{"report_id":"3cdc1ae2-8a9b-48a5-9259-9e08a134ed42","version":6,"status":"done","tags":[],"date":"2026-03-24T07:16:20Z","url":{"schema":"http","addr":"dewanusa.rest","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"dewanusa.rest/","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"title":"Dewanusa - Platform Official Game Online Terpopuler Di Indonesia","dom":{"size":6643,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (5178)","md5":"23807b3d4e0cc934b7763a97f1bc442c","sha1":"2cc9f93ce6726899acae0ab122ca0f32435cd8c0","sha256":"a922b0b735f787721fa1d51cf51cae163648d22921a6a26b64d039447f5732ba","sha512":"b2b689cdb8764930645f5bc9c081a118f6a08aa909b1ed8547fbafd35992b19a964addabe3a1d61bfea1fb21c5067b0491dd9e562970c708ff265ea76363f5cc","ssdeep":"192:bAG2vs2FsQIHm4d4v+R7VdnJ0lXjLMhON8jWz8mlggk3hp+N:2edVpcjLIOMWz8mlggk3hp+N","tlshash":"a5d1313f413127399027de6c4bb477574238d46a7d6a67fa25126a19c7cbe8308e338b","dom_hash":"domhash1b4ad9dcc14e775302ead940e1ae03a3","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"dewanusa.rest","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-28T07:16:20Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":2,"urlquery":0,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-24T07:16:00Z","timestamp":1774336560,"ip_dst":{"addr":"43.132.105.206","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":40930,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Tencent Cloud Storage Domain (myqcloud .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-24T07:16:00.058623+0000\",\"flow_id\":1559572320866132,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":40930,\"dest_ip\":\"43.132.105.206\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2050737,\"rev\":1,\"signature\":\"ET INFO Observed Tencent Cloud Storage Domain (myqcloud .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_02_06\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_02_06\"]}},\"tls\":{\"sni\":\"core-1333692039.cos.ap-hongkong.myqcloud.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"699a80bdb17efe157c861f92c5bf5d1d\",\"string\":\"771,49199,0-65281-11\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":910,\"bytes_toclient\":3092,\"start\":\"2026-03-24T07:15:59.511828+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-24T07:16:00Z","timestamp":1774336560,"ip_dst":{"addr":"43.132.105.206","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":40936,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Tencent Cloud Storage Domain (myqcloud .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-24T07:16:00.309140+0000\",\"flow_id\":1802847858435752,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":40936,\"dest_ip\":\"43.132.105.206\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2050737,\"rev\":1,\"signature\":\"ET INFO Observed Tencent Cloud Storage Domain (myqcloud .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_02_06\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_02_06\"]}},\"tls\":{\"sni\":\"core-1333692039.cos.ap-hongkong.myqcloud.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"699a80bdb17efe157c861f92c5bf5d1d\",\"string\":\"771,49199,0-65281-11\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":910,\"bytes_toclient\":3092,\"start\":\"2026-03-24T07:15:59.763560+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"dewanusa.rest","ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-02-24","domain_rank":0,"first_seen":"2026-03-24T07:16:27.498815Z","last_seen":"2026-03-24T07:16:27.498815Z","alert_count":129,"request_count":129,"received_data":4256148,"sent_data":74531,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Next.js","description":"Next.js is a React framework for developing single page Javascript applications.","website":"https://nextjs.org","common_platform_enumeration":"cpe:2.3:a:zeit:next.js:*:*:*:*:*:*:*:*","icon":"Next.js.svg","categories":["JavaScript frameworks","Web frameworks"]},{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]},{"name":"Webpack","description":"Webpack is an open-source JavaScript module bundler.","website":"https://webpack.js.org/","common_platform_enumeration":"","icon":"Webpack.svg","categories":["Miscellaneous"]},{"name":"AMP","description":"AMP, originally created by Google, is an open-source HTML framework developed by the AMP open-source Project. AMP is designed to help webpages load faster.","website":"https://www.amp.dev","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["JavaScript frameworks"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"216.58.201.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-03-22T22:23:33.61086Z","alert_count":0,"request_count":1,"received_data":466887,"sent_data":434,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"accounts.livechatinc.com","ip":{"addr":"2.22.225.83","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"domain_registered":"2005-10-31","domain_rank":44666,"first_seen":"2017-07-31T05:50:56Z","last_seen":"2026-03-23T12:39:59.395752Z","alert_count":0,"request_count":1,"received_data":1797,"sent_data":534,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"secure.livechatinc.com","ip":{"addr":"2.22.225.83","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"domain_registered":"2005-10-31","domain_rank":8212,"first_seen":"2012-08-20T19:27:12Z","last_seen":"2026-03-23T15:01:12.367212Z","alert_count":0,"request_count":1,"received_data":2002,"sent_data":712,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.livechatinc.com","ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2005-10-31","domain_rank":36142,"first_seen":"2012-06-22T08:37:34Z","last_seen":"2026-03-23T10:39:58.103915Z","alert_count":0,"request_count":19,"received_data":1401214,"sent_data":9140,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]},{"fqdn":"core-1333692039.cos.ap-hongkong.myqcloud.com","ip":{"addr":"43.132.105.206","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Hong Kong","country_code":"HK"},"domain_registered":"2013-04-24","domain_rank":0,"first_seen":"2025-07-23T13:52:43.558513Z","last_seen":"2026-03-23T15:44:37.918368Z","alert_count":0,"request_count":2,"received_data":442754,"sent_data":1009,"comment":"","tags":null,"fingerprints":null},{"fqdn":"api.livechatinc.com","ip":{"addr":"2.22.225.83","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"domain_registered":"2005-10-31","domain_rank":29526,"first_seen":"2013-12-20T14:27:35Z","last_seen":"2026-03-23T22:39:45.742119Z","alert_count":0,"request_count":4,"received_data":22063,"sent_data":2544,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.files-text.com","ip":{"addr":"2.22.225.83","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"domain_registered":"2023-08-09","domain_rank":89437,"first_seen":"2024-04-10T05:26:58Z","last_seen":"2026-03-19T20:09:39.920547Z","alert_count":0,"request_count":4,"received_data":391000,"sent_data":2089,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/1991-b814e40b7d0ea1da.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f89abc9c6604e31d892841b3f839505c","sha1":"60071d620032eb60e3a9cf5f8f224ef5ecce8c46","sha256":"df58f6a2b83b88eae74fd54df9bc7b26b73cd1b590f17053d607bd35a83d11ba","sha512":"d191205e7ed17cc1e87c63f3c4fd611024b05ddd2877e4c61b6409838e4c9a946ed563c465f4cab0eef93fc575a7bcbcc6f9907a4140c57eabe14b7f29cc8d3d","ssdeep":"","tlshash":"9a1132f97298b8575b8612c518f525d690746728746ca04cef90d29ac0f469c5498f70","size":1000,"data":"","first_seen":"2026-03-24T07:16:35.244946Z","last_seen":"2026-03-24T07:16:35.244946Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/18.BwJqqA7t.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"b7eea9e08547172d80a90ede5fc239b5","sha1":"c309ed972776ff2f42d6233d434199378b0b0449","sha256":"5c301867cb63a886e85962abdd05a64d3eb6df916260efc1433f22b97ed87128","sha512":"30e11b1d7dec0d21284297f0c6addd8aa824c4ae5a45514e6cb9c35767a092535e3d8b1a1d58593326f4d8cfc8eb451f4d92da5bae6bbcafb375409fdb2ff73d","ssdeep":"96:iIUUP2pJtLmIiCZ+lDFlL+o8C1iq9S3jHN+3NtbNu82HMTOC:6UV5CwlZlCo8uicS3jt+9txpBKC","tlshash":"2481c8ab32dcbcb6f5c682e690675160539d11a9280d4fd0d02bcfd501ba3d436eaf6b","size":4151,"data":"","first_seen":"2026-03-21T09:26:08.668755Z","last_seen":"2026-03-24T07:16:47.233684Z","times_seen":33,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/app/error-7a82f2ef8d29ec42.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1fa113a0d59cc37823cbd298803ef7de","sha1":"75137b033027726e63d9e6f23008da2a196c23c6","sha256":"f5718e61ffab4ea80b96f11fb4650f15a20955da7cde323d6f2ea0d8c6d8bf25","sha512":"e6990bb57cc2646013fee52b5adc0224554a204bb6e9ded1a5b8b76c2e67f453707b759544cecbe08f8aa275bd25ba00d69cdac04374666c02cc9e41ebfb8539","ssdeep":"","tlshash":"571120697184bc98786708ec583bd41cb1570c3c027daa7c7ad79d1c01d84c0f1637c8","size":1081,"data":"","first_seen":"2026-03-23T15:44:44.414508Z","last_seen":"2026-03-26T08:43:48.686756Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secure.livechatinc.com/customer/action/open_chat?license_id=17809494\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=b8f4f49c-d724-4914-a885-4e5a1e71f678\u0026use_parent_storage=1\u0026x-region=us-south1","fqdn":"secure.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"2.22.225.83","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":true,"md5":"d30bfddcdb3764a782b7c8584021d1d6","sha1":"64ed02149d0db57e6c1d68992361d7c1330a663a","sha256":"5a8894efd9ef253bc344f5587ea4fb4f4b8da39d4dbd49a390c2302898411623","sha512":"7f7061097e172e659abcf34d29c148da0bc746fde1307cefa2bcc88ee94db292ba498b3f287a8436b39f9e6d44d5e145350896e447ac7c3cfb281a91a5bc6c97","ssdeep":"","tlshash":"79b09222c200942a24ba8118239fa6073110537a80660c1b143c64a436e610f80a239f","size":105,"data":"","first_seen":"2025-03-02T06:33:06.481005Z","last_seen":"2026-06-13T16:26:54.676675Z","times_seen":26431,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/app/loading-283d6049c6462cb3.