecec52412221d38154adcb281","sha512":"d2a4c8dfbb298b36acd708e5a0bc3477b728459e1c33ecf421b286adf4d709d2db8db123eb0b37d5ef63d3e982e8f0631e67acb1c0f97a5741d127fc9daadc15","ssdeep":"24:Y2tXa257vaoWH3eGZsthXvUzZ5+hdex1qx1xxNU6xvQaNBtXX60jv:Y8am3QytxvU15+doY1jNNTt9jv","tlshash":"b5d10bf098c98e50f19b5a81b798bc9400113caf7fdf8f40415cf8b6a0f549176a448f","first_seen":"2025-04-17T10:18:27.874943Z","last_seen":"2026-04-30T15:50:11.318086Z","times_seen":906,"resource_available":false,"data":null}},"time_used":488,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":488,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"bsc.drpc.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bsc-dataseed1.bnbchain.org/","fqdn":"bsc-dataseed1.bnbchain.org","domain":"bnbchain.org","tld":"org"},"ip":{"addr":"34.241.153.113","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.cookie-fun.sbs/index.html","date":"2026-02-13T23:56:42.382Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bnbchain.org","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Fri, 09 May 2025 00:00:00 GMT","end":"Mon, 08 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"60:A4:BE:0F:33:E9:DC:36:3B:B7:3C:5A:E4:42:EE:DE:F1:46:52:E4","sha256":"15:55:B7:24:9E:06:40:29:6B:D0:0D:FD:D2:2B:02:D8:1B:63:50:F2:26:B3:56:69:5D:9D:DF:3E:40:64:99:5E"}}},"request":{"raw":"POST / HTTP/1.1\r\nHost: bsc-dataseed1.bnbchain.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.cookie-fun.sbs/\r\ncontent-type: application/json\r\nContent-Length: 60\r\nOrigin: https://www.cookie-fun.sbs\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":60,"data":"{\"method\":\"eth_chainId\",\"params\":[],\"id\":42,\"jsonrpc\":\"2.0\"}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 13 Feb 2026 23:56:42 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: POST, GET, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 600\r\nx-nr-trace-id: 497500a4badcbd1a56007a47b4429624\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nreferrer-policy: origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubdomains\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":41,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7855aabe1be2e1d4d9683a6508186546","sha1":"afe530f59475b81e9189721d7f2cc0cc38fc37f0","sha256":"64fa9bad3274e0dc928755d2d8d827dbe0470406cc1a29ee19f6cd8f35ccbe75","sha512":"1426d53d0ace9b019e31f73fd9a565c2ea6c3def699cde763073d7fc1f0b61a7ae7cad746adff9ad1539a1331bad225d558825f5434a56f38ab73b676a34c609","ssdeep":"","tlshash":"979004c115070731401c0c01d004004031c33f5c05040f04444dcd457154147730c335","first_seen":"2023-04-05T17:45:40Z","last_seen":"2026-06-06T12:48:14.032206Z","times_seen":2182,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"binance.nodereal.io/","fqdn":"binance.nodereal.io","domain":"nodereal.io","tld":"io"},"ip":{"addr":"54.75.177.192","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.cookie-fun.sbs/index.html","date":"2026-02-13T23:56:41.841Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.nodereal.io","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sun, 16 Nov 2025 00:00:00 GMT","end":"Tue, 15 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"0C:EC:8E:68:9E:56:EA:CE:48:DE:13:D2:0C:5B:55:18:C3:74:A8:48","sha256":"09:E3:92:97:59:92:96:9A:A3:FC:76:BF:B6:57:D8:2B:24:69:0C:72:DB:30:57:8C:4A:F2:4B:56:9E:2E:65:1F"}}},"request":{"raw":"POST / HTTP/1.1\r\nHost: binance.nodereal.