{"report_id":"3a3430e5-90b3-4d74-921c-2f8e5d0c6a5b","version":0,"status":"done","tags":[],"date":"2026-07-01T00:45:04Z","url":{"schema":"http","addr":"k7winta.com","fqdn":"k7winta.com","domain":"k7winta.com","tld":"com"},"ip":{"addr":"172.67.168.149","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"k7winta.com/","fqdn":"k7winta.com","domain":"k7winta.com","tld":"com"},"title":"k7win.com - Apostas Esportivas, Cassino Online e Slots no Brasil | k7win","dom":{"size":60304,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (515)","md5":"5a3c99662194180000eedc483ddf9696","sha1":"af9e02a063bdab980f755d0ce6fc8874f1d0ce4a","sha256":"cd11761aa33905e19f14af0dc5a0402782ebd9d64418d5a61d90a30e4fe3f433","sha512":"ff31c3144218a3b6c3e4a92994cb5cd0a12cf2e63084b2d1c51e79b8420ddd090cc4fdc002bda0688f1bb93ce18f295f9ed80c6fa3511cb3bbc4c1e01811e605","ssdeep":"384:Wdt4dzw6roIYprEiMCx+AYr+eFQ2CVBA8n6r/GFBtS:Wdt4dMx5Eixx+anTkGo","tlshash":"44439511d8e0150b155790a0aaa1c72b2f54428bb60f8be577bc86b1bfce9e4cc7b74d","dom_hash":"domhasha7a89001b90e02c3fcc79666628c860e","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"k7winta.com","fqdn":"k7winta.com","domain":"k7winta.com","tld":"com"},"ip":{"addr":"172.67.168.149","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-05T00:45:04Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"k7winta.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"k7winta.com","ip":{"addr":"104.21.26.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-12-18","domain_rank":0,"first_seen":"2026-07-01T00:28:07.610694Z","last_seen":"2026-07-01T00:28:07.610695Z","alert_count":9,"request_count":9,"received_data":235049,"sent_data":4412,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]}]},{"fqdn":"cloudr2bucket.com","ip":{"addr":"104.21.56.110","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-04-09","domain_rank":0,"first_seen":"2025-09-01T19:37:35.051494Z","last_seen":"2026-06-30T07:17:16.379148Z","alert_count":0,"request_count":1,"received_data":214701,"sent_data":537,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.178.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-06-28T22:30:22.905773Z","alert_count":0,"request_count":1,"received_data":485561,"sent_data":474,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"k7winta.com/","fqdn":"k7winta.com","domain":"k7winta.com","tld":"com"},"ip":{"addr":"104.21.26.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"cc4139ba73650d1dba4b83ff74e9ab9e","sha1":"25e37e54ba2d8b5b371f3802ed02f46eaac9a3fa","sha256":"98e4df64b786580995d2d25c8341ad3f030c877053d547bbcce67374244b8c23","sha512":"18a8e9d0df33a25efee10e89b5000fcf760bca03c6f7ea6d89e19298e6b697acdc325398fde048d8f9a2f37156d5f0a93b8ddea40c0ca7917997a2ad30a4c055","ssdeep":"","tlshash":"9ac02b8c210a4c7052e72b008b3fb60cb005331494d47e31480d23444d20f03e744810","size":149,"data":"","first_seen":"2026-05-25T18:47:52.563703Z","last_seen":"2026-07-01T01:01:11.418888Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"k7winta.com/","fqdn":"k7winta.com","domain":"k7winta.com","tld":"com"},"ip":{"addr":"104.21.26.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"df8cb2c8c6c077498603be89cb97375a","sha1":"bfc60cd48318ded2b7ac13e1b5953404de1f550d","sha256":"fd7d451d5ddbaa1448400bbc6be474bab040d229919c052524612d29c8ceed92","sha512":"9aaa2f5316c41d7cc26532f7a5255976d24e8b708ee9f3eded8ce34ec708a96d44e719bc428037821c41f747e7d870800258a5289be5aab4873a91155064a17e","ssdeep":"","tlshash":"f3c012195aba10706227ba114b0ff751347128431240da8a3f1c57461f90a5480a046d","size":187,"data":"","first_seen":"2026-07-01T00:28:13.36756Z","last_seen":"2026-07-01T01:01:11.419435Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"k7winta.com/2lx13r/script.js","fqdn":"k7winta.com","domain":"k7winta.com","tld":"com"},"ip":{"addr":"104.21.26.