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e42255a6ffc1ef644fee177ae658d9f4","sha1":"a4c7ab46e12a1bcb21da60c79eaabeb27885f027","sha256":"ca666a8ded373a83e94751c9b38e7caea3d79cc41d5eb9becd2f4173b5dac5a1","sha512":"78316e3fb0ff16d8d62567cf7b6f53155ec1e200f8b03b5c95580afe2966f14065a31b525a9f3c4fca0a2132d1442677cfcf00f0d1d154148fe6bb28e34e808a","ssdeep":"192:s8KhKfaOSOvxzQYHM51Qn3q9jIde8R8xOpCIFDPu/0LaSk6:sWTHM5I69jNWphu/0LaSD","tlshash":"f712e9cdb682fc3a576352a1c2bf1102f31e18005e1d6914f2b6dc782656dae6239fb9","size":9729,"data":"","first_seen":"2026-03-23T15:44:44.502288Z","last_seen":"2026-03-26T08:43:48.724521Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"7b047d2684359452e6a328297ad1d89e","sha1":"db895c7869fbeb736aa5e869d15d915c1cfc78ff","sha256":"2587d8031afc7850195ba58b0e975d3210a273ccc78aa4513d1a79c876dd8df7","sha512":"dbe72095ec055849ba17b4e9647c020b809cacc0f7d17db44faba85e6dbe75675cb02a7e343c5ccac64b0aec48c44d12474ad3281af9286e5f8df728bc2c2463","ssdeep":"","tlshash":"17c08c88210a0c7241a626008b2fa604b0423214d4e8ae21888963045e30e07db44820","size":153,"data":"","first_seen":"2026-03-23T15:44:44.533979Z","last_seen":"2026-03-26T08:43:48.81751Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/9562-2506a7181cab6977.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7f83a7432737dd3bf4745de4b10f081a","sha1":"a8412bfc72190b5e638cb7c38e6daac72019d298","sha256":"a635d04c9ba0e9cc4ba004241e4ca328c9daab7762e75bec28b4e4b33ec1a16e","sha512":"f6a9725bd49b7aa7e79e3005fba627bb81eb33ee4215d5a02f859f5a8b2e27ac918f160a9dd0759a90e97a2143e0c2c182004ef82d35bcaaa28e308ef91c7924","ssdeep":"384:A5HLQiyMaNARPZQBfHA58jDJwVWn6Q8WnGl:KCNA1IAMAv1WM","tlshash":"6142fae4a293b866ff6fe1c5d8cf4416bb0e98106b290d25f273564411c8784e562ffe","size":12432,"data":"","first_seen":"2026-03-23T15:44:44.418202Z","last_seen":"2026-03-26T08:43:48.682461Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/690-eb9a0daf484b161d.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3b75a7616909d74cf21e2a5da53519e4","sha1":"56c2bd4ef9f0cce901e8ca08464f41a680c3ce4c","sha256":"d108fc2e666ddfaf6e5a1bf9342bc91eb5b5aca8345e2c46f8bb74715f89ab4c","sha512":"a28064a65c7c4ac8c2dd0e98a7089a865d53019a6954d093f16d790e325659cab35f4456c2ae4efd909733b872d9132142e3ff94bb4764124c2965017232cb0f","ssdeep":"192:5A9eQshaA4xBSSwSVMX49sW31xNZZQwARcAhZbNWIepCx7TQPL9h:5vbamSBmtW31xNZKwARcAhvW2xnQD9h","tlshash":"35f17474a75194a03f6f49cce88e4d94f72a92028f394c75f57a1aa4538cbc4ed413bd","size":7648,"data":"","first_seen":"2026-03-23T15:44:44.496281Z","last_seen":"2026-03-26T08:43:48.714704Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/531-1c355ace24eaed22.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"583ae2704f651d4e3eb375bc8d227e2c","sha1":"fc3842f8ee5d1caef0b7b7405aedeeefa318eeea","sha256":"6857b35537b56f58c47514be3f92ccdff2485fc79bfb47fca2149e727b910316","sha512":"77cd5b125754d3e0c0c2e7647adc0fc0778dde7153993068cedba2c80722baa5f3dcd9b4e76035181e370428be8fa1bffd2087510d25ab58256809abed45c76b","ssdeep":"384:KTMMTptRCIMjJKq71/5w4fFtwXSKrNzQU7bcgkiTkToTH3Cs:8zTzyNYi1U7bcS62l","tlshash":"9072fac1b051b4f4dbf741d191ff400aa33a3e486d2e8218b1b9ac972a516ec7257fb6","size":16588,"data":"","first_seen":"2026-03-23T15:44:44.52676Z","last_seen":"2026-03-26T08:43:48.634215Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/9.xhyEK0_l.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"c96a39460d2b0a92409b2b92f3da88f9","sha1":"c1ad7e3c7f38743ebadf589676726dad6799a9d5","sha256":"af2012b0cdfa449f186df2f8dc9b3e64b48b8c5c630cc8d3c4df61973499e7c4","sha512":"c6a642b4f09c7dc0b2679c972cc99e4c1e00e268d309aae062883d3eeeb7d3e39bef53388dd20aae7f733da57ed2374c1b12ded0997cbca2762b4b03c332cbfd","ssdeep":"","tlshash":"27a022ca38ca32ae020230300f0f20c0e0b8c02c030e0328800a0200b2300a002ffc3c","size":74,"data":"","first_seen":"2024-06-24T12:34:03Z","last_seen":"2026-06-13T16:26:54.64225Z","times_seen":18446,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/934-a7039514578e6f7a.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d579e34f0dd9aa8a5ea228b3e0150a93","sha1":"155184d5f39552a5e161a542d5cbfce0be74a51e","sha256":"631b5894eecddfa397aa192ab4f051c69a36369115b10b1ec56f14af38e5fb1e","sha512":"a23df9fc8a78db6e2865ec8e64a65be8bbd6481cabe42eae18dec5678f184360c6abe2061f311e20b665dbe0352fb8bff82f5d554205327e6d2a491730e355f5","ssdeep":"96:dq0BbZ6O7yCtR8hXsE4C7RRmMKIyNHI/bSI1Mqz81fuyV4tNv9fA2Xh2KoZZKQQH:nljxosVCjKIpTSgXafVV43atZZjLdJ1C","tlshash":"6ff196e1f792a465ad6bc2c9e5db8804f6390a0416250e34f173189432886daff53fb9","size":8113,"data":"","first_seen":"2026-03-23T15:44:44.527593Z","last_seen":"2026-03-26T08:43:48.709558Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.livechatinc.com/global-mapper/lc_license_id/17809494/region?jsonp=__lc_region","fqdn":"api.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b17346aced6298b7e1cadcd62f40003c","sha1":"c28b849fff4b4d9d006d803bc4d18368446ddce4","sha256":"a379b1707064386da00957301b6eb053249cfb462047d44e4fb6d52898f5b78b","sha512":"93be3c00856eedc8cedd0c7bd2b2a5873aa85dcf9e893d9e972421d122c568cbb1c9b4ca633497bc80900f688898040a218616dc69a4716fcd3d5a2dc93fb928","ssdeep":"","tlshash":"8080000e20002ae30a20ef3e8023ec0cb03e033223008288c302208228002b0822ae0b","size":35,"data":"","first_seen":"2025-05-16T12:26:33.454661Z","last_seen":"2026-06-13T16:26:54.648752Z","times_seen":27990,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/7578-4507425450582a27.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"eeab93b4025d2abd1d49ef6a95b5541b","sha1":"06e264903c38d96e19791ef54e9011092fe1b743","sha256":"a5aafda15423d305b79593bc0399fd6b72041fa3040fa127467b96826d97421b","sha512":"10b3614ff6fb68aae381a3327b3356415dc8ec70a75779c137a55a9c6436667df2338de0facd07232e7f6cd81ffb1741d6fe9c7dafc251a801ace98aed1be4e2","ssdeep":"192:TjJWjEQ8vRTrNvjJpSArUTSf5JAtpueT3bS4c:/JQ8p5vbrUAMtIe3K","tlshash":"03e1d7b9b5d8f68475e74dec24fb840ca15e092cc03a1a2dfbd564661296dd03827bec","size":7305,"data":"","first_seen":"2026-03-23T15:44:44.411706Z","last_seen":"2026-03-26T08:43:48.704247Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/8072-1ddc1b284d6d60a7.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8133de88065b216fdfdb4e3175509c75","sha1":"70b27dc6ae9a0f55ac87124d5fd97f63ad193589","sha256":"3b370869240b5acf09b839c45c5e8ad31c3c83002ba9b286cfd8fcd49fcac1c6","sha512":"40284beb9bdd51997a07f3587a08bcfb7caaa887115f62af9b920bf23b77527f6b83ef01c0fc4f059516ba41e722fcff8d9ddd371e8a0db495c0674c0fe78795","ssdeep":"192:iX0ivH0XBALjitAYvRFbCSJjyjEgxNc/IN1LYCBargyR2LfTWNVx+WFQpsFZfZ9b:4NpMZ1JjbUNhN1LggyTnAWI09Z96t4","tlshash":"b18274edb1c6b072a39b20e9802f9109f37f28d1684e0551e274d6c63c7916a8273fbd","size":17993,"data":"","first_seen":"2026-03-23T15:44:44.531166Z","last_seen":"2026-03-26T08:43:48.702312Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/3.DazHfinG.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"2d77a6aa353e00f553a63318304ed405","sha1":"79829fe224284805c193a91d2fd444f246271fe0","sha256":"f068996cda742dd6fdb0e857c16b010966bf690480381465595e2b22935de2cb","sha512":"8a7fdf55c616c0d7f3f6d03d2196d7c4d82cb385c2dc73ba36ab9a08ac2f43cbee752de0e10302fda3277fa54813cad993b838b0ae98ac1f17e3d5001a67a228","ssdeep":"","tlshash":"fcf08bc53592f5ea02ab59c548379003f3298818b4baf580e614c5f12493057471ab27","size":546,"data":"","first_seen":"2026-03-18T09:33:42.028688Z","last_seen":"2026-04-07T10:47:46.077135Z","times_seen":1372,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/app/page-b2cb7dcd397e9a12.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2acc9d0ad104b485223c51b5c9126382","sha1":"48e5e5946780b98ad9d37edd4d5f41858f82e12a","sha256":"aedebeecbb374df05cfb8a38c26a9359c43e8c32892ebfe87e3bc26aa74e6d28","sha512":"3d79031631699a10c5484510a853198d2d9d0f29dddf6c47f98815b44d3b7e122ed6392b8b3324e4030dd398ff0b752801c4f51be1b28f97c892c0dc411df457","ssdeep":"384:DEnmeNmt535CYUeuubW6t2TP7Lc6aViaV7nRll+AHqUg44AuE6y8yJQLhiuA0ZCK:HLnXW2sP7w6aViaVfqNqcyJQLhiuRZCK","tlshash":"89b2c8b8abd9fd48a8778ddce097840d624f4c2c833f5a6cb3955c4912d5ac47123bad","size":23570,"data":"","first_seen":"2026-03-23T15:44:44.461093Z","last_seen":"2026-03-26T08:43:48.808582Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/6650-b0d7d93c3e72564d.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"26024a4d3d0763c0396794c322778747","sha1":"7a19fffdf7f4aeed016566d4590ea6b8efbda1db","sha256":"387127cf5b423ca964e579ca4c2c0701b10fdc67061318884c2ad20600e5b47d","sha512":"5125e921fe6848457729b2031926886686b67750a7b376d7ff7cf9ef981d45b50a78e29f594d00c1a5b5a01a0e19af1ea7882bbe988a8a5fe365d7055f97dfa1","ssdeep":"96:NUpBA4lErV/Xh2WHhQZezubBHonrmzTAQ46aAfXptW7LGxLvJgU2B2fMy5CZwspV:NTV/1KZezYBHZzTAcaAR2GxLvJgfy5CH","tlshash":"e6c1d887e966a49bcf4d2c3d803b4f23e0a62a251d4ec49062f0d467167fe4d7560d79","size":5713,"data":"","first_seen":"2026-03-23T15:44:44.423661Z","last_seen":"2026-03-26T08:43:48.718821Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/livechat.hgJsKRWh.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"7a06ecb0aea6247a9cf4458c604c0910","sha1":"1cde3c0d6ccec1951dde410fa90f224572d0f567","sha256":"e8317dbfe5c4731a8f0b8d2ba68cf03987156d773de81f916e6861a7c5a817f8","sha512":"614992feae9cf682a18c5e8d9893587e67be993e4d02566ba0fbed9d3e7572058aed41237268ed19428a1f54606d9f1926680c7ac086a38c7597eeba26aec597","ssdeep":"","tlshash":"75e0cadadb0039e2f688ddf4c404e4e206fb13aa4bb583b084cf137153150a5de06502","size":401,"data":"","first_seen":"2026-03-20T13:10:16.665174Z","last_seen":"2026-03-24T07:16:47.182581Z","times_seen":223,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/2.e4ZPo7IS.