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.cookie-fun.sbs/\r\nContent-Type: application/json\r\nContent-Length: 136\r\nOrigin: https://www.cookie-fun.sbs\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":136,"data":"{\"method\":\"eth_call\",\"params\":[{\"to\":\"0xd24aeC3254652B0ab565E41A945b491e98Bb5FFC\",\"data\":\"0x73d4a13a\"},\"latest\"],\"id\":1,\"jsonrpc\":\"2.0\"}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 13 Feb 2026 23:56:41 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: POST, GET, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 600\r\nx-nr-trace-id: 127dac67eb8737224153a53907ab64ef\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nreferrer-policy: origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubdomains\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4902,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"2188b7f1b90a143020f7faf12d10e91f","sha1":"e6a95e4d574d05948b7c8517861a71e6f69b38b8","sha256":"4a8dd94310fc027a042dc9ca0311f20e9341084839e00b8d7a830ab52cdc8096","sha512":"08e8f648099fac2b075f96396f2f9056ac526f12e5843bc16d07fd725fcd74abeed4021a9ed64f53ef3e1dbb57a707ebee71bc51b230f5b5ee4200c2da1d7b1c","ssdeep":"96:oigW53TB2SzrZYpTbDaOTkSO6mdSInccYGS9FzelVLY:r5TB2SzAT/7kSRRrze3k","tlshash":"e6a179f0ee02c891f1be4768f2ddbe0461383726eedc5a4604b45a991ee5a51bd0dccd","first_seen":"2025-01-17T17:24:07.906471Z","last_seen":"2026-06-02T09:20:02.518199Z","times_seen":4814,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cookie-fun.sbs/index.html","fqdn":"www.cookie-fun.sbs","domain":"cookie-fun.sbs","tld":"sbs"},"ip":{"addr":"216.198.79.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-13T23:56:33.102Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cookie-fun.sbs","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 03:12:43 GMT","end":"Thu, 30 Apr 2026 03:12:42 GMT"},"fingerprint":{"sha1":"6C:05:09:B2:A0:07:68:A5:AE:10:BD:0E:59:EB:18:2D:0C:83:66:87","sha256":"6A:84:05:E9:F2:FC:AD:F5:BF:5C:B7:D9:15:2B:47:AD:75:7A:D7:12:29:D1:74:E1:E0:73:38:83:3D:E4:5E:47"}}},"request":{"raw":"GET /index.html HTTP/1.1\r\nHost: www.cookie-fun.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 60883\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"index.html\"\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Fri, 13 Feb 2026 23:56:33 GMT\r\netag: \"c600c38a3e9487918dc4b9bbfad06ffb\"\r\nlast-modified: Fri, 13 Feb 2026 07:01:50 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /index.html\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::hqpdw-1771026993109-88203433cfe9\r\ncontent-length: 261366\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":1909384,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (34769)","md5":"b3c3cc74feea6cda9ee19f5329e1eba5","sha1":"480133aaf61910e017233eb08cfcb13e56933555","sha256":"bc09872388a13c2d34f844971cf54d0da7955f9c67382dab24d3b83a3786858d","sha512":"436e9dfdfb9b0e7d3b68a92ceb0d49b2867bac976e4559566e7db0d960a9a1eaf85d588579deb617b24ab89fe3c1f8fe15c6524f085d094aca2a7b85fa0c9a46","ssdeep":"12288:MHxqVyvXIBDreWk2fWVW5AfVyvnXBJreWx2fWVW5AsVyvX2BDreWy2fWVW5AxVyL:BPwEeW5AMZFEeW5AOPmEeW5A47","tlshash":"652523b4146d14af18d5cd85e2542b2edfbd3f63a801c2ee1fd919c36adcc48d922a8d","first_seen":"2026-02-13T09:15:27.735021Z","last_seen":"2026-02-13T23:57:07.762379Z","times_seen":2,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cookie-fun.sbs/runtime-vnx04vfkkv7.js","fqdn":"www.cookie-fun.sbs","domain":"cookie-fun.sbs","tld":"sbs"},"ip":{"addr":"216.198.79.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.cookie-fun.sbs/index.html","date":"2026-02-13T23:56:33.357Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cookie-fun.sbs","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 03:12:43 GMT","end":"Thu, 30 Apr 2026 03:12:42 GMT"},"fingerprint":{"sha1":"6C:05:09:B2:A0:07:68:A5:AE:10:BD:0E:59:EB:18:2D:0C:83:66:87","sha256":"6A:84:05:E9:F2:FC:AD:F5:BF:5C:B7:D9:15:2B:47:AD:75:7A:D7:12:29:D1:74:E1:E0:73:38:83:3D:E4:5E:47"}}},"request":{"raw":"GET /runtime-vnx04vfkkv7.js HTTP/1.1\r\nHost: www.cookie-fun.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cookie-fun.sbs/index.