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0e3bfc5b2565cd16f567ea4c0b894d41","sha1":"52318adfe24da7a444bba27b89c54f392cfc5ae4","sha256":"fe0356a3b980ece6f5b540fc74ad200735ce2ac5a33403c2f8efac940de3578b","sha512":"d501ba02f199186e24ca92459810e48216f8a14e97a3b3753f7451d1ada85d71b8dd0b81d3aefefcbe1a357ac4da935c3dcda00fa770d54b138fdd96147edd00","ssdeep":"","tlshash":"61318f3ff1a619378013586673c751d7b910004b3541c8373a9dcf441f82a7654b29f9","size":1785,"data":"","first_seen":"2026-06-30T07:17:19.733314Z","last_seen":"2026-07-01T01:01:11.414767Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-T9XMTCMT7L","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"512db502b3147888e0ab5fef706082a6","sha1":"5c09a981c005386d7706de2596a16e1f30d7e982","sha256":"fdc02b7b77ae971c05c6aec7ae6bdd8f5de5442c0f970b316e26f57ad57805bc","sha512":"71db40adc75b0c7ba1c695f3cea1ef6cc2cf6af5ac1500f059d5212ffd4e999a4d8e1f1db817293de660273514526890d72dc9d78ad0f515ab07c23bcbe244ab","ssdeep":"6144:xL85WIa0ghEUFFLeDokPvvp0uL+STAd/J8NpE+6BbnxRZH:l85IhTzeDBvHpE+6TbH","tlshash":"77a409ceb3d674625396f478903f018ba57b28a2b44cc899f189cce42e7465a8177f7c","size":484957,"data":"","first_seen":"2026-07-01T00:28:13.364375Z","last_seen":"2026-07-01T01:01:11.414135Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":[{"level":"log","text":"🎰 k7win - Plataforma carregada com sucesso!","filename":"https://k7winta.com/","line_number":638,"column_number":21}]},"http":[{"url":{"schema":"https","addr":"k7winta.com/2lx13r/statistics.webp","fqdn":"k7winta.com","domain":"k7winta.com","tld":"com"},"ip":{"addr":"104.21.26.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://k7winta.com/","date":"2026-07-01T00:44:32.721Z","timestamp":1782866672721,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"k7winta.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Jun 2026 10:02:55 GMT","end":"Fri, 11 Sep 2026 11:01:28 GMT"},"fingerprint":{"sha1":"83:4D:88:DB:68:70:E7:2E:65:CC:F0:E5:8D:D4:EE:E1:9E:5D:37:90","sha256":"07:44:BF:1A:28:9C:8E:33:AA:4F:7A:3E:1B:B2:B4:4B:55:2B:AF:46:91:95:D2:4F:B9:00:FD:35:3E:2C:87:86"}}},"request":{"raw":"GET /2lx13r/statistics.webp HTTP/1.1\r\nHost: k7winta.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://k7winta.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 01 Jul 2026 00:44:32 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 18 Dec 2025 21:09:52 GMT\r\npriority: u=5,i\r\netag: \"69446da0-5c02\"\r\naccept-ranges: bytes\r\nage: 1012\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=P%2BsGjHjC5sCNhWk2sr%2Bhk0k4zQehYe5tGfCm0%2BXm8KU404zMK504B0kXqFOVVcwwFCpZUGvVOSSifiE0kp6CsdRfmHVwvQdvzyWy%2Ft%2F%2FXCiTyK9%2Bs%2BPpxeDGiryRJg%3D%3D\"}]}\r\ncontent-length: 23554\r\ncf-ray: a14162008a6d5ebd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":23554,"size_decoded":24262,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 512x512, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"b2c059b87fdddb3f1009253e94d9257e","sha1":"5c1ca4f8657c22942baa6e17bb9b517886b2c9eb","sha256":"e05f5134a326af884cd1af226166b1d2e79eec3869dddd0ccb9ab43bbb14d6cd","sha512":"7486aa3e576012574f8e296ffe7bcb508b19ad7cc1dd67e91c79ea763566e5817690f971e11ee18c0ef77453f726f092f2b45b21c1a6103f77a2a61528edf315","ssdeep":"384:6UqRugODkjHcSr8eGtYVPSEoE/Z2+H+SNmzmi9gh5ZuUL++N29:AR+uV/o+eSdiqRuUL+w+","tlshash":"83b2d0eef417533392c41ec0d0a7dba42f87df16b528bb12b84468c6da1666c94d36d3","first_seen":"2026-07-01T00:28:13.34643Z","last_seen":"2026-07-01T01:01:11.415941Z","times_seen":3,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"k7winta.