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"b8704e9a4fac9cc6ed31a8ee1ced5744","sha1":"599832fa652fb79cff9fee0acfc06371c39cd801","sha256":"b03428d1cd76ca76a60c969ad81ec13b9c53b424561703c4cde067c7c9dac2dc","sha512":"c175128402adf09a457727636f145aad345c2fbd4ae2a2ec1478e383bb1cb96a853163d3be9c911b249b943cc60ae82c8979f03468098cb4de96a9648003a16b","ssdeep":"12288:AR51UTGQCkC8iMQiiH56K1rNZoEOWtaPloSdXGZMRZNW8KfAZExrr8jr0IbM4f+T:AR51UTGnZohzGf","tlshash":"30946bd0b242b938dbe7c19b90bb1609f73d3d09b42a9661f1bde85d33940489277fa4","size":445522,"data":"","first_seen":"2026-03-20T13:10:16.638449Z","last_seen":"2026-03-24T07:16:47.227643Z","times_seen":225,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"b09acf40f4abfd8bf0b9a1ca33d2cbd5","sha1":"9f01384d4cfba92df3877d38bba2eb4403bf0849","sha256":"4198fb6f0c5b921082254d2e9cfc93dff7fa98614d6a067afe5c9a0578442caa","sha512":"57da3f95f478c0c112954d2dd98051aa77a2b82c5f2fe7ba40e88fa0f50d516f33e159febf42a0172a2c3e61950b757f7a4a156163e6b3067b99f467f3904529","ssdeep":"","tlshash":"19011289fc42b07696963228763bfa07516313251894a4336efdc36fef32d97811368c","size":844,"data":"","first_seen":"2026-03-23T15:44:44.534871Z","last_seen":"2026-03-26T08:43:48.819577Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"22e25f9900325b878714300592041891","sha1":"274749a40433c3ebd1defe687ea1eace32dd9b1e","sha256":"0931c9a5cff0f3ada852d407d54fa300e039e45c3ff5ab6e4daa0a97635b55d2","sha512":"7a111778aab02a5d3e423201a207f247409528aad219aa550813eec0dec63dab4d093c8e66008cc8fdd52e9a7a1585facb8a3a998a611325844b8e7355a6ef90","ssdeep":"","tlshash":"f0f0234c3c52b42337f93634c3278e6f3359070135839524c605cc346c544c60896c8d","size":444,"data":"","first_seen":"2026-03-23T15:44:44.535731Z","last_seen":"2026-03-26T08:43:48.820286Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","size":1239,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-06-13T17:33:46.023529Z","times_seen":368207,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4941b1c2c240d870fc03ae0406939074","sha1":"d1b90bf12ebbfeba06c64eb2edb1d30279ef5551","sha256":"87b8eecf67a7b491ce3e9a9b295789ca5820212acce17d6745822a72fc057b8c","sha512":"b704e2f8b7df0e3c9639f02ba11f7a76036ff823b96da06b8cfe7a9a9c1df7d5a4d170b78f838f38dfcd4affa57ef0b4580bd16d2dbd453d9e30f9f68e064ae0","ssdeep":"","tlshash":"13f0239c3c52b05337f93634c2239e6f3352070075835524c606cc2828544c61886c4d","size":445,"data":"","first_seen":"2026-03-23T15:44:44.536539Z","last_seen":"2026-03-26T08:43:48.821919Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/10.al-9NYxR.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"4a073c5805819d74eabd3e843372d502","sha1":"cb12e953dbee2d3ea08d35d86bcd2476a490bda9","sha256":"0cb3247cac5de8fcdfb226ebe2dc4960b6ed473966359f73ca13ca286309122b","sha512":"036da8fb3959ebbef26b546019535a9edb7a99227a28252878247a756d3a7ea693f48e9ffdaf5886faa7fb2cbe56292bbf9552db5dd1d26e6574d8034ee183ba","ssdeep":"","tlshash":"ebd0a78cb643b0b16276b138853f801fb035e984a44404f0d13ad9c03d7c1a97597c5d","size":236,"data":"","first_seen":"2025-11-04T08:39:27.95245Z","last_seen":"2026-06-13T16:26:54.612847Z","times_seen":16307,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/19.CmqAOXBd.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"94646c3b493da342a4559c08a7d57c08","sha1":"c56d10f3fd8f619136ce94a4566cede8b77e6600","sha256":"4a4a80749665cd9223fbae945b708f81eec6bd7abac80c653651868bfb5530e4","sha512":"f7922e344997ea9cdfe4f8268acd7031e143d2941090c5e0e21ba59ab7003f83f565e08f04fff2b0eef31253327a7413bb46e9d13253a50758a5d60b33065463","ssdeep":"3072:zazYGdShfUE2W852wucPNPJS5ZKcDArf+fiGmD5rSEz/XC97XyXFfX6djpGoZXY:zZGdShfUE2W85rrPxJcDArfQiGmD5r93","tlshash":"6df31ae07352ba2cdbe7c1d9e1a63504f33cae45b82b0756f1af6c1e3094a846171fa5","size":170974,"data":"","first_seen":"2026-03-21T09:26:08.649052Z","last_seen":"2026-03-24T07:16:47.257501Z","times_seen":33,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"57feb403fc0ad297195f748b79c1764a","sha1":"d16670ebe7c64508aebdfffb42f298f4292b65cf","sha256":"336b99994a8910f317baccee842e3a4eef42e77320d2d460a47f25e12e76cc46","sha512":"61112c0fa9dd83eb65e241c21991c5926824b562e3a6186d08f9f207c0cf3396dbabbb1ddd39c2156bceafcfd9f0d85dc1cd0aad78b4331e8d5001b440436d39","ssdeep":"","tlshash":"c1f0a35d3c66b05737fd7538c667ce7f33650b0175839525c645cc2478544865886d4e","size":445,"data":"","first_seen":"2026-03-23T15:44:44.537354Z","last_seen":"2026-03-26T08:43:48.822853Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/14.CbrGcdbU.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"1245fac37f3b266ee47fb9ad9352ffd6","sha1":"2fcb3ffdf47f069995adb65b400bf97bf8376cc9","sha256":"6cad9e49d556963ec7d665099f069175775a55fdd40116dbccf8feab574242c3","sha512":"738b7f1cc7e2b47a1fbbe9210859ed0feb64bfcf8e26e5faf6a2d4ac890384b23a99d52d74896a177d47974c5e9b985b3514fbe2c7c1620ebcc4350cbaf9bc87","ssdeep":"","tlshash":"e421df9ead48e5714be84de590a21c36da68631cb1abc4f0f16b1e9633058c312f3e17","size":1202,"data":"","first_seen":"2026-03-19T11:32:13.705712Z","last_seen":"2026-03-24T07:16:47.234363Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"7ee5f03e3c07d4ee320d20852b0a1fa6","sha1":"9c7e216b8e79c03e795c876e6cda392b3f27cdf9","sha256":"00ff832f87d5bf2967e74413cff98915f6b13157f580cdb03672f25b1675e1ea","sha512":"a2964c3a4164387a61e148953df78a87a469e5362b4dbe5df1b060ea83266f59620b02a48a5a9f77492b29c5a390553b23cd6ca6687a7757e7db8c8b1ef2e759","ssdeep":"","tlshash":"bbf0ab9d3c66b0673bf93739d623cb6f33a607017583a525d646cc2468649861886d8e","size":445,"data":"","first_seen":"2026-03-23T15:44:44.538604Z","last_seen":"2026-03-26T08:43:48.823554Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/7632-d71d85eb2f5f70b7.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a472ba03665b61da6913975d1ef2ae77","sha1":"b34745b44facaa4cc35eb3c185563ba87c5e4b24","sha256":"57606df2fc02930d91b6e5dc4a9779d5fa5694037aab027c861c31e780fc3b1f","sha512":"f9e6c8a660c053ea1b9baea350706d5dad28dfe80c5a39d256a18b466e75104390591ee9f941fcbd61534e7b8fcb6522c031ef6a00b7df27dd6f72971ab4c43e","ssdeep":"384:gRHyBTXW3TYTgNm7XTlcM7ayxTlKZ3trSYn+2qy/2HTgGMBMDDHIQ+9Hw3xnPdTw:TamJPayRCdGA+2qVgHBMDDHIB9GtK","tlshash":"9f920a9172437430cffb8286e45b401eb77d695a7a0b4528b263b8e621d6a4df053ff8","size":20895,"data":"","first_seen":"2026-03-23T15:44:44.521754Z","last_seen":"2026-03-26T08:43:48.791126Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/0.BHriPMts.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"cf1dd01b8af3590a3106548bf1362247","sha1":"efa4e242fad6d38577baff449278a28efc83bb47","sha256":"92682ea10e45ff4b921137d801ecacd87a478fa402f78e70af78781765a7faa6","sha512":"f9b097f00d811bb0c5b0a251a59e352bbb1d1b4bd1f83804e10f0b803b8500765408556045bd7b01141846c921642179f18d9b5de7e2b10fa4f8ca9bbe0158c4","ssdeep":"1536:Bc32VfDmtAn1VRxWffbp2jOxY58wHRJzL5ye+:BcUfDmtu1VRckqxY58CJ35v+","tlshash":"ea7329d2f681f4399be7a8e555388003fa3a7958781cc270f31cce14215e58665b7f6b","size":78342,"data":"","first_seen":"2026-03-20T13:10:16.697723Z","last_seen":"2026-03-24T07:16:47.18318Z","times_seen":223,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/8548-dcb26dca6b83bdbc.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4533f2f5c172d95fd90bb5b6a7d1d1b5","sha1":"3beac665fe87c54301f286b9f645b5b4f81c22ac","sha256":"134271ad0b9fb6a7119793018ad7d4bcd7e87e8c413986f4bc3af0ebd5d5bc9d","sha512":"994404b82dfc71f7e6f7fbdb37c635257e691c142c22856395caefe83c5eba717e1e70aa6929e730a1e99e79611d00afdee4b4a83cc185886fdc1f55ed8dd968","ssdeep":"192:kDQ0Sg+W0Wu39iHTVz0x57k3Tv59kjCQsENC/MET0IkV:gSgpu32Vz0x5o3Tv5KjnsEkEEwIa","tlshash":"f62267a87f2390626b3f4bcde95e8bd8f71a221217150e79f67738550a5cdc8ec82149","size":10484,"data":"","first_seen":"2026-03-23T15:44:44.419139Z","last_seen":"2026-03-26T08:43:48.762348Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/4935-12b0e84df5b0b290.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1b0303dca3bdfee688ac2fea161edcf2","sha1":"81bcf8a2be0fe90864e25d67f143a36a5cfc019a","sha256":"d6c85004260a9fe7d8cf86863f3c4fe12f23dc8c4e6ef239e4940d8f1d336dd7","sha512":"3cd8d2e4384388e3fbb9e7eabf438f8bd10fe1ba50cc116d38fbe3ca2206a0907c8022e44b5852b5827cd3b2eefab7911adcf4f3ee21b718bda6ac3ce7aff0f0","ssdeep":"","tlshash":"781165c732d1bc645feb088518df9197a02c592b152cc47c87c21c7998e103c9191f1e","size":1000,"data":"","first_seen":"2026-03-24T07:16:35.258116Z","last_seen":"2026-03-24T07:16:35.258116Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/5.DDJgJSMw.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"08183989d9bc505e82215b96d1581512","sha1":"1c0eab7cbf49c114ba686578f1fc1e6a32fa68b4","sha256":"30f5c6a4e57eae1f47d3c20ddc27f78d616094e519d1ded2eea87106fe08b34e","sha512":"3ff2c6ed74f219c420e45447b522a7155ec27f869fbb273ba1a1406400192e596da71dc5e5ab60910c447eada553545a96a0d1dd57cf7c6c307a7cc57ee5b01b","ssdeep":"","tlshash":"602121d91dc3d430d33c48e902e5889e697c8ea4e1ee01e0d9946dc67f20960667fead","size":1189,"data":"","first_seen":"2026-03-19T10:33:28.754436Z","last_seen":"2026-04-07T10:47:46.110501Z","times_seen":1312,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/8.qaAu5sBM.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"255395454f61e79c432c908b1b08f02c","sha1":"42781fc9b0ddec9e5955addc220eed0109a416d5","sha256":"42b40b6c26a69e783cf4549c74313d7f1d5a891cc56d626aa60104293359c913","sha512":"50f1ff0866f5a5e119b1fffb727638aa1efa97ab58b3300755fb299a0817f993b6f4f568bddd233770b612a73e16180cd736fa07faa8d189146b5e31891e066e","ssdeep":"192:hbZtPuLpcfXjyJzCgvNtURXJmrkZYfnwS1flhXX1WXzqdByyYYfktwIaQ4oD:5ZtbjyJDvNtURXJM1ph1XdByy38twDY","tlshash":"92f10abff741e4b0e3eb48e19a190113aa3a1754755d8070f62c8d14a15aac4b277ffb","size":7870,"data":"","first_seen":"2026-03-19T10:33:28.672131Z","last_seen":"2026-03-24T07:16:47.214047Z","times_seen":265,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/1419-a731b1653862e5f8.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2e08ec9625c275818ae651494a5d1476","sha1":"40904fec8f5f8bd76b824e58520386650e7d7fec","sha256":"64cbfc21fb5ef7c155e3c62f94fb1915b3ffd9d4bf1934303570dd33cf123116","sha512":"1ee5c97740c596e6d3606508261cfcbaf8a3995d003f87da71d729543ab4ef7637c72988585b7c8604171ffc116e8cada133c0d4f771be5acd63cea5e8a2fe0b","ssdeep":"192:dja4Qg91/Z5rgNSHyFG0TfDybrcmRqVypDMa5MZPCTRhYGwdwwUbN7JIttoU0taL:FaM1/Z4rGWL2cRVypTreErIttzDL","tlshash":"3a52e8701ae17d8bb967ecd8e087c00f22c7915b602e1e1ed93de95915c2404bfe975e","size":13632,"data":"","first_seen":"2026-03-23T15:44:44.476997Z","last_seen":"2026-03-26T08:43:48.704987Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/7.qYTqns9Q.