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 52903\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"runtime-vnx04vfkkv7.js\"\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Fri, 13 Feb 2026 23:56:33 GMT\r\netag: \"96583edda79e4a968af5a507bbcfac3e\"\r\nlast-modified: Fri, 13 Feb 2026 09:14:49 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /runtime-vnx04vfkkv7.js\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::v6cbl-1771026993363-7a652c71c269\r\ncontent-length: 2587373\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3505941,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"57db7678046e6b95f7ad464d7a9eb309","sha1":"f4113731c3c8b202c083c9a44cc133efe184fd5e","sha256":"6f8ab93573d1b12a563e97daacf195af0a2e9d7dd66596c303cdee9b015895cc","sha512":"6376ac1f4b32966ae37bbfad5eb23be4f3e542da09b12da0df46d1d7372ea854c64d87e5b36aec4d17e61d140d91c1d7eb75031f5191c2138456770c133a3c86","ssdeep":"24576:KxIn3C+NUzsnQ9ZuVGnip8bY0qHgk+lYyFa7:ww3NewQLt00qAllPFa7","tlshash":"482523ed4a1bca514c078ebda24912d47f5c18ffb8efdb9ab10cf550d091aa8805d5b3","first_seen":"2025-11-23T01:20:13.197419Z","last_seen":"2026-02-14T01:56:56.568405Z","times_seen":5,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":160,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"binance.nodereal.io/","fqdn":"binance.nodereal.io","domain":"nodereal.io","tld":"io"},"ip":{"addr":"54.75.177.192","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.cookie-fun.sbs/index.html","date":"2026-02-13T23:56:41.560Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.nodereal.io","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sun, 16 Nov 2025 00:00:00 GMT","end":"Tue, 15 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"0C:EC:8E:68:9E:56:EA:CE:48:DE:13:D2:0C:5B:55:18:C3:74:A8:48","sha256":"09:E3:92:97:59:92:96:9A:A3:FC:76:BF:B6:57:D8:2B:24:69:0C:72:DB:30:57:8C:4A:F2:4B:56:9E:2E:65:1F"}}},"request":{"raw":"OPTIONS / HTTP/1.1\r\nHost: binance.nodereal.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://www.cookie-fun.sbs/\r\nOrigin: https://www.cookie-fun.sbs\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Fri, 13 Feb 2026 23:56:41 GMT\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: POST, GET, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nreferrer-policy: origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubdomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T13:09:45.117471Z","times_seen":16178700,"resource_available":true,"data":null}},"time_used":465,"timings":{"blocked":209,"dns":100,"connect":34,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.ipify.org/","fqdn":"api.ipify.org","domain":"ipify.org","tld":"org"},"ip":{"addr":"172.67.74.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.cookie-fun.sbs/index.html","date":"2026-02-13T23:56:41.553Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipify.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 01 Jan 2026 12:15:50 GMT","end":"Wed, 01 Apr 2026 13:15:39 GMT"},"fingerprint":{"sha1":"E8:04:3F:4D:91:E2:52:D3:E0:EA:F7:1A:C8:8C:94:50:7C:2E:FF:FF","sha256":"A1:8E:F1:BF:52:25:E4:EE:2D:91:8B:1E:0B:E7:A1:C3:B9:7D:DF:7D:D1:57:11:6A:14:CF:F2:A6:DF:D1:B0:18"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: api.ipify.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.cookie-fun.sbs/\r\nOrigin: https://www.cookie-fun.sbs\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 13 Feb 2026 23:56:41 GMT\r\ncontent-type: text/plain\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\nvary: Origin\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9cd843881d9076ef-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"35b0bce9d250429df012c0426f88d0bd","sha1":"f81d80af9cbeb0011316fbba3da8002b32251f7a","sha256":"da9add592d7eb9cca7705cb4870d7fd4e9718ccd51486c4261a727a8d566960d","sha512":"32c9df1064e730e1a2358dae62aff741118007187d89510bfbdf93efaaa7356b71a570ea8c5d96bdc0b47155bbaa77df86b6847cc4d95d2d1b7fa2a1484a7144","ssdeep":"","tlshash":"dd600003000000000c00c00cc303030303c00003c30f0000ccc00f000c003300300000","first_seen":"2023-03-07T01:19:04Z","last_seen":"2026-06-06T12:30:18.397707Z","times_seen":26966,"resource_available":true,"data":null}},"time_used":413,"timings":{"blocked":55,"dns":32,"connect":2,"send":0,"wait":298,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cookie-fun.sbs/secureproxy.php?e=ping_proxy","fqdn":"www.cookie-fun.sbs","domain":"cookie-fun.sbs","tld":"sbs"},"ip":{"addr":"216.198.79.