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cloudr2bucket.com/xin02.webp","fqdn":"cloudr2bucket.com","domain":"cloudr2bucket.com","tld":"com"},"ip":{"addr":"104.21.56.110","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://k7winta.com/","date":"2026-07-01T00:44:32.724Z","timestamp":1782866672724,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"e9eeb182.sni.cloudflaressl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 27 May 2026 21:33:20 GMT","end":"Tue, 25 Aug 2026 22:32:46 GMT"},"fingerprint":{"sha1":"F6:F0:FE:AE:92:79:D4:62:65:02:42:4A:FD:B4:38:4D:A7:C7:60:FE","sha256":"F8:BC:DE:BD:FB:2C:CA:B4:38:1C:23:19:AB:D7:4B:40:67:9B:53:F8:80:D9:EF:6C:1E:A3:A3:07:34:28:0E:FC"}}},"request":{"raw":"GET /xin02.webp HTTP/1.1\r\nHost: cloudr2bucket.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://k7winta.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Wed, 01 Jul 2026 00:44:57 GMT\r\ncontent-type: image/webp\r\ncontent-length: 213970\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lgNa6sRsk2V3xLdtwS%2Blv1G2%2FFd9za8XfkJB1%2F2nyMdDLaK4KLqJU8kWFHcz3vpj3EsyD2hj8v5A%2Fpja4p8fTKXTdGJMzuVHoeWy99jIvkmwGqyyqB%2FM41y5nXuvkWTtfSa8rg%3D%3D\"}]}\r\nserver: cloudflare\r\naccept-ranges: bytes\r\netag: \"20b79885c785c677ff54b99b9acc5eaa\"\r\nlast-modified: Thu, 09 Apr 2026 06:14:11 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nage: 6290\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: a14162995cb735a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":213970,"size_decoded":214701,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"20b79885c785c677ff54b99b9acc5eaa","sha1":"c03e1ecb49945e271d842a81b8d54bc49e6a71ba","sha256":"ac6986bf338c52773e664b7749cc8744f71adcea1f3213de32ddef5bb38ce2a8","sha512":"6358b1301c6d0c1ac730c151fcf90ed74764fbe4696b62bd6e9e496d792fa6c826b767470771a513b63d556a57ffa54715b149ba472c543315d1035351c17399","ssdeep":"6144:FV97ccks5prWIPCnob/PvEBI7/iLJAV97ccks5prWIPCA:FYcks/rWIt/zkWYcks/rWIb","tlshash":"3324127fc55a21e602faff2f302774e4a37f1df3219065216be0a6f86c62b75052154a","first_seen":"2026-06-30T07:17:19.730585Z","last_seen":"2026-07-01T01:01:11.418344Z","times_seen":5,"resource_available":false,"data":null}},"time_used":38636,"timings":{"blocked":-1,"dns":14152,"connect":21317,"send":0,"wait":16,"receive":21,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"k7winta.com/2lx13r/main.css","fqdn":"k7winta.com","domain":"k7winta.com","tld":"com"},"ip":{"addr":"104.21.26.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://k7winta.com/","date":"2026-07-01T00:44:32.708Z","timestamp":1782866672708,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"k7winta.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Jun 2026 10:02:55 GMT","end":"Fri, 11 Sep 2026 11:01:28 GMT"},"fingerprint":{"sha1":"83:4D:88:DB:68:70:E7:2E:65:CC:F0:E5:8D:D4:EE:E1:9E:5D:37:90","sha256":"07:44:BF:1A:28:9C:8E:33:AA:4F:7A:3E:1B:B2:B4:4B:55:2B:AF:46:91:95:D2:4F:B9:00:FD:35:3E:2C:87:86"}}},"request":{"raw":"GET /2lx13r/main.css HTTP/1.1\r\nHost: k7winta.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://k7winta.