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"d541ce2d754402b833cc65b76eaea2c6","sha1":"c36a92a0f5cef497ce42b1e8b4c72c8d9bd3786b","sha256":"80353503e48ebf6c2ae9f70184d3e758f64bacf48afe147e039df807509200cb","sha512":"f8cd5cc49f9276c580419958bf312ee0a311194fd41d116ee709e56401d769511700031ec9f3e6151f8da6b7e13b16e374a231e31cb00b92413ce5c751c2a0b6","ssdeep":"","tlshash":"f090044530d334753111111c453f5c0551144c4c05d55730c010d5551f514f4571fc4c","size":40,"data":"","first_seen":"2024-07-04T09:32:22Z","last_seen":"2026-06-13T16:26:54.641631Z","times_seen":29863,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/17.BT9jUAD0.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"14698b997135b229c15bc5817ed020d3","sha1":"5afc2438a71273a8f1820c766e96f397b2806699","sha256":"96e43792002693d12bffd72956dc425e03e113315cbf63031c7e839e661fd115","sha512":"add083fc100a740d1de15b363e3e213cc84ca9fc4913da9ea691619f688e6b885d8ac7a16d96309f9b55fc10322cb54c3f23c4281df1f5131fa8d40655fc0793","ssdeep":"192:JIcs/+sXpRMzExyv5vHcj/pIWpIizfq7ovx7vc:Gcs/+sX7Mzpv8llbqs7vc","tlshash":"2af1f9dc1322eaedd98296fe12381009b16d6de93c36c244dfeec81a70255c86d38db3","size":8044,"data":"","first_seen":"2026-03-21T09:26:08.692071Z","last_seen":"2026-03-24T07:16:47.244372Z","times_seen":33,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"62d458d64acb49049394f113aede5da1","sha1":"eda28aa5bbef854e77de4f427c11776127fd39dd","sha256":"a9b0039702c145f39fc8653e1bcae5b62c2e1b28f85cbf356d4e8fa6e9278171","sha512":"80130d6696a69fb3a3967eeda6506d7e301859df3bbbc89a33c7862def58d857e0aa53dfb02d509c7a4980f4da56f137359b153bb1ba9cc3746130defdc47376","ssdeep":"","tlshash":"46f0a35d3c56f16737f97635c2238e6b3355170275c35524c646cc34685449a1846d4d","size":445,"data":"","first_seen":"2026-03-23T15:44:44.540363Z","last_seen":"2026-03-26T08:43:48.825693Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/187-4e25cc6737ba3fc8.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"518eb0816ba9bd65ccc10d23144f9784","sha1":"30675042d33fa65552d581a3ae55bbac01c0b524","sha256":"aaf45e97e2e2d0dbc8724f6d7fa5cbac55a0d5747d05f078d14070387d8a5db3","sha512":"34384fdb5ae09b27d59b69a6e29fb8b288048d10070f6ba77610394b147b3876823e660555ca92633687ca3375f78b9ccd3e0c843416aeb0db68fd39db757170","ssdeep":"384:RjqJMb6doxR810n0c0247bugZxIgNstICdb8a9Q7MQdXbG0:ltUC0dVbu6JGCLFdLz","tlshash":"1eb209712252f031e9ffe6dce88e46a8b73b1e84bd150c71b4a2ae550104ec4f5dbb29","size":25188,"data":"","first_seen":"2026-03-23T15:44:44.43909Z","last_seen":"2026-03-26T08:43:48.744621Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"077128a70a97b135342070dadbc2f637","sha1":"99f0a0fbccf7cbee35069f0d214d36f3056c7560","sha256":"545ab26b75a3ddf45a30fae71dc1a347172944d66c63c6dae39b3f39f673213c","sha512":"c43471f066da27232264e9a5c22fd0c989fbad9d284a8ef5dee1752a6ab967d28ca5511d18cdbd2e25fe1e85b72b389cf322831523b8bfe20380c2d22d885c28","ssdeep":"","tlshash":"40f0a39d3c66b06737f93534c237de6f3355170175835524c646cc7478644865c5ad4d","size":445,"data":"","first_seen":"2026-03-23T15:44:44.541222Z","last_seen":"2026-03-26T08:43:48.826376Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/1256-417ff298a02f60ce.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b3be2ce2521b75c722715b3bfdccaadc","sha1":"6693323ee6d0d9793dd0f39f741905341a72473d","sha256":"d00c54ff2552d27ecd27a1bf8789485af7215fcc03da4a1483bf637db1b7ff67","sha512":"05acd9f08127372686acb1660698496bd8213226cda14f442d4ee71ad93b0d9183b84df2cfac4c00f90b0739312b7b78d0d60feca7e5c3834fdb40d3d023053b","ssdeep":"","tlshash":"4211c201448efe351ee806d3d87ce8d4b5790474299f9528a29d4c30534dabc236f3ed","size":1000,"data":"","first_seen":"2026-03-24T07:16:35.260904Z","last_seen":"2026-03-26T08:43:48.835692Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/3004-d71fa8f3a72b482a.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7fc0aaf680c2744a5e82b7aeb73e0397","sha1":"d09d7b952a8e986a820238586d56090d255769e0","sha256":"7814b187173bd1232a2b3287526957977104e494ca61ad46fba592266a827434","sha512":"98bb18e8c6736ed82d3b021eb3da46a1a2fadc49f847bb4e75f94929ab86ccef203769d8ced84648066509c1fea863cc01e63f5149c9dc7d5612be502d635709","ssdeep":"","tlshash":"6211cc8d32f3f1683fe704a980cf604b72bab99d804e8240d05d94d4b9314fa9357e6e","size":1000,"data":"","first_seen":"2026-03-24T07:16:35.261752Z","last_seen":"2026-03-24T07:16:35.261752Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/1.CCzcvYl-.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"e3897bf5b6cf846a15a47fb6bf13089e","sha1":"f08e34f980dc8677948f7306bd1fd6cefb907bb8","sha256":"0600b0e00c69c6400774404bcdd90b535f434713aca3c815c051cda8b77e50c3","sha512":"6b53d096db4db441ff016916cc829b6ba5a4cc8097cb2d818411d1278d2aa7d96156085cc3c1c04dda6d0ea041bd16ae6908120c99c632f78ac8f33e1f8b9b53","ssdeep":"1536:EOW45ZFdvjhCQgPVA2vtIFSGurXS3qNFJ0WW:pjv7hgq2OSGSXS6Ngh","tlshash":"f7434ddef14174315be355f2a06f9006b73a2a2c385cc0b0f629dd9925de44ba227f6d","size":55443,"data":"","first_seen":"2026-03-20T13:10:16.647118Z","last_seen":"2026-03-24T07:16:47.243606Z","times_seen":225,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/6.CmDDbhqB.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"c3bc63875af35e6419ebf4990e9a1291","sha1":"0e0b7d2dd95abd8f282c722fe3fa4c4c90a275da","sha256":"a9162f8842f5d0b7554ee148f946446e6acbadcb40a2f232c828681a9685582a","sha512":"db8e5b7f70baab09bbd380fc701424bb71a75dd65599fa995333474df2ea5d69baa52da9e4ea25b04c02ca63b6ce80ba5e7467a99c8534719ccfcd45a23cffac","ssdeep":"1536:VgZQ8kK8O9hbCvSPT/FyXb+BzpHxQwXzmyU9zP+M3jYPuCoOTAjyp5pmLWqVWM:VgK8kKB9hbCWBswEwDm93j+tUWbAWqVP","tlshash":"d9d3f9e83951f9626bf312a710af5807b33c192b280c4950a211fdddb9b845eb17bf9d","size":138079,"data":"","first_seen":"2026-03-18T09:33:42.057685Z","last_seen":"2026-04-07T10:47:46.058674Z","times_seen":1367,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/app/layout-2e8be1fdea965f51.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c9f3ef737639a868ffbf8f755231ea57","sha1":"ecc55b841ccd1f8a6eef4820398bf24d9f62f0cf","sha256":"f8fe95842cac7ee85c9e32bb19497a5bf2cfeb2ad7d278bc8462c04dda4b0aa9","sha512":"ca3eb489c18e6c55d553c82d94a260b8905bb810f158cc5d6bc2cbea7df1b01f58a536fa75c3aeb957fecb784a3e3bc1e42a6ddc0528af6a12917c31f7603859","ssdeep":"768:fxBHzQvgUPYz68nyva2r2niSnnboKvr8GOVuWRV:fxBzYelnyvaTURV","tlshash":"16f2a7346d99ba58ada78cdca1e7480ca14f8c1c813b197cbb98fd9d01d3688b453bdd","size":35552,"data":"","first_seen":"2026-03-23T15:44:44.505181Z","last_seen":"2026-03-26T08:43:48.800927Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/webpack-a14bbb028c643c2b.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1d08718f04035cafc5368d1105c3fcf5","sha1":"ce2909b595532520922e985e5f18b076780b5cc6","sha256":"0209363b52c896fc38d6c674b70d28a24ea564429a3091da3e49e24929898dda","sha512":"a895541e84f7e1fdfb5e6d6fc11567a42df7216372b643006935b1b2162222a22cf58f565d738e3cb66ff9f2bcb2166e9b7a3691bab23a908199d31562680e21","ssdeep":"","tlshash":"9e61c4a93621fab557f004c5987fc142f21a203b051afcb0e707d8bab468aa10462ff3","size":3459,"data":"","first_seen":"2026-03-23T15:44:44.504319Z","last_seen":"2026-03-26T08:43:48.719817Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/5635-634e7af486094013.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1d7309f2b4a216402a2a3af3148b65fa","sha1":"04de0bd77f458970ea1785f713571e441155cf2c","sha256":"4803b1e8464e102e70b53de21e9c02a06eb99d446f8c4d3f9619f5e47f5c536d","sha512":"8f8128016b282173843523fe40262969dd604a36089ce230a3fd47ab4d5485010b0bf977578345ef8de8b6e06911b875905ada73d9d8ff2cb1169492762a58bc","ssdeep":"192:urep/cZpmoOwhWKSv8hcXS4meDEagFaBij3W5wFfK1JN:urXI78hcXS4mQaF8wW5wFf+N","tlshash":"3802e7d471d2f470bba79160d03f406db21c28541a8cadbcf3a3dcf429a05ead222b69","size":8969,"data":"","first_seen":"2026-03-23T15:44:44.530202Z","last_seen":"2026-03-26T08:43:48.694066Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.livechatinc.com/v3.6/customer/action/get_localization?organization_id=b8f4f49c-d724-4914-a885-4e5a1e71f678\u0026version=4940c52ca0caf914a8b155bf4411bbe5_e962324dd193458bfabb5f293c0a24ba\u0026language=id\u0026x-region=us-south1\u0026group_id=0\u0026jsonp=__lc_localization","fqdn":"api.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"2.22.225.83","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":false,"md5":"a10e19f65a782b170b55df663effca14","sha1":"169df5fc084123d96dd1ec7f1f3bc10965ed2d0b","sha256":"e46a5c8d8fc101b485540b22483b4830257d649722006dc63f8eae05c6a2ef01","sha512":"531cfa9828df473b1587cac3aadf1184a50d1509f6156a4f13161b62c215a3370f54f65960d548ff22fcfa3dc0d3cedfdeefe610d2a365ead5746d43998e6d3c","ssdeep":"384:k8eODwsFJ9KlFZmERbo1DQCBuLdAeAk+BdNJ0L:52i4FAnHuJAY+AL","tlshash":"2a62e8540daa79aa0b2753d6f5db5e1e38ec3368ab401a2fdd984f3042847c1735ba3d","size":14603,"data":"","first_seen":"2026-03-23T15:44:44.499934Z","last_seen":"2026-03-26T08:43:48.764578Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/4.-uwpThwu.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"99eeab214509db314b95132ebb5692b4","sha1":"dff06790aa602047a08dd7988b9f09dceb34be62","sha256":"78b0af123fa33269f2327509cf4f6faf0b1ef1495c54ec846f8fa3daa95117c7","sha512":"998cd3446c1887410c0c21d3dc3bc465778b0d19c65f1eeb16e6d8f8cefe27dab247300d3f3893b7adb2dca143464f5c4e4aca4e6975ede0262662036d8f5312","ssdeep":"6144:xpMuuKAnNxfpyB5jofpxLewPrhsdbFVrq:rMuuKAn/pyB5j8xLeOrhsdbru","tlshash":"16245bc4b18af53887eb34e6547e2002f63d6d18784c8564f75cdeb63da858a8273f29","size":218759,"data":"","first_seen":"2026-03-19T10:33:28.721348Z","last_seen":"2026-03-24T07:16:47.13038Z","times_seen":271,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/app/template-ce27f352978faf60.