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.cookie-fun.sbs/index.html","date":"2026-02-13T23:56:41.578Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cookie-fun.sbs","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 03:12:43 GMT","end":"Thu, 30 Apr 2026 03:12:42 GMT"},"fingerprint":{"sha1":"6C:05:09:B2:A0:07:68:A5:AE:10:BD:0E:59:EB:18:2D:0C:83:66:87","sha256":"6A:84:05:E9:F2:FC:AD:F5:BF:5C:B7:D9:15:2B:47:AD:75:7A:D7:12:29:D1:74:E1:E0:73:38:83:3D:E4:5E:47"}}},"request":{"raw":"GET /secureproxy.php?e=ping_proxy HTTP/1.1\r\nHost: www.cookie-fun.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.cookie-fun.sbs/index.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/plain\r\ndate: Fri, 13 Feb 2026 23:56:41 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nvary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Router-Segment-Prefetch\r\nx-matched-path: /api/secureproxy\r\nx-vercel-cache: MISS\r\nx-vercel-id: arn1::iad1::h5kfc-1771027001587-45daa2b9b29b\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":4,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"6fdb087aa3fbfbcb8287a593a0919e61","sha1":"0e514a0662bcb69dc863953d1ce26e3d40e81a87","sha256":"9795c5ff8937f23526ccb207a5684c1fc94a7854e19c021b39d944e51f5baef2","sha512":"be5457d14c930b51b47ab152850c1ceaafe6ef88c8671b48164abbc83410b0c07a1e178540f6cdeac5f2672cadb1d1cbbb3434b3e39bc2c50c4646a2bae57437","ssdeep":"","tlshash":"fe300000300000000000000c0000000000000000000000000000000000300000000000","first_seen":"2023-04-12T09:14:15Z","last_seen":"2026-06-06T06:29:39.051025Z","times_seen":8772,"resource_available":true,"data":null}},"time_used":488,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":488,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bsc-dataseed1.bnbchain.org/","fqdn":"bsc-dataseed1.bnbchain.org","domain":"bnbchain.org","tld":"org"},"ip":{"addr":"34.241.153.113","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.cookie-fun.sbs/index.html","date":"2026-02-13T23:56:42.144Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bnbchain.org","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Fri, 09 May 2025 00:00:00 GMT","end":"Mon, 08 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"60:A4:BE:0F:33:E9:DC:36:3B:B7:3C:5A:E4:42:EE:DE:F1:46:52:E4","sha256":"15:55:B7:24:9E:06:40:29:6B:D0:0D:FD:D2:2B:02:D8:1B:63:50:F2:26:B3:56:69:5D:9D:DF:3E:40:64:99:5E"}}},"request":{"raw":"OPTIONS / HTTP/1.1\r\nHost: bsc-dataseed1.bnbchain.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://www.cookie-fun.sbs/\r\nOrigin: https://www.cookie-fun.sbs\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Fri, 13 Feb 2026 23:56:42 GMT\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: POST, GET, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nreferrer-policy: origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubdomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T13:09:45.117471Z","times_seen":16178700,"resource_available":true,"data":null}},"time_used":121,"timings":{"blocked":86,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bsc-dataseed.bnbchain.org/","fqdn":"bsc-dataseed.bnbchain.org","domain":"bnbchain.org","tld":"org"},"ip":{"addr":"34.241.153.113","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.cookie-fun.sbs/index.html","date":"2026-02-13T23:56:41.562Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bnbchain.org","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Fri, 09 May 2025 00:00:00 GMT","end":"Mon, 08 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"60:A4:BE:0F:33:E9:DC:36:3B:B7:3C:5A:E4:42:EE:DE:F1:46:52:E4","sha256":"15:55:B7:24:9E:06:40:29:6B:D0:0D:FD:D2:2B:02:D8:1B:63:50:F2:26:B3:56:69:5D:9D:DF:3E:40:64:99:5E"}}},"request":{"raw":"OPTIONS / HTTP/1.1\r\nHost: bsc-dataseed.bnbchain.