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 01 Jul 2026 00:44:32 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 20 Feb 2026 11:35:29 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"69984701-62eb\"\r\nexpires: Wed, 01 Jul 2026 12:27:39 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nage: 1012\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iw%2B%2Fi1Du%2FIMfOzVSaVvX1EqJoi147AgI9V3Y43E6sJvKhUmmJXvS6vDi7ktNtDdv7IF22scnTGs%2BcwBjxGKB0BLg6jhRT%2BQD6fu6OUKE65ousVKFSt%2BaOfkQ2H%2B%2FBw%3D%3D\"}]}\r\ncf-ray: a14162007a695ebd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":25323,"size_decoded":4459,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"6e7c743a7b8c77151f37a38c56b158b6","sha1":"05ec552b566d5896b17c019b3f446567a74ca1fa","sha256":"a2ec35d5f88202db3d98eb2d9004b4af77753164e21cfff7f651657c8c4fd18d","sha512":"2bcff47be0b532d0ec079a2f107a362d889e1d23556857f3a7ed94c920c50b79d753d82a5e11d69b0abb2a8cab9daf536f9b37d7759714960f998940b0cea12f","ssdeep":"384:qQZmr/MJ3G+p7JLXq+RlMnXUjn3n1MnXe:qqmr/MJ3rtJLXqqlMnXUjn3n1MnXe","tlshash":"5ab210565eeb1d46b56fa478abf7cb82b2984093904dd7bd3f9c62088f4c0a89471f0d","first_seen":"2026-06-30T07:17:19.729322Z","last_seen":"2026-07-01T01:01:11.417289Z","times_seen":5,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"k7winta.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-T9XMTCMT7L","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://k7winta.com/","date":"2026-07-01T00:44:32.710Z","timestamp":1782866672710,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:36:11 GMT","end":"Mon, 31 Aug 2026 08:36:10 GMT"},"fingerprint":{"sha1":"0B:C5:65:06:DD:0F:AB:EB:1E:E7:97:52:C4:27:4E:58:4A:36:E4:7C","sha256":"0E:AA:42:5A:CD:B0:51:92:3F:AE:F6:35:E6:BB:66:30:A9:D3:23:7B:B0:56:D8:00:C7:B7:6C:67:06:C4:33:73"}}},"request":{"raw":"GET /gtag/js?id=G-T9XMTCMT7L HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://k7winta.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: zstd\r\nvary: Accept-Encoding\r\ndate: Wed, 01 Jul 2026 00:44:32 GMT\r\nexpires: Wed, 01 Jul 2026 00:44:32 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 164852\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":484957,"size_decoded":165456,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6033)","md5":"512db502b3147888e0ab5fef706082a6","sha1":"5c09a981c005386d7706de2596a16e1f30d7e982","sha256":"fdc02b7b77ae971c05c6aec7ae6bdd8f5de5442c0f970b316e26f57ad57805bc","sha512":"71db40adc75b0c7ba1c695f3cea1ef6cc2cf6af5ac1500f059d5212ffd4e999a4d8e1f1db817293de660273514526890d72dc9d78ad0f515ab07c23bcbe244ab","ssdeep":"6144:xL85WIa0ghEUFFLeDokPvvp0uL+STAd/J8NpE+6BbnxRZH:l85IhTzeDBvHpE+6TbH","tlshash":"77a409ceb3d674625396f478903f018ba57b28a2b44cc899f189cce42e7465a8177f7c","first_seen":"2026-07-01T00:28:13.364375Z","last_seen":"2026-07-01T01:01:11.414135Z","times_seen":3,"resource_available":true,"data":null}},"time_used":147,"timings":{"blocked":-1,"dns":2,"connect":14,"send":0,"wait":42,"receive":56,"ssl":32},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"k7winta.com/2lx13r/script.js","fqdn":"k7winta.com","domain":"k7winta.com","tld":"com"},"ip":{"addr":"104.21.26.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://k7winta.com/","date":"2026-07-01T00:44:32.712Z","timestamp":1782866672712,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"k7winta.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Jun 2026 10:02:55 GMT","end":"Fri, 11 Sep 2026 11:01:28 GMT"},"fingerprint":{"sha1":"83:4D:88:DB:68:70:E7:2E:65:CC:F0:E5:8D:D4:EE:E1:9E:5D:37:90","sha256":"07:44:BF:1A:28:9C:8E:33:AA:4F:7A:3E:1B:B2:B4:4B:55:2B:AF:46:91:95:D2:4F:B9:00:FD:35:3E:2C:87:86"}}},"request":{"raw":"GET /2lx13r/script.js HTTP/1.1\r\nHost: k7winta.