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"38c6b99b6ee948315ca4f974b0c49282","sha1":"f4553461ce821bd6ce08a2f96fb05574028e74c9","sha256":"3017bc953aeba87a234118e3e0913c48e60c454104914451f9cc4b66e904f569","sha512":"189bfc2a0b064a4a9bc8b6d80f83ebf108d1bd2d9569c0720557e00758f70f2b7e21203c9c0a3a1cae8a0e5ad0222f0a9368bd0401780893d8b8a0df9f01def3","ssdeep":"","tlshash":"c851d7bfa642388d23af45e4803b1407f24e6c79202e8c64a792dcb922d1d746676de8","size":2963,"data":"","first_seen":"2026-03-23T15:44:44.434719Z","last_seen":"2026-03-26T08:43:48.725384Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"78b4be285720019ecfa8a4998ac50ddb","sha1":"51d4d3e026b0b2ef06d19144131f23bcf3077f92","sha256":"1eebadd4dd7b54152cb272c0994e5e1b32ae6dd7dc7452c4eadfa0a02856f4b5","sha512":"d34ee5c8109b413428887ff0824c8bdd73087a89c8939a0491d6b982075fdf9194cbb35fd1554cb9b9b1f6682814248b09d9eccc81ccc5cf7f24247830ea0338","ssdeep":"","tlshash":"23f0ab9d3c66b56737fa3678c3238a6f33a6070175c3da24d646cc28786498a1896d8e","size":445,"data":"","first_seen":"2026-03-23T15:44:44.542065Z","last_seen":"2026-03-26T08:43:48.827288Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"729d0b288cf09e7fcf3cca55f8d17096","sha1":"9072269eb64bca94394644173dae058e427a4fbf","sha256":"401f769feec5fb23b91624b9e83f11b880ab062a35338061df06a94f8e80213e","sha512":"e62ac84703b58b597938a9c3459547a8948dc241cd8905454edf7175b1b96a6483a2c6effdbc0ab2e8749ac6cec751300fff62a43a27778c851a5a411bf7f81f","ssdeep":"","tlshash":"f1f0a39d3c5ab45737f93674c2278b6f3355070175839524c745cc6568944861896d4d","size":445,"data":"","first_seen":"2026-03-23T15:44:44.542846Z","last_seen":"2026-03-26T08:43:48.828217Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.livechatinc.com/v3.6/customer/action/get_configuration?organization_id=b8f4f49c-d724-4914-a885-4e5a1e71f678\u0026version=714.0.1.38.141.37.1.1.3.1.3.17.2\u0026x-region=us-south1\u0026group_id=0\u0026jsonp=__lc_static_config","fqdn":"api.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"2.22.225.83","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":false,"md5":"8be3793c8f1eb3282224f5881301fee9","sha1":"2fc7e4c413c9547557ad1087e574b0d597db9fc2","sha256":"a9bd4e24b9909d7305b23404a6e84c16fcaaa18b278fce5b8f77c0abb8dcf9f6","sha512":"5cff2a4502bd0f45a8fc868b0a4521ab432984241b210d36931d802c878c8670354d1b1b7ad982c7f48bec934037328686505f70f147468bd4df53f2f495c15f","ssdeep":"96:uQhUwhUmhUsXhUAdLlK/muZXyWfy9qePJDO/mmfZzyAU69nMcem/3PJvzLq:PGwGmGsXGAdeGt9qCUKK9nMcewxb2","tlshash":"a0c1312a835fc9bbb377d14e62dbbb0e3408517961f8593fe464c63061862c7d311eaa","size":5843,"data":"","first_seen":"2026-03-23T15:44:44.483818Z","last_seen":"2026-03-26T08:43:48.759943Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/6475-b9a765fe0c43db46.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"14d7677bad5c23090385341929bdf0f1","sha1":"1e1734b550ebf2544a4fa9a897c57c4ef35c2aed","sha256":"945ecafb15e6a508ea8d273cab19b5b31b97c18d617263403b4d95388a038b53","sha512":"6ede005e1e53a467e18f4d11e5997c2698f86b0df48623fbfba74f0f0c58a4183dee3d4a8b09f1ce240ec376842ed99d0d9bb470290d52f1ccbd3423027dfaab","ssdeep":"96:bhPPSo9qYMSSqCPT2sd7PyKV3KJtNSTCtO+Q46d+QhTT9/pmhE9s739+WyBsd:BPLtlSqix5GlQ46F10T","tlshash":"6cb1b7f3b782f834aa3f5564906a001dbb975c8dc05d1c6cf3a6ec809694186ce75fba","size":5106,"data":"","first_seen":"2026-03-23T15:44:44.487539Z","last_seen":"2026-03-26T08:43:48.755608Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"c68f315a8a6786e6945d1dca3e152dc4","sha1":"2da3235a1d1ff4b12f4250e8546834b6cba5ca89","sha256":"4c34b05e2c27b5e320a044d85d0c6e9df2af250117336d4adc2fb14a0d522ca0","sha512":"b630e856f0c0f32065217d5333ede6e97fb7d96bff49a7940a7c1004b95ddc1a1b63bd9c869e04db4c9f7106f25d5fbd4b3fa5fa997b42db1d3bf505e7044012","ssdeep":"","tlshash":"74f0234c3c52b05337f93634c3238a6f3351070075835524c605cc2478508c60c8ac4e","size":445,"data":"","first_seen":"2026-03-23T15:44:44.543685Z","last_seen":"2026-03-26T08:43:48.828919Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/11.DJPUQwQu.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"640caab52100a1e9dfe618aaeb79838f","sha1":"4654776a82e5405614a595d40cb33ca2b5bae0b5","sha256":"fb8eb817d7251014c136b441bd4004fa6567908059013edbb938925f23b67ceb","sha512":"17d605182be517c5e797b2fd823b9ab7b6bd73d97bd2c3d11c5eb29d108cd350d789116528e351abaebdf3654cc65100b9e3353064ba38c9ab9008126c6a3061","ssdeep":"","tlshash":"00e08cbdfca8d92152f5e9f8c0b60822cb593b0e502382b0f60e6f4a9519199a552826","size":300,"data":"","first_seen":"2024-08-27T15:26:59Z","last_seen":"2026-06-13T16:26:54.519134Z","times_seen":29048,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/6930-97dbad9ee68747b3.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"31525278b6dfb87f212de83495050d4d","sha1":"78a173c2dc7bc12dd0941cb1c794f6de69810f83","sha256":"b1b4c57f9fa8c8ded2d4860f4085affb25cd0930adc75f0a04ccf92d0d987ec8","sha512":"5b810523719f7334823af475cff7a939c524e24b0abc8126e64921116fe7504180158fd298986d4a2086f1a0674c58991e6468b54598c6e3a9cdeecfbc28fcfa","ssdeep":"384:IFxCFMMrS8kdzORMxpF278M8J8TveFxaM:0MFMQS8yzORmkoM8aTveXaM","tlshash":"ed42d79af565f061c3434466406f0146f23a3f5de5298408f33a9df93a9288a77b7f3a","size":13118,"data":"","first_seen":"2026-03-23T15:44:44.471677Z","last_seen":"2026-03-26T08:43:48.756787Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/23.CG_0O8z6.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"b7611b253bd4d0d93d87d3327db69aff","sha1":"3a632aa9bbbff151c5feb72041252f17e67b9b53","sha256":"f626b5a9fa608f7ba023f39c76917ac3c2fac66c65b058b9c92612ace640e349","sha512":"a3a5be915ea0b4e5597485cc717919d9ec19fd14234ce64ff52be921b84b3bb90af91b375d397d11377365b2f3b3f977af576290a3f59b5a270ec6c3af24a0d9","ssdeep":"3072:PNWiqU4tayaOrRbD5Ify5yVj2nLYMwgYa/gYaf3UXf3L5P5jgYgMZki:wiL4tayaOrRbD5Ify5yV4LYMwgYa/gYV","tlshash":"d8e35cc4b362e27cdbd7c1e590ab5405f37d3e59b82a4310f1ea9c6a31a89cc513af61","size":151470,"data":"","first_seen":"2026-03-21T09:26:08.577924Z","last_seen":"2026-03-24T07:16:47.168612Z","times_seen":33,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/main-app-b61413a84bc595d1.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"873a366407cddd9410a06f6bc85f65b8","sha1":"1845118bd7f0a9cf92be879a0d5e64d9a0cb98a1","sha256":"74a13df85e93d18fa1a8ca01360d7a6affc5eae57b04d001da47045f6e2a8eb4","sha512":"a56c1673ed347c16b216aa36a054ec91610141f4af548929ef85f69a1750b0b4145c2392f0dd9acbbaa3bf8d97186614ef2436b6ab6c08d2940e1a2819f9d238","ssdeep":"","tlshash":"a4f0fb9a4f1cf52f5d26ad75fe97ace2285f5275202b4e606901de713c23bacd270414","size":572,"data":"","first_seen":"2026-03-23T15:44:44.493231Z","last_seen":"2026-03-26T08:43:48.789753Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?x-region=us-south1\u0026license_id=17809494\u0026client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5\u0026url=https%3A%2F%2Fdewanusa.rest%2F\u0026channel_type=code\u0026origin=livechat\u0026implementation_type=manual_channels\u0026jsonp=__wmqoqdwwkda","fqdn":"api.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"2.22.225.83","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":false,"md5":"8879825286a68780e62ba6bc03525f8f","sha1":"a6996d99c5dbb145ea38cc0f0e4c805dbfdd2696","sha256":"2758cb99d2e6a637b7b067f21b727e93fd43e1abcc7b2d63e68837511395aa7d","sha512":"27dd42167ba4e42f8f2703108f300144b3db41d81d211265ff46e1a81313db9a77ec206a3ccc898c3cd9359a5021573cfb34ef20069c3a99dfce347c7512e7d9","ssdeep":"","tlshash":"73e06872ea05942486c5e3f18410aa01ad30129ea084b8bce56a0120620f7edab2491b","size":385,"data":"","first_seen":"2026-03-24T07:16:35.121905Z","last_seen":"2026-03-24T07:16:35.121905Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-B9DLSJH0MC","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"216.58.201.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"59776ed365040a12f4ecf61db9e92b0f","sha1":"332368d0bb687178967cbf92360aae854ec56b30","sha256":"f3b70c15827f41ee2d5ba328da0568cc719515c8e6682f916da3971bf37dbecc","sha512":"720509664d5b423c83c7d6f0b0ea11e6e73b6edb1e1855a56ede217d61922973beda06ac033bd1467ef1b2a2b54fe6b1e9e652042cd5fc5fdd92a4e03309da17","ssdeep":"6144:Tm6jcY1jZaNycfjt8y+HeIjTv87dc+GZD81Nb3fgE9QUB46Qe27km7ov:T/jZaocfIHeIjj8zv6U92I","tlshash":"6fa4f9ceb3d674265396f478903f018ba57b28a2b45cc89af189cce02e7465a4177f7c","size":466283,"data":"","first_seen":"2026-03-24T07:16:35.118671Z","last_seen":"2026-03-24T07:16:35.118671Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"fabaadca054d2c2cf92dccc57e069278","sha1":"410e83b899373d50c0145e222c1789b1b339c14d","sha256":"65b133d48172ae52b3b8187d88a79cc6245be810f4c8dbac507d68b9ec4e252b","sha512":"75b57128659fd1e3039ee4337fb55c76fb5334fe0905f6913b5569754a06cbb557a31b36766cdba318e8627c5440ba695f22a39fd24a28f4a5938698c28dc83e","ssdeep":"","tlshash":"c1f0238d3c52b01337f93534c2638e7f3365070135c35524c646cc3428508860846c8d","size":445,"data":"","first_seen":"2026-03-23T15:44:44.544521Z","last_seen":"2026-03-26T08:43:48.82983Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"225a8b3dedc574f9eee5836181fe7ec2","sha1":"315f8277ec07dd6566f4f9ce256a4976e2ca98b8","sha256":"5fc2b5e9c9949932aa5ed68efeb365c29132be2e627f287c711f8d1a01fddb3d","sha512":"bb98d2b4130830e59b12da2c6d051f3b461d39dcfc13392d252b64281a32441106b97fda64a5a9b4f058fd452e8a45122ff8289a8f0f7034550992be6506c119","ssdeep":"192:TAG2vs2FsQIHm4d4v+R7VdnJ0lXjLMhON8fHGWz8KHwlggk3hp+Z:eedVpcjLIO7Wz8tlggk3hp+Z","tlshash":"a5e1512f413123298027de6c4bb477574238d4267d6e67ea25126b19c3cbe8318e338b","size":6858,"data":"","first_seen":"2026-03-24T07:16:35.272051Z","last_seen":"2026-03-24T07:16:35.272051Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"9f6ef4dee1e54d99649cdfb82fa0f4b3","sha1":"73a53779579562f105223278c3afb03fb7cbdc46","sha256":"f4016576f7bfa56dde8a44558ef93b02ccb311a5b1de7d5a54d6035b9a738f09","sha512":"c0027ac2bc833b7579c1aea1dcb68ee53abde17c25d4ae41e8af00abb11d2bb620af111bb0268ce4954e16cec570409467ba90d77353158f934c75f571ad21b6","ssdeep":"192:TAG2vs2FsQIHm4d4v+R7VdnJ0lXjLMhON8fHbWz8KHjlggk3hp+Z:eedVpcjLIOIWz8Olggk3hp+Z","tlshash":"67e1523f4131273a8027ee6c4bb477574238d4267d6a67f925126a19c7cbe8308e338b","size":6857,"data":"","first_seen":"2026-03-24T07:16:35.272934Z","last_seen":"2026-03-24T07:16:35.272934Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/media/74b1a93e987e274a-s.p.ttf","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.801Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/media/74b1a93e987e274a-s.p.ttf HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dewanusa.rest/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: font/ttf\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"696c-19d0b6cc914\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Qb2fx3zBGXqunxYw3Pe452XINBbUa9TVdJFljt8FmGpUjcZ5CnOQVNxMAbwdt%2FdojaDej2C301olRDY686dX%2FwvcV3K1e4TP66znsNc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e33de87d49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26988,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, 11 tables, 1st \"OS/2\", 48 names, Macintosh, Open 24 Display st | this font is an original design of southype | free for personal use.Regular","md5":"9d65f4e610da59ad14754d800a3cc41b","sha1":"1cd1baf16d47a3855bc01bcf87986ef0e11af021","sha256":"1e099336af93ea7be83d47bcb6167c65152699aed0b616180633b431adc9f982","sha512":"ba424e63cf5802fa235fa34a5614bc3bba5ca18dc900523aea1a2c63fe0fd58c3c06fcb3a82cab02e1c25578aa2695355479b0a2752f857238cd642ddd6defc8","ssdeep":"384:PvwtFQgmsB+dzlZYvEv5EE77/d571SAEDBEFRIs7MA0S5LSivCYVsHQxa1SAEDBU:PvCNOB7/Z7zxg713kchcZr91Ob","tlshash":"c2c2df0c33878f13c52637bcb518ea313b8476c562adf2e452bf87a49e17c956bc9894","first_seen":"2025-06-28T20:48:18.809529Z","last_seen":"2026-03-24T07:16:47.180442Z","times_seen":11,"resource_available":false,"data":null}},"time_used":919,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":918,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/css/cd4a4d9b52861799.css","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.806Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/css/cd4a4d9b52861799.css HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"13cf-19d0b6cc917\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iH3hVHa86z21H7v0KxyapTM73y6FlnPbZiVDWzHgNCCVQ8YG4Sh7IIWk%2B4jYh3l%2FiLstmB7GxMFXU2eXL%2FYaSHV6w5YuWJvdiED5ZdA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e33df88149c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5071,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (5071), with no line terminators","md5":"dce177aef43e64115870dec937423e9f","sha1":"b06437378e2f6d75c764620b5c84678ecc660f7f","sha256":"32673a8b956864e489966cb729143a2ebd61a4d8ed094256b98246410e3c0267","sha512":"b52a0b0549a37677a37212af6dd60f8887cbf92b863384b9ab8e3abfca74281160b2e31424696ad727328cf645e1cb58f830caee45f05d822ebc1d971c742911","ssdeep":"96:4BRxlSVkeJFE7wuFCE00P27YxAm5KJ6pPpGY5H4cDrJ:wxc273h00u7Yx375YeJ","tlshash":"eaa19d30841a45dec4317c9232c53f63793d141196d45532da6db8ea4feb8f7b2e1b98","first_seen":"2025-07-08T04:46:21.923079Z","last_seen":"2026-03-24T07:16:47.202861Z","times_seen":9,"resource_available":false,"data":null}},"time_used":1010,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1010,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/1255-8befde0980f5cba9.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.812Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/chunks/1255-8befde0980f5cba9.js HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"2a313-19d0b6cc919\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CyGROVqHbU39Ptw83g4sGt1PSR%2BNoPuKbRLmxOTEDN9okHxX2LNIL3vPCQpBZWY2nDADCKsw3iOI6e2hiJ9yLbFyLKqNx9kC2EqIKW0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e33df88549c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":172819,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"7375dc7f8f821e4249ee40171945cf2e","sha1":"e16f34caa66dd5cf043d83901ef5020b1793bffe","sha256":"c6db8a503fd12312ee49dad5b72e69207e870b793cf9a877f5e3d0ad3f9645df","sha512":"73d3e372ca001ec3a2909e426bc396e331f337786c0da00230eafaca1d1e595412bb2796b3c93882dc8a770e5ef8eec04728b8aa8851e80c933f04b49e5ba5b5","ssdeep":"1536:bzigN+8/BhcO5HYHqLVcXr7yIzPr6Q04ToTlTx1p7eChTVOocZXxreXRNIrjg/Sz:379LmA+Hy4r904Aj44RN0E/Sz","tlshash":"9cf3dab636d0f8d107a780e5843b400af3295c3b146f74a0a3e6dcd975645dea1b3faa","first_seen":"2025-12-14T17:46:05.779857Z","last_seen":"2026-06-11T01:22:14.442879Z","times_seen":399,"resource_available":true,"data":null}},"time_used":1325,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":888,"receive":437,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/6974-bf9309e9fff11a70.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.826Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/chunks/6974-bf9309e9fff11a70.js HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"57b9-19d0b6cc918\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3DmQiyWqWmoOGBW8ZGoz4DUAxKEMXW41GMXJD%2FQD0mJVu06aroeFvmfalZDWjYxtxVCssm2UnuH4fLDlJXq8IRzC5S1RB9Oh%2Bx5oeMU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e33e089349c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22457,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (22457), with no line terminators","md5":"f9cd2eb22fbab8a4a8acf5cc529724ff","sha1":"1ae9ec2225ec8f1289f939259897697ed32cf114","sha256":"abf25cacec44e6e0bc3ab8f53321cb97b4fd618b3fc763314d9984184dbb832d","sha512":"297888af53216907e700d54954c45fc2d589c34ddf0aece1ad4d8bb25739307daf5b0a0c69401735382f897bdbeab05b8a4ffcbc724bd15cb9ba09236c279937","ssdeep":"384:f+R9XKKkH19cOBrZchQt7kgR2W9ROkTfqxQrJJURFXPqCywZh0:ZlV9cOBVchQ572W9zuWibXPqb","tlshash":"dba2a56de295bb3c579df608e6360c047e1b0866db45a0f899d8a7c17c7c8c52047b7b","first_seen":"2026-03-23T15:44:44.497243Z","last_seen":"2026-03-26T08:43:48.669464Z","times_seen":5,"resource_available":true,"data":null}},"time_used":1171,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":943,"receive":228,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fnewsa%2Fe2cb18be%2Fimages%2Fdefault%2Fbank-bank-cimb-niaga-hdikwc3w.png\u0026w=256\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:59.117Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fnewsa%2Fe2cb18be%2Fimages%2Fdefault%2Fbank-bank-cimb-niaga-hdikwc3w.png\u0026w=256\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 6052\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=60, must-revalidate\r\netag: sKYqrmRrHtjWWwhxlXQpvh-HXLdJJPYpEEKsIr6wyDM\r\ncontent-disposition: attachment; filename=\"bank-bank-cimb-niaga-hdikwc3w.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: STALE\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vwUNFIlnvsvIxttvqjVTEQr%2FhwPhKX71DVW1iwFpFMCwoJAQ6%2FHT2tv%2B%2BVHW%2BIJ1gEeMr671xYaHxDGNUS%2BV8UdaFm4QL%2B%2BclXtDUn0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e34659ac49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6052,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"b81b3e2e876e53f2c9a4cd3dd491ca27","sha1":"fc01f8fa67ad1f2966c284934c8f17680bf8bc9b","sha256":"b0a62aae646b1ed8d65b0871957429be1f875cb74924f6291042ac22beb0c833","sha512":"8f21f0966a6679529cc29015d14fc24de8fa73b8da5fa1abc7dd7a9001bbc74ef5a5db7e5fa37ca9ba11ee8bd0327a9b8e1e4da4685ee276fee2feed64d34790","ssdeep":"96:v3xEdlwpBM+y5WPJHU++khmxlsYrvr1/dwcyDiX8fQs/SQbjx64uAnlA0HuLfon:v3xSipJy50JRhalsYrT5NyDZIs/7vcCd","tlshash":"2ec19f189b5470e5fc886f7d7c968b1008c3fb37631cd5e026eaec58acd72e5c19a549","first_seen":"2026-03-23T15:44:44.410723Z","last_seen":"2026-03-26T08:43:48.752531Z","times_seen":5,"resource_available":false,"data":null}},"time_used":401,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":401,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/game/live?_rsc=3lb4g","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:01.073Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /game/live?_rsc=3lb4g HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dewanusa.rest/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:16:01 GMT\r\ncontent-type: text/x-component\r\nserver: cloudflare\r\nx-current-path: /game/live\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DuoRNAKQy5ci1CNNJEcqVkU%2FgvYMrVcCpzqFlHMsvo42tl2Rd%2BuGeU4H%2FYGg5sKga3HUE%2FZYuqS%2F6mNRxShXKuVm4FWTQ1LcF%2Bo%2F1mQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e352ab3c49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":198,"size_decoded":0,"mime_type":"text/x-component","magic":"ASCII text","md5":"2abff96040c9d3d1d539db5bb8d852a1","sha1":"1ad08a7a2eea43c1f690e98b299137400fc73d67","sha256":"b9b49245468c43ab46a6dc1bdfcec7efa58e929e679196fcb5861ab4ca3814ef","sha512":"140dbf41eb3fdc866e7d21203528fb440aa568f8239919b611a8ba41cce38f8cd39ee178f4abeacb233e818ba9f1b7faff335e818d78b3f27a9815881fd0d563","ssdeep":"","tlshash":"87d0a922084029b60aba20a0002eea4b388e483b22c828f090924e043bb722101436c8","first_seen":"2026-03-23T15:44:44.436709Z","last_seen":"2026-03-26T08:43:48.632274Z","times_seen":5,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":243,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2Fmga%2Fmastersofolympus.png\u0026w=640\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:01.187Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2Fmga%2Fmastersofolympus.png\u0026w=640\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:16:01 GMT\r\ncontent-type: image/webp\r\ncontent-length: 18978\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=1209600, must-revalidate\r\netag: GM39p5_NvRtXa-_F5VR2fkibQatrh93PVf2A9SvjzHw\r\ncontent-disposition: attachment; filename=\"mastersofolympus.