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://www.cookie-fun.sbs/\r\nOrigin: https://www.cookie-fun.sbs\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Fri, 13 Feb 2026 23:56:41 GMT\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: POST, GET, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nreferrer-policy: origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubdomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T13:09:45.117471Z","times_seen":16178700,"resource_available":true,"data":null}},"time_used":802,"timings":{"blocked":379,"dns":74,"connect":32,"send":0,"wait":36,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cookie-fun.sbs/","fqdn":"www.cookie-fun.sbs","domain":"cookie-fun.sbs","tld":"sbs"},"ip":{"addr":"216.198.79.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-13T23:56:32.847Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cookie-fun.sbs","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 03:12:43 GMT","end":"Thu, 30 Apr 2026 03:12:42 GMT"},"fingerprint":{"sha1":"6C:05:09:B2:A0:07:68:A5:AE:10:BD:0E:59:EB:18:2D:0C:83:66:87","sha256":"6A:84:05:E9:F2:FC:AD:F5:BF:5C:B7:D9:15:2B:47:AD:75:7A:D7:12:29:D1:74:E1:E0:73:38:83:3D:E4:5E:47"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.cookie-fun.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 308 Permanent Redirect\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-type: text/html\r\ndate: Fri, 13 Feb 2026 23:56:33 GMT\r\nlocation: /index.html\r\nrefresh: 0;url=/index.html\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-id: arn1::hqpdw-1771026993082-0e8728b8eb02\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"308","status_text":"Permanent Redirect","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1909384,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (34769)","md5":"b3c3cc74feea6cda9ee19f5329e1eba5","sha1":"480133aaf61910e017233eb08cfcb13e56933555","sha256":"bc09872388a13c2d34f844971cf54d0da7955f9c67382dab24d3b83a3786858d","sha512":"436e9dfdfb9b0e7d3b68a92ceb0d49b2867bac976e4559566e7db0d960a9a1eaf85d588579deb617b24ab89fe3c1f8fe15c6524f085d094aca2a7b85fa0c9a46","ssdeep":"12288:MHxqVyvXIBDreWk2fWVW5AfVyvnXBJreWx2fWVW5AsVyvX2BDreWy2fWVW5AxVyL:BPwEeW5AMZFEeW5AOPmEeW5A47","tlshash":"652523b4146d14af18d5cd85e2542b2edfbd3f63a801c2ee1fd919c36adcc48d922a8d","first_seen":"2026-02-13T09:15:27.735021Z","last_seen":"2026-02-13T23:57:07.762379Z","times_seen":2,"resource_available":false,"data":null}},"time_used":469,"timings":{"blocked":229,"dns":135,"connect":1,"send":0,"wait":11,"receive":0,"ssl":88},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/crypto-js.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.cookie-fun.sbs/index.html","date":"2026-02-13T23:56:41.181Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/crypto-js/4.2.0/crypto-js.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cookie-fun.sbs/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 13 Feb 2026 23:56:41 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 19621\r\ncf-ray: 9cd843858b3b8deb-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"65384d58-4ca5\"\r\nlast-modified: Tue, 24 Oct 2023 23:03:52 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 151771\r\nexpires: Wed, 03 Feb 2027 23:56:41 