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://k7winta.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 01 Jul 2026 00:44:32 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 20 Feb 2026 11:35:29 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"69984701-6f9\"\r\nexpires: Wed, 01 Jul 2026 12:27:39 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nage: 1012\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0D0rKnhIJPTyHTCiYD6DgSQncn76iQB4dr09MgJZTYlLtIlOF%2BdHcgwPYTTQYsxiYlFViuItxXksH58DEukmt8sPWExhwJHxm5377d5BhtJ%2F6zPbgEhLo5xewUdddA%3D%3D\"}]}\r\ncf-ray: a14162007a6a5ebd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1785,"size_decoded":1389,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text","md5":"0e3bfc5b2565cd16f567ea4c0b894d41","sha1":"52318adfe24da7a444bba27b89c54f392cfc5ae4","sha256":"fe0356a3b980ece6f5b540fc74ad200735ce2ac5a33403c2f8efac940de3578b","sha512":"d501ba02f199186e24ca92459810e48216f8a14e97a3b3753f7451d1ada85d71b8dd0b81d3aefefcbe1a357ac4da935c3dcda00fa770d54b138fdd96147edd00","ssdeep":"","tlshash":"61318f3ff1a619378013586673c751d7b910004b3541c8373a9dcf441f82a7654b29f9","first_seen":"2026-06-30T07:17:19.733314Z","last_seen":"2026-07-01T01:01:11.414767Z","times_seen":5,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"k7winta.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"k7winta.com/2lx13r/k7win.webp","fqdn":"k7winta.com","domain":"k7winta.com","tld":"com"},"ip":{"addr":"104.21.26.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://k7winta.com/","date":"2026-07-01T00:44:32.718Z","timestamp":1782866672718,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"k7winta.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Jun 2026 10:02:55 GMT","end":"Fri, 11 Sep 2026 11:01:28 GMT"},"fingerprint":{"sha1":"83:4D:88:DB:68:70:E7:2E:65:CC:F0:E5:8D:D4:EE:E1:9E:5D:37:90","sha256":"07:44:BF:1A:28:9C:8E:33:AA:4F:7A:3E:1B:B2:B4:4B:55:2B:AF:46:91:95:D2:4F:B9:00:FD:35:3E:2C:87:86"}}},"request":{"raw":"GET /2lx13r/k7win.webp HTTP/1.1\r\nHost: k7winta.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://k7winta.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 01 Jul 2026 00:44:32 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 18 Dec 2025 21:05:58 GMT\r\npriority: u=5,i\r\netag: \"69446cb6-4922\"\r\naccept-ranges: bytes\r\nage: 1012\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XqVsQED9fn3rF2532LvqANM85RxuErqKRyeNaK5zX2GmP1O5vcNtmKCyZ9l%2F3bk3uz3d5tIEdl%2FpM%2FKoKnSIhXwRePbXEc6id%2B72zAgqu1TyBJt746LFlFWd9BF4FA%3D%3D\"}]}\r\ncontent-length: 18722\r\ncf-ray: a14162008a6b5ebd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18722,"size_decoded":19422,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"f29d0cbc24dd0d7198274df7ef5eefc3","sha1":"ff4501c9572d0d834c8aeaa140ee70c00c816e40","sha256":"82c9c51d925f780532a1ca690136eb4dff44aaae422ac05ddec79853da83a882","sha512":"7a45413aa33c8580421d81272c5d9f703dbe3e51e9a685d90f5acbdc1864d23bc1187a254c59298fe4803f37429005902c68cc69321695fb0427f886eba959bf","ssdeep":"384:D45Iz77moFCcciqI9wef8fIUpbeTTQu3eeWj+mt:U5Iz77moFCcyyjf8fIUpOQu0j1t","tlshash":"4d82e0477d0f3f2a88c225585b8e0705823ba6d550497a4359f3c4eb746f2ef49ea0b6","first_seen":"2026-07-01T00:28:13.355245Z","last_seen":"2026-07-01T01:01:11.415339Z","times_seen":3,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"k7winta.