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yjN%2F6Lfyd15Q3iPTKUdzoHR6ka5hdkPhStTLVCosPvFvAzCYekGlfheQKKbgXcZLlGaA%2F%2F8fjTW9OtgUMFhuvKFqXawbwelRj0%2FnDOw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e3534b5e49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18978,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 300x200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"3e41975269ed7e993285fcdbfaf68bb3","sha1":"b75428e7d48f71937f39a9b940f769cda04f558b","sha256":"18cdfda79fcdbd1b576befc5e554767e489b41ab6b87ddcf55fd80f52be3cc7c","sha512":"83e249cbe4e0d3b3f657b81d6c2f315a53034439ee6eb07ffcc845ad0efc5ba821d193e345073c76a80c5ccd41c467447c035d9140cbcdadec8657b3e94c64d6","ssdeep":"384:DHhUWNNkhMbzS/hHn3mQqfsyasSCsM9myh2K3JzS91:dtbzSHntVdspZ3VFSr","tlshash":"d882d09341f64c12f0a73ac57c9b397e3f97a7a9f15b12d7ca31c168594b920e830165","first_seen":"2025-07-08T04:46:21.942643Z","last_seen":"2026-03-24T07:16:47.115804Z","times_seen":7,"resource_available":false,"data":null}},"time_used":1025,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":583,"receive":442,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2Fmga%2Fbasketballstarwilds.png\u0026w=640\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:01.192Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2Fmga%2Fbasketballstarwilds.png\u0026w=640\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:16:01 GMT\r\ncontent-type: image/webp\r\ncontent-length: 18282\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=1209600, must-revalidate\r\netag: MIYuZnyQJ2rQCF7I4WKi_cQ3UEXuAvdWfBP_18NHaIw\r\ncontent-disposition: attachment; filename=\"basketballstarwilds.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6dGKCmEH58%2FxzLB8BgPouqVj4DXbTL3fD1Y07fcqGHMPBspI5%2FdgLI2tGQkObipnGdkAxiCq5uM5M%2F1FeSFjkgG3Jh%2BzfgJmo2a5wIQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e3534b5f49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18282,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 300x200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"2004688aff77a3236d5005ac31136038","sha1":"106bdd27305b7990fbbb658f11aa0e11391680b0","sha256":"30862e667c90276ad0085ec8e162a2fdc4375045ee02f7567c13ffd7c347688c","sha512":"0c66763150bd14a67b6e58d6f4b5d21a2946f7ef95b559aad702a46007d297bf4862c01bae2b065c85b50b3395ff61e37a61c4c117799e9a736c1363edec2bc2","ssdeep":"384:LxzrFf+F3muvHl0nzUnlBoybcbnq7neNBGO6lq2SzSAdZ5ngV:dzJfM3tezglBhknYePb6MBes5ngV","tlshash":"d682e0c14547d1b05b91048d75bb1e8aadc6168f3cb281e4dfb48bfa5dc2a806fb1d8a","first_seen":"2025-07-08T04:46:21.984194Z","last_seen":"2026-03-24T07:16:47.16786Z","times_seen":7,"resource_available":false,"data":null}},"time_used":1019,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":584,"receive":435,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/media/6d664cce900333ee-s.p.woff2","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.797Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/media/6d664cce900333ee-s.p.woff2 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dewanusa.rest/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 14168\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"3758-19d0b6cc914\"\r\ncontent-security-policy: frame-ancestors *;\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=T4jzoYF9dozLSLq8cCorKNJ3zsJzRmjwjau7r5QVzsedmHqSn3cGya9W0S61x7UFeZ0dcR%2FHxJxg01HYuQ0R5ZFsCEBxupu%2Fr9LLHog%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9e13e33de87b49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14168,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 14168, version 1.0","md5":"017598645bcc882a3610effe171c2ca3","sha1":"ceaca8172b95b6954d5a5752698a5162d7e9877c","sha256":"7a7ce1a34f3e9944fe88fc61abbc93b6db383afa2b90815fd7ccea456fbce4e5","sha512":"cadb36cbcdcd7e84ee9305a676f4d8d3b19fc199481835b726fbcd20f2463074908040b7aca60e284b5ab8ab3b03798f38cc06873d6e4b06ddf7a018e6c666d8","ssdeep":"384:cIeFsvkj/uwoczzNcnQzpjJSx7MZBEuNdu:ihxhzsQ9YxEEQg","tlshash":"bb52e181361151524c851f6d3784c3efec1118dff2acaae07e22255506fe4f276be92b","first_seen":"2023-05-06T05:46:29Z","last_seen":"2026-06-13T09:28:23.634112Z","times_seen":7232,"resource_available":false,"data":null}},"time_used":1309,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1087,"receive":222,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fimages%2Fui%2Fproviders%2Flogo%2Fwf.webp\u0026w=256\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:59.137Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fimages%2Fui%2Fproviders%2Flogo%2Fwf.webp\u0026w=256\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 5236\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=60, must-revalidate\r\netag: GyBUfx2AVLgGsdwQIzbbXbLL_BNmSdqKdVjwJSS__S8\r\ncontent-disposition: attachment; filename=\"wf.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: STALE\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pHChm0%2FDrqXKUS6ffdx6M%2BsJKGbRM1N5djr45mPHR4R1uqU99Ob0KOGLiNQWpe4hUWgUb0pLirujIOo2nOXxHr9LEL86MKUjhR7ZQWc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e34679c149c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5236,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"2a3b2ca8fe07b9741c1183c7f1087406","sha1":"fbfe47ac21ce67525f0b8a36f8106d7cd1b6cf07","sha256":"1b20547f1d8054b806b1dc102336db5db2cbfc136649da8a7558f02524bffd2f","sha512":"f8df2421a9a5d06e764b15aa5b429299656d01e6ba7828872137f73d79f010521e2a559ff0a5fa46ba05585c424b1c4872124f76b6943a1c9e0fa3b9a6f7c533","ssdeep":"96:xL+ERi2HhXlyoF3xJr4Y5w1v8mKPM5PYoiyCWIGB49Btu2QZt5/is:xLXRdPXJrn5ev8mKmgoTL5Zvi","tlshash":"50b18f23c06323879de7a6f0901da389244c0b2deafa91b5b990d6c35614454ff73b43","first_seen":"2025-07-23T13:52:55.459016Z","last_seen":"2026-03-26T08:43:48.629569Z","times_seen":6,"resource_available":false,"data":null}},"time_used":419,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":419,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fimages%2Fui%2Fproviders%2Flogo%2Finbet.webp\u0026w=256\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:59.154Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fimages%2Fui%2Fproviders%2Flogo%2Finbet.webp\u0026w=256\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 5608\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=60, must-revalidate\r\netag: L7bhClcbzJjophqpUflaFAKVTM_hbUCLlr5aUrWq6Sg\r\ncontent-disposition: attachment; filename=\"inbet.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: STALE\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CWU8kNEkql0GRGzbisR4wMEH%2FuYe1LhV1egYQjO8dhyE4UlmYR8NPymTuND1X0A1cNjWFmqM%2FAhhpcBZ4QigGuC4AfWsKFVagA4vkGI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e346a9c449c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5608,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"70010651eeec171cd004993817700249","sha1":"c3b8ffcf0ad05efd76dacad047c25890c1362f3d","sha256":"2fb6e10a571bcc98e8a61aa951f95a1402954ccfe16d408b96be5a52b5aae928","sha512":"2b10b0e9356236e12d2c1c5d8bb30b3b1f6494daf11cfc5ad0c6b4b67fe47af0be2e4ece0c42fa3c65989a23ecd6e0ccbdca759da004eec1e36fe848c5195494","ssdeep":"96:bnEXURmudOG6m/ihY3IHseLg+DDEaUnHldTTa+MPtd6MGK+9z4imK4NtBx7zm/pf:bnEC6/hHMeEeDEamhOdjdUtmBtbyb5","tlshash":"4fc19fd6b194150db09e5f77ac67a690e11dba3799011b04fdc7103f0a67ba1ef9f028","first_seen":"2025-07-23T13:52:55.415033Z","last_seen":"2026-03-24T07:16:47.189918Z","times_seen":4,"resource_available":false,"data":null}},"time_used":422,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":344,"receive":78,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/game/table?_rsc=3lb4g","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:01.076Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /game/table?_rsc=3lb4g HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dewanusa.rest/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:16:01 GMT\r\ncontent-type: text/x-component\r\nserver: cloudflare\r\nx-current-path: /game/table\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zeUd7hNo%2B4gPLQ1qHa9Rbme5XAJ%2F24a2paGoqvgEumQkY8wy%2FcEgsJqvXDKoZrMIm2S8TSliuJhhyo3O2DsVVpBSWxVeZCj4Y2hwEjE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e352ab3f49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":199,"size_decoded":0,"mime_type":"text/x-component","magic":"ASCII text","md5":"ecded1277808da781e2739e2b9cec0f6","sha1":"5708d6b9b4341f86ec19e61a7bf768a25dd24e34","sha256":"60dcfb274ff3d7b6dfed8cdecb19857cde3421362f4d0759607e092a2ef9e224","sha512":"6c6713f4fefbee6d86699f67c20a433af365a3d9ef26251316ee3e1b6f4dbdca22feedc66338ebfcb676b6aa7f214d2a0ba8012c8c40ab87f2d6e3606f51fcf3","ssdeep":"","tlshash":"90d0a922094029b609ba10a0002eea4b388f483b22c828f0a0928d043bb32211143ac8","first_seen":"2026-03-23T15:44:44.491226Z","last_seen":"2026-03-26T08:43:48.67445Z","times_seen":5,"resource_available":false,"data":null}},"time_used":239,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":238,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2Fmga%2Fancientfortuneszeus.png\u0026w=640\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:01.195Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2Fmga%2Fancientfortuneszeus.png\u0026w=640\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:16:01 GMT\r\ncontent-type: image/webp\r\ncontent-length: 14274\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=1209600, must-revalidate\r\netag: C7JcYHmEAsHshgXnzh7WyiHZKIMlj9_n5zLRvnu2pIw\r\ncontent-disposition: attachment; filename=\"ancientfortuneszeus.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PyClmJG7XbAUBz7xg3LJvNzbr0XI03%2BuTK5dA3UlCcoNiKrO31YDoHT6wU4JE26%2FLSG9HVe%2BWsrno%2B7%2BmCANwArLdyaQBrhcP4EESGc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e3535b6149c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14274,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 300x200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"ddcf58dc3badb77e0aedb3e16c0805b8","sha1":"672c6eeb7240f069b9f9e1cf2f6e51925ded9001","sha256":"0bb25c60798402c1ec8605e7ce1ed6ca21d92883258fdfe7e732d1be7bb6a48c","sha512":"aa18cc320757fcd4536f15b652e6c4b9a023ec16a716c21992b4475e508cd98bced5c038ebcf16da2424178249e8ad7836ecd9911672199791f466b1d4899835","ssdeep":"384:8KV9UqC57u9PgMEF7iZ910LGNRXJaojej:8C9XTvZ91ScRZpM","tlshash":"cf52c1625d300819865a4770af1309b2d64b9df4e42b99e5f9b29c445ae78f337cccf0","first_seen":"2025-07-08T04:46:21.90544Z","last_seen":"2026-03-24T07:16:47.190482Z","times_seen":7,"resource_available":false,"data":null}},"time_used":1015,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":578,"receive":437,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/0.BHriPMts.