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=vIINZIotPI04xJz%2BRR1mac%2BCMZ8hhNvk7eP2xenw0aGJVH%2BoY%2B%2F0l%2FfcqqR%2BPlKlq%2BSMcTg9gdYlnnD8kpgkcP0ehRHdHvo%2FWwe2cmEl46f%2BQpipws4OCtQsCxIL2i9IG2H2ReGU\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":60819,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (60819), with no line terminators","md5":"d9c6de0df2bf028d93924aff92487904","sha1":"6596050516dd12af52d9b0e7b18ed837f1d81300","sha256":"769a555de553babc35a3338f344dd7aa16260c93cea2c7db290707c90484e7cc","sha512":"6be4940eec0dcd70efcf85eb21c5c7b827f4f3dfe2240a0de259ab5c9835f179ddb8a2ba6250c73516a5bf8c9dd4de3438a23cd2d162745faba9314a18fa1615","ssdeep":"1536:R8K6Znxmj9rlvCOhI64j7AtSPtNPU9ArHMLlk:RV6+jKOh4z","tlshash":"65535bc0629c5491a3b76480087f740b7073353b0a1d5aacf658faefacacad6907cd39","first_seen":"2023-11-02T21:20:28Z","last_seen":"2026-06-06T12:00:46.147513Z","times_seen":31121,"resource_available":true,"data":null}},"time_used":66,"timings":{"blocked":20,"dns":1,"connect":1,"send":0,"wait":22,"receive":3,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/ethers/5.6.9/ethers.umd.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.cookie-fun.sbs/index.html","date":"2026-02-13T23:56:41.363Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/ethers/5.6.9/ethers.umd.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cookie-fun.sbs/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 13 Feb 2026 23:56:41 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 125841\r\ncf-ray: 9cd843868b3f1525-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"62ad87d5-1eb91\"\r\nlast-modified: Sat, 18 Jun 2022 08:07:49 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 140373\r\nexpires: Wed, 03 Feb 2027 23:56:41 GMT\r\naccept-ranges: bytes\r\npriority: u=3,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=CQUTz8leMRxvehRjxQspisFXzlo30jszOs4ZsaoCDhexa2gYFbHc5KwInR5sh83YFxF48HGD2sKH9X2cL%2Fzz8FCi%2B3Ofs%2BjqhwtSqNs6gPGHD9xpa7aBIcMLLr%2Fs7gwYhjxLbdBg\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":735973,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"268d19762594655239a29d058a7e8b44","sha1":"f06da2f7a68114b8dda38a0d782d65ddacc9c0e8","sha256":"95c66625ee20f53d542e23dded002b021b24e9d28c3d193a076d45cba4dc8618","sha512":"55e6b3e48536891a5ad0106b26525e4607c9ece0075ad5496535ef81d1fbb377dfb0b50286594c0aa0b405bf9e791c4696b674ea260813f4772ac7220ab82fdc","ssdeep":"12288:TfLmYQI/yjP+H8Xb29/nNUgE6te1R5WJW:TfCPalnNfE6taD","tlshash":"29f42b80b3b1b0b583c729a4143f6046f63af46a505840a8f659faf279f9d4c957bb3c","first_seen":"2023-03-07T12:58:29Z","last_seen":"2026-06-06T05:53:08.17766Z","times_seen":8455,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":18,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.ipify.org/","fqdn":"api.ipify.org","domain":"ipify.org","tld":"org"},"ip":{"addr":"172.67.74.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.cookie-fun.sbs/index.html","date":"2026-02-13T23:56:41.550Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipify.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 01 Jan 2026 12:15:50 GMT","end":"Wed, 01 Apr 2026 13:15:39 GMT"},"fingerprint":{"sha1":"E8:04:3F:4D:91:E2:52:D3:E0:EA:F7:1A:C8:8C:94:50:7C:2E:FF:FF","sha256":"A1:8E:F1:BF:52:25:E4:EE:2D:91:8B:1E:0B:E7:A1:C3:B9:7D:DF:7D:D1:57:11:6A:14:CF:F2:A6:DF:D1:B0:18"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: api.ipify.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.cookie-fun.sbs/\r\nOrigin: https://www.cookie-fun.sbs\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 13 Feb 2026 23:56:41 GMT\r\ncontent-type: text/plain\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\nvary: Origin\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9cd843881d8a76ef-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"35b0bce9d250429df012c0426f88d0bd","sha1":"f81d80af9cbeb0011316fbba3da8002b32251f7a","sha256":"da9add592d7eb9cca7705cb4870d7fd4e9718ccd51486c4261a727a8d566960d","sha512":"32c9df1064e730e1a2358dae62aff741118007187d89510bfbdf93efaaa7356b71a570ea8c5d96bdc0b47155bbaa77df86b6847cc4d95d2d1b7fa2a1484a7144","ssdeep":"","tlshash":"dd600003000000000c00c00cc303030303c00003c30f0000ccc00f000c003300300000","first_seen":"2023-03-07T01:19:04Z","last_seen":"2026-06-06T12:30:18.397707Z","times_seen":26966,"resource_available":true,"data":null}},"time_used":224,"timings":{"blocked":56,"dns":33,"connect":2,"send":0,"wait":109,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cookie-fun.sbs/secureproxy?e=ping_proxy","fqdn":"www.cookie-fun.sbs","domain":"cookie-fun.sbs","tld":"sbs"},"ip":{"addr":"216.198.79.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.cookie-fun.sbs/index.html","date":"2026-02-13T23:56:41.552Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cookie-fun.sbs","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 03:12:43 GMT","end":"Thu, 30 Apr 2026 03:12:42 GMT"},"fingerprint":{"sha1":"6C:05:09:B2:A0:07:68:A5:AE:10:BD:0E:59:EB:18:2D:0C:83:66:87","sha256":"6A:84:05:E9:F2:FC:AD:F5:BF:5C:B7:D9:15:2B:47:AD:75:7A:D7:12:29:D1:74:E1:E0:73:38:83:3D:E4:5E:47"}}},"request":{"raw":"GET /secureproxy?e=ping_proxy HTTP/1.1\r\nHost: www.cookie-fun.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.cookie-fun.sbs/index.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 335025\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"404\"\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Fri, 13 Feb 2026 23:56:41 GMT\r\netag: \"f7bb10498232b2b56bbf4c8966da650e\"\r\nlast-modified: Tue, 10 Feb 2026 02:52:56 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /404\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::h5kfc-1771027001557-de501d6161b5\r\ncontent-length: 2178\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":7757,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (7757), with no line terminators","md5":"f7bb10498232b2b56bbf4c8966da650e","sha1":"27ea9de043fdf4127dcaaad96ac82e061c616330","sha256":"171cb8abebbc7552aced61130508eec2776cf087d36715285d3a4c917d44aabe","sha512":"9f8fd0cf47b92c79f63e857300eca812baa8f0249e24ac6240566dc86e6ff53980fc5dd37cdffd3959cc200893f290c6f5b0f05e2f3bfc5ec468b5d5e21b65c1","ssdeep":"192:IoGUJWYUOUgeDbGNnvWLWSzHkuKG0q7OgnqzcpmFqzEA:IoJWZOUgeDbGBvEWTuOqnaA","tlshash":"5cf14629f405ee4efc6e7579113eed3e10ce852f47a58ab8868ade590a4107927d3ec0","first_seen":"2026-02-13T09:15:27.729506Z","last_seen":"2026-02-13T23:57:07.76675Z","times_seen":2,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bsc-dataseed.bnbchain.org/","fqdn":"bsc-dataseed.bnbchain.org","domain":"bnbchain.org","tld":"org"},"ip":{"addr":"34.241.153.113","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.cookie-fun.sbs/index.html","date":"2026-02-13T23:56:42.017Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bnbchain.org","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Fri, 09 May 2025 00:00:00 GMT","end":"Mon, 08 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"60:A4:BE:0F:33:E9:DC:36:3B:B7:3C:5A:E4:42:EE:DE:F1:46:52:E4","sha256":"15:55:B7:24:9E:06:40:29:6B:D0:0D:FD:D2:2B:02:D8:1B:63:50:F2:26:B3:56:69:5D:9D:DF:3E:40:64:99:5E"}}},"request":{"raw":"POST / HTTP/1.1\r\nHost: bsc-dataseed.bnbchain.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.cookie-fun.sbs/\r\nContent-Type: application/json\r\nContent-Length: 136\r\nOrigin: https://www.cookie-fun.sbs\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":136,"data":"{\"method\":\"eth_call\",\"params\":[{\"to\":\"0x158862Ec60B7934f1333e53AC1e148811A2E3BeB\",\"data\":\"0x53ed5143\"},\"latest\"],\"id\":1,\"jsonrpc\":\"2.0\"}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 13 Feb 2026 23:56:42 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: POST, GET, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 600\r\nx-nr-trace-id: 