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"k7winta.com/2lx13r/vip_experience.webp","fqdn":"k7winta.com","domain":"k7winta.com","tld":"com"},"ip":{"addr":"104.21.26.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://k7winta.com/","date":"2026-07-01T00:44:32.723Z","timestamp":1782866672723,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"k7winta.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Jun 2026 10:02:55 GMT","end":"Fri, 11 Sep 2026 11:01:28 GMT"},"fingerprint":{"sha1":"83:4D:88:DB:68:70:E7:2E:65:CC:F0:E5:8D:D4:EE:E1:9E:5D:37:90","sha256":"07:44:BF:1A:28:9C:8E:33:AA:4F:7A:3E:1B:B2:B4:4B:55:2B:AF:46:91:95:D2:4F:B9:00:FD:35:3E:2C:87:86"}}},"request":{"raw":"GET /2lx13r/vip_experience.webp HTTP/1.1\r\nHost: k7winta.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://k7winta.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 01 Jul 2026 00:44:32 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 18 Dec 2025 21:09:52 GMT\r\npriority: u=5,i\r\netag: \"69446da0-9a92\"\r\naccept-ranges: bytes\r\nage: 1012\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=D%2FKq4H51C0fQWVnUS202m82%2F6T%2FXxB4uP2v2HtfdP1zc6XBZUimZIy6aZfboBa9dhP4XQYZQoVmOaP9F7cWudLufHiepAAcWhJclfx92HKMh5akaDVFr3rpNhi4Slw%3D%3D\"}]}\r\ncontent-length: 39570\r\ncf-ray: a14162008a6f5ebd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":39570,"size_decoded":40268,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 512x512, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"d0440a8a1731c6964459ebec2f5f11d0","sha1":"269fafe111c03342172ccf79b9c8ce58bf20db94","sha256":"ef6f045495c801fecbdf463bbfee25eab9ee1d5cdae42f356fcd0526d2f822bd","sha512":"9cad7314fdd70a607d6be01ee84a479cb651400d7838ec900c49e6a4fa3e436f3b01598c9de9a443b36d8ec9990729750288cdc66dc3698a8f7874e23b031e38","ssdeep":"768:VRM7RetMQO8o/mjG02dsi2rWV8KLruMvlEyR7WQkPzHK5e:Pcg+OjYsDrWV80rB9qQGzHoe","tlshash":"c603f1a1046d63dbc32dd1a0f051c82da3f0c4f72e2099b3f52cb76593b1979ae6e444","first_seen":"2026-07-01T00:28:13.3526Z","last_seen":"2026-07-01T01:01:11.416765Z","times_seen":3,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"k7winta.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"k7winta.com/2lx13r/k7win.webp","fqdn":"k7winta.com","domain":"k7winta.com","tld":"com"},"ip":{"addr":"104.21.26.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://k7winta.com/","date":"2026-07-01T00:44:32.961Z","timestamp":1782866672961,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"k7winta.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Jun 2026 10:02:55 GMT","end":"Fri, 11 Sep 2026 11:01:28 GMT"},"fingerprint":{"sha1":"83:4D:88:DB:68:70:E7:2E:65:CC:F0:E5:8D:D4:EE:E1:9E:5D:37:90","sha256":"07:44:BF:1A:28:9C:8E:33:AA:4F:7A:3E:1B:B2:B4:4B:55:2B:AF:46:91:95:D2:4F:B9:00:FD:35:3E:2C:87:86"}}},"request":{"raw":"GET /2lx13r/k7win.webp HTTP/1.1\r\nHost: k7winta.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://k7winta.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 01 Jul 2026 00:44:32 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 18 Dec 2025 21:05:58 GMT\r\npriority: u=6,i=?0\r\netag: \"69446cb6-4922\"\r\naccept-ranges: bytes\r\nage: 1013\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=31BtuDNAtcZI1AoE2TeteTT%2F72BPSRYQwG4Id%2Fm3z%2F3RqHFcz1k8mjwMkeXONTpHA9yT2EG4neP%2BUROiB2EwFnLzSGMY5emjJgHuflQqdH6TmvPtbK%2BPumNvTEwySA%3D%3D\"}]}\r\ncontent-length: 18722\r\ncf-ray: a14162020a915ebd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18722,"size_decoded":19427,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"f29d0cbc24dd0d7198274df7ef5eefc3","sha1":"ff4501c9572d0d834c8aeaa140ee70c00c816e40","sha256":"82c9c51d925f780532a1ca690136eb4dff44aaae422ac05ddec79853da83a882","sha512":"7a45413aa33c8580421d81272c5d9f703dbe3e51e9a685d90f5acbdc1864d23bc1187a254c59298fe4803f37429005902c68cc69321695fb0427f886eba959bf","ssdeep":"384:D45Iz77moFCcciqI9wef8fIUpbeTTQu3eeWj+mt:U5Iz77moFCcyyjf8fIUpOQu0j1t","tlshash":"4d82e0477d0f3f2a88c225585b8e0705823ba6d550497a4359f3c4eb746f2ef49ea0b6","first_seen":"2026-07-01T00:28:13.355245Z","last_seen":"2026-07-01T01:01:11.415339Z","times_seen":3,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"k7winta.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"k7winta.com/2lx13r/k7win.webp","fqdn":"k7winta.com","domain":"k7winta.com","tld":"com"},"ip":{"addr":"104.21.26.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://k7winta.com/","date":"2026-07-01T00:44:32.963Z","timestamp":1782866672963,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"k7winta.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Jun 2026 10:02:55 GMT","end":"Fri, 11 Sep 2026 11:01:28 GMT"},"fingerprint":{"sha1":"83:4D:88:DB:68:70:E7:2E:65:CC:F0:E5:8D:D4:EE:E1:9E:5D:37:90","sha256":"07:44:BF:1A:28:9C:8E:33:AA:4F:7A:3E:1B:B2:B4:4B:55:2B:AF:46:91:95:D2:4F:B9:00:FD:35:3E:2C:87:86"}}},"request":{"raw":"GET /2lx13r/k7win.webp HTTP/1.1\r\nHost: k7winta.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://k7winta.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 01 Jul 2026 00:44:32 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 18 Dec 2025 21:05:58 GMT\r\npriority: u=6,i=?0\r\netag: \"69446cb6-4922\"\r\naccept-ranges: bytes\r\nage: 1013\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qWYfq3kjBA2bQrKkMu6XDCmB4EoBaJ3YgiURxZEUVBBeT9m%2BgrSTrEfxtd311rX9GUAtNrJ%2F6lU40asXAb5saRykIcCt1QSXdIXMngOzK6MEFTiZ3zrIydN3m9m%2Bag%3D%3D\"}]}\r\ncontent-length: 18722\r\ncf-ray: a14162020a935ebd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18722,"size_decoded":19423,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"f29d0cbc24dd0d7198274df7ef5eefc3","sha1":"ff4501c9572d0d834c8aeaa140ee70c00c816e40","sha256":"82c9c51d925f780532a1ca690136eb4dff44aaae422ac05ddec79853da83a882","sha512":"7a45413aa33c8580421d81272c5d9f703dbe3e51e9a685d90f5acbdc1864d23bc1187a254c59298fe4803f37429005902c68cc69321695fb0427f886eba959bf","ssdeep":"384:D45Iz77moFCcciqI9wef8fIUpbeTTQu3eeWj+mt:U5Iz77moFCcyyjf8fIUpOQu0j1t","tlshash":"4d82e0477d0f3f2a88c225585b8e0705823ba6d550497a4359f3c4eb746f2ef49ea0b6","first_seen":"2026-07-01T00:28:13.355245Z","last_seen":"2026-07-01T01:01:11.415339Z","times_seen":3,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"k7winta.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"k7winta.com/","fqdn":"k7winta.com","domain":"k7winta.com","tld":"com"},"ip":{"addr":"104.21.26.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-01T00:44:31.845Z","timestamp":1782866671845,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"k7winta.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Jun 2026 10:02:55 GMT","end":"Fri, 11 Sep 2026 11:01:28 GMT"},"fingerprint":{"sha1":"83:4D:88:DB:68:70:E7:2E:65:CC:F0:E5:8D:D4:EE:E1:9E:5D:37:90","sha256":"07:44:BF:1A:28:9C:8E:33:AA:4F:7A:3E:1B:B2:B4:4B:55:2B:AF:46:91:95:D2:4F:B9:00:FD:35:3E:2C:87:86"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: k7winta.