53ee1bbbc828a877705abe9e49b32f13\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nreferrer-policy: origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubdomains\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6374,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"fa3dbe9e7a67f351ee2d52c99850bf9c","sha1":"294cd26f4c0198841057707ed0b44b3cf616e5a8","sha256":"efe3b5e2a041edfb73e010d9c7b8321b7c075c78f0b5d972fe7783da8844f87b","sha512":"d46f4edc8d511404ba6bb32a1a375a1a1c66b24a11f072dbe332243df7b1489af0816a8506fb648a97dd28b0c5ceac714915bc46221ef78d12e9a8a5f1d51d45","ssdeep":"24:YUtXa257vaoWH3eGZsthXvUzZ5+hdex1qx1xxNU6xvQaNBtXX60jv:YKam3QytxvU15+doY1jNNTt9jv","tlshash":"52d108f098c98e50f19baa81b798bc9400213caf7fdf8f40415cf8b6a0f54a176a448f","first_seen":"2025-04-07T11:53:19.749574Z","last_seen":"2026-06-04T13:20:41.017939Z","times_seen":5255,"resource_available":false,"data":null}},"time_used":49,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":49,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/merkletreejs@latest/merkletree.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.129.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.cookie-fun.sbs/index.html","date":"2026-02-13T23:56:42.048Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/merkletreejs@latest/merkletree.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cookie-fun.sbs/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 0.6.0\r\nx-jsd-version-type: version\r\netag: W/\"3a393-ow5VcB3yNddBHZ9Yv78eUVMKtdU\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nage: 11996\r\ndate: Fri, 13 Feb 2026 23:56:42 GMT\r\nx-served-by: cache-fra-etou8220102-FRA, cache-hel1410020-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 54223\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":238483,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"67ce418e4d67b79b2e9d44050119f0d6","sha1":"a30e55701df235d7411d9f58bfbf1e51530ab5d5","sha256":"726fc8775a8aa08138293a5955dd14f9c2cb8b566f1c577f5d39c986bceab3a9","sha512":"827ddbae75068bcb5c45b95a5a33e8ef5f1f09cc8d5e580e17eb5370959970e8c0280d7edf8ed5e180390397c44ae8ff5861db566fa855bff17a52558a178956","ssdeep":"3072:6cBV39NAtLr/rq8orpLppLQ8CsPYx7F59U:6m9NAtvLYQVsQx7FLU","tlshash":"b7343bc63685a0a583da71a8043f990ff176e827404cd484e924f8f59cfce9956abf7c","first_seen":"2025-09-15T18:44:44.033997Z","last_seen":"2026-06-06T05:53:08.178926Z","times_seen":2057,"resource_available":true,"data":null}},"time_used":432,"timings":{"blocked":177,"dns":65,"connect":26,"send":0,"wait":27,"receive":30,"ssl":104},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cookie-fun.sbs/","fqdn":"cookie-fun.sbs","domain":"cookie-fun.sbs","tld":"sbs"},"ip":{"addr":"216.198.79.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-13T23:56:32.726Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cookie-fun.sbs","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 04:38:02 GMT","end":"Thu, 30 Apr 2026 04:38:01 GMT"},"fingerprint":{"sha1":"B8:44:35:60:F1:DE:AE:63:5F:D5:FE:A3:4C:A0:FF:5D:33:E7:90:88","sha256":"B6:D7:69:88:0C:85:10:4C:68:A0:77:19:1F:C7:30:F2:EC:6A:F5:0B:72:4A:BE:56:26:3C:AC:DC:DE:0A:B3:69"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cookie-fun.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 307 Temporary Redirect\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-type: text/html\r\ndate: Fri, 13 Feb 2026 23:56:32 GMT\r\nlocation: https://www.cookie-fun.sbs/\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-id: arn1::v6cbl-1771026992828-7b1d622ff941\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":1909384,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T13:09:45.117471Z","times_seen":16178700,"resource_available":true,"data":null}},"time_used":206,"timings":{"blocked":95,"dns":68,"connect":1,"send":0,"wait":11,"receive":0,"ssl":28},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}