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 01 Jul 2026 00:44:32 GMT\r\ncontent-type: text/html\r\nlast-modified: Fri, 20 Feb 2026 11:35:29 GMT\r\ncontent-encoding: zstd\r\npriority: u=0,i\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cMiyJo86lIuEv%2FZj2PXba%2Bd4%2FA7pPR%2FXYflVU9tgBuk0kx2PvCo%2FQbhNOVM%2BVFgYawJ4T8HJRPp4qEKq2Of663pqHsu%2BKdIoZJ96hg5v13q7vI7Dub5alm5tudQEPQ%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncf-ray: a14161fb29f65ebd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":60399,"size_decoded":12960,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (515)","md5":"9037bf02da6e6cf4e7c19bacdbb3b8f6","sha1":"8bcfbaa6b56de924002756a09ddd5545c3d1c548","sha256":"7798dacb7a176cc001fc7faef2d1bb2a3d36b138d24a7f1337f50fa16e0ee555","sha512":"9123fcae7da940ba612341b56cfe8923b7b81fd32ae4bae9c230923cb7f3a08b0d34baae87985af6b3086186982106a475cc1d53e2b85501ff545ad7436c64e8","ssdeep":"384:SKlY8qwxroIYpBEvMCx+AYr+eFQrCVBA8n6r/GFBtg:SKlY8HOrEvxx+auTkGG","tlshash":"e5439611d8e0150b155790a06aa1c72b2f54428bb60f8be577bc86b1bfcd9e4cc7b78d","first_seen":"2026-07-01T00:28:13.342727Z","last_seen":"2026-07-01T01:01:11.413472Z","times_seen":3,"resource_available":true,"data":null}},"time_used":384,"timings":{"blocked":-1,"dns":4,"connect":13,"send":0,"wait":365,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"k7winta.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"k7winta.com/2lx13r/welcome_bonus.webp","fqdn":"k7winta.com","domain":"k7winta.com","tld":"com"},"ip":{"addr":"104.21.26.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://k7winta.com/","date":"2026-07-01T00:44:32.720Z","timestamp":1782866672720,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"k7winta.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Jun 2026 10:02:55 GMT","end":"Fri, 11 Sep 2026 11:01:28 GMT"},"fingerprint":{"sha1":"83:4D:88:DB:68:70:E7:2E:65:CC:F0:E5:8D:D4:EE:E1:9E:5D:37:90","sha256":"07:44:BF:1A:28:9C:8E:33:AA:4F:7A:3E:1B:B2:B4:4B:55:2B:AF:46:91:95:D2:4F:B9:00:FD:35:3E:2C:87:86"}}},"request":{"raw":"GET /2lx13r/welcome_bonus.webp HTTP/1.1\r\nHost: k7winta.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://k7winta.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 01 Jul 2026 00:44:32 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 18 Dec 2025 21:09:52 GMT\r\npriority: u=5,i\r\netag: \"69446da0-5578\"\r\naccept-ranges: bytes\r\nage: 1012\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uiZRDKWrP4I%2FJuAektD6%2FYWYklEOPtXUboh%2BhWdr%2FOaj%2BNOX0VafkcjKYx3HyxJOfQaxlmGVjW0x3JGryT6f2kUA9t%2FbYkGx5bZayawmx7QhW4vpc%2Fq1b1DFBbUa4Q%3D%3D\"}]}\r\ncontent-length: 21880\r\ncf-ray: a14162008a6c5ebd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21880,"size_decoded":22586,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 512x512, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"74b7f3e80714265773588eb8864d8ee4","sha1":"39d40a3464f7cb5c893ead829bc28b4fc2310bfd","sha256":"72c5328e8db38a97551463cf2e422b3e97f7c7bdbe970283d9ed5da5e17fb629","sha512":"7767278998392ec31a34871edbd096a52fd84838cc258c7a8aa71c133daa88864bf2849ce75fd8bdd923119c6115c53d7dcd819f69731b238e2ea615d665b75b","ssdeep":"384:hlL7T9wpOh5dPi70CoK0hJriddUm2crskmHdAht8hI/PvmHRORBslt1f6N5fOzly:j7xwpmbsTB0hIdaVvkmMt8hI/WHRwKP4","tlshash":"52a2e06b439b32b19605cb251e004668d89f792572e8c22cfca9b726fa218597f36811","first_seen":"2026-07-01T00:28:13.343949Z","last_seen":"2026-07-01T01:01:11.417831Z","times_seen":3,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"k7winta.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}