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=17809494\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=b8f4f49c-d724-4914-a885-4e5a1e71f678\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2026-03-24T07:16:02.075Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/0.BHriPMts.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AGQBYWzRA7evT6ZNi2H6fRUZ4v5sSQpkzfZYGemAW2gwAiJxEDBn1TizOB6uO6nUL99G2hfF5U9wjQ\r\nx-goog-generation: 1774007385287395\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 78342\r\nx-goog-hash: crc32c=laZtmg==, md5=zx3QG4rzWQoxBlSL8TYiRw==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\ncontent-encoding: br\r\nlast-modified: Fri, 20 Mar 2026 11:49:45 GMT\r\ncontent-length: 24269\r\ncache-control: public, max-age=31536000\r\nexpires: Wed, 24 Mar 2027 07:16:02 GMT\r\ndate: Tue, 24 Mar 2026 07:16:02 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":78342,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"cf1dd01b8af3590a3106548bf1362247","sha1":"efa4e242fad6d38577baff449278a28efc83bb47","sha256":"92682ea10e45ff4b921137d801ecacd87a478fa402f78e70af78781765a7faa6","sha512":"f9b097f00d811bb0c5b0a251a59e352bbb1d1b4bd1f83804e10f0b803b8500765408556045bd7b01141846c921642179f18d9b5de7e2b10fa4f8ca9bbe0158c4","ssdeep":"1536:Bc32VfDmtAn1VRxWffbp2jOxY58wHRJzL5ye+:BcUfDmtu1VRckqxY58CJ35v+","tlshash":"ea7329d2f681f4399be7a8e555388003fa3a7958781cc270f31cce14215e58665b7f6b","first_seen":"2026-03-20T13:10:16.697723Z","last_seen":"2026-03-24T07:16:47.18318Z","times_seen":223,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/4.-uwpThwu.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=17809494\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=b8f4f49c-d724-4914-a885-4e5a1e71f678\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2026-03-24T07:16:02.096Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/4.-uwpThwu.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AGQBYWz3a8su165ceXBiOm87Fh0Dzn8ZjtK4cmo4JK9hERupnATYHxLvvJ4y_ZEX0CxxGT5HNvBfZw\r\nlast-modified: Fri, 20 Mar 2026 11:49:45 GMT\r\nx-goog-generation: 1774007385381017\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 218759\r\nx-goog-hash: crc32c=1pXXNQ==, md5=me6rIUUJ2zFLlRMuu1aStA==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\ncontent-encoding: br\r\ncontent-length: 67514\r\ncache-control: public, max-age=31536000\r\nexpires: Wed, 24 Mar 2027 07:16:02 GMT\r\ndate: Tue, 24 Mar 2026 07:16:02 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]}],"data":{"size":218759,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (36687)","md5":"99eeab214509db314b95132ebb5692b4","sha1":"dff06790aa602047a08dd7988b9f09dceb34be62","sha256":"78b0af123fa33269f2327509cf4f6faf0b1ef1495c54ec846f8fa3daa95117c7","sha512":"998cd3446c1887410c0c21d3dc3bc465778b0d19c65f1eeb16e6d8f8cefe27dab247300d3f3893b7adb2dca143464f5c4e4aca4e6975ede0262662036d8f5312","ssdeep":"6144:xpMuuKAnNxfpyB5jofpxLewPrhsdbFVrq:rMuuKAn/pyB5j8xLeOrhsdbru","tlshash":"16245bc4b18af53887eb34e6547e2002f63d6d18784c8564f75cdeb63da858a8273f29","first_seen":"2026-03-19T10:33:28.721348Z","last_seen":"2026-03-24T07:16:47.13038Z","times_seen":271,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/11.DJPUQwQu.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=17809494\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=b8f4f49c-d724-4914-a885-4e5a1e71f678\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2026-03-24T07:16:02.126Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/11.DJPUQwQu.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AGQBYWx4PyYT9oYqxXlkPbcxkU2_l8UG2XuqK-irPkdrkYsOwJ3PKxQqOfAiPJZBmuwg6TDgrEC5kd19iH3-4Q\r\nlast-modified: Fri, 20 Mar 2026 11:49:45 GMT\r\netag: \"640caab52100a1e9dfe618aaeb79838f\"\r\nx-goog-generation: 1774007385266749\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 300\r\nx-goog-hash: crc32c=IuJCUg==, md5=ZAyqtSEAoenf5hiq63mDjw==\r\nx-goog-storage-class: STANDARD\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=31536000\r\nexpires: Wed, 24 Mar 2027 07:16:02 GMT\r\ndate: Tue, 24 Mar 2026 07:16:02 GMT\r\ncontent-length: 300\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":300,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text","md5":"640caab52100a1e9dfe618aaeb79838f","sha1":"4654776a82e5405614a595d40cb33ca2b5bae0b5","sha256":"fb8eb817d7251014c136b441bd4004fa6567908059013edbb938925f23b67ceb","sha512":"17d605182be517c5e797b2fd823b9ab7b6bd73d97bd2c3d11c5eb29d108cd350d789116528e351abaebdf3654cc65100b9e3353064ba38c9ab9008126c6a3061","ssdeep":"","tlshash":"00e08cbdfca8d92152f5e9f8c0b60822cb593b0e502382b0f60e6f4a9519199a552826","first_seen":"2024-08-27T15:26:59Z","last_seen":"2026-06-13T16:26:54.519134Z","times_seen":29048,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=%2Ficons%2F18-plus.webp\u0026w=48\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:59.125Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=%2Ficons%2F18-plus.webp\u0026w=48\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 454\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=60, must-revalidate\r\netag: OGPJ4HipNdmlajb66v3EzgHT8SzMwMPFxx4PrzJSx3k\r\ncontent-disposition: attachment; filename=\"18-plus.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: STALE\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ujZZhbNMC7%2Ba1Mo9A2wtYkOlShAfl5razKFBZ3qMNDae%2BZZlzkxl%2BW%2BeSaGmUomKfQK68frcJnhPLpMccnrpB9lqsvDDt2H2i85a9tE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e34659b449c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":454,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d17759488f4533a6634d18f6a48ea9ec","sha1":"f1178301466ef9da0ae2628e4c475063ff3695cc","sha256":"3863c9e078a935d9a56a36faeafdc4ce01d3f12cccc0c3c5c71e0faf3252c779","sha512":"e2be0be03b4067e5265670d8bc06aa1d421549d1158bf8a007e2c17ffd2d90894b99f97c1c7b4223533d0cc377a0410972e3abe60c969e8b7fcf1bd854eee39f","ssdeep":"","tlshash":"fdf0dc4d25a3489d95862c6a35b0310609cb013c69b8a05758a3583020ea74e3299a6c","first_seen":"2025-07-23T13:52:55.442434Z","last_seen":"2026-03-26T08:43:48.712995Z","times_seen":6,"resource_available":false,"data":null}},"time_used":245,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":245,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=%2Ficons%2Ffirefox.webp\u0026w=48\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:59.127Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=%2Ficons%2Ffirefox.webp\u0026w=48\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 834\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=60, must-revalidate\r\netag: 8zpoHOkjQABtU-QSPnoxhqHd8moeWpmiygIwsWkrEEk\r\ncontent-disposition: attachment; filename=\"firefox.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: STALE\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LHe%2F3z6ap1dYyWFwW7FK2SSx6DYJEDq2SBXCJoavDxsZtxMj77I6vDA%2FFfPIo0qh8UXX%2Flhl8Zz7jOVbXO9A0aLgKPvAQ7s2MmpvODY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e34669b649c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":834,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"e6fd6e145b4d6dd87656dd840190ff85","sha1":"53e6bd70bcdab9105249bc84a05f65b848cf992f","sha256":"f33a681ce92340006d53e4123e7a3186a1ddf26a1e5a99a2ca0230b1692b1049","sha512":"ad1b982a34bc805f1b9d4276a577809b6f0a0c5aafa59c426f68256abaf7289ed780ca687168f2e24bb0c9a7466568a6838b7cfd8325aad921dabdef7870464b","ssdeep":"","tlshash":"2d01ca259e8e0b34c120cb70b2323a15927b0f0941d6367f98f7145da4b1d43f481a4c","first_seen":"2025-07-23T13:52:55.466657Z","last_seen":"2026-03-26T08:43:48.620607Z","times_seen":6,"resource_available":false,"data":null}},"time_used":307,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":307,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fi.imgur.com%2FYAWf5Xp.png\u0026w=256\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:59.157Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fi.imgur.com%2FYAWf5Xp.png\u0026w=256\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2142\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=31536000, must-revalidate\r\netag: SrWD71hOq44TxJcUAmdTFYsN8JVUK7A9Ea8mas85rLY\r\ncontent-disposition: attachment; filename=\"YAWf5Xp.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Wt6mMDU3QjhyIGbE4eTI1eOAOPhrYg0CrLPu1YuSUsgPk%2F9FgV2%2FfsG6iSGTAc773d%2F31y7DC%2BnuM%2Bkm8NSXqA1ERKAtKZle8KadjxI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e346b9c749c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2142,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 256x62, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"607274096b932098570cc7803f285a99","sha1":"99a690ac8b262730051600fd1943cf3c354eb63a","sha256":"4ab583ef584eab8e13c49714026753158b0df095542bb03d11af266acf39acb6","sha512":"1ddec756e344cdaccb41016cc795597de74150a9a66cc98979dceab48d00777c4499595d67527fa2aedaa9f97757b5df4284221ac41d57373e0fc1daa80833d1","ssdeep":"","tlshash":"ac417c66ddd800849c907a97f1f12787aad2173fa97594018e0591820da0bc6697f235","first_seen":"2025-07-23T13:52:55.489676Z","last_seen":"2026-03-24T07:16:47.237785Z","times_seen":4,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2FPP%2Fsweetbonanzasuperscatter.png\u0026w=640\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:02.658Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2FPP%2Fsweetbonanzasuperscatter.png\u0026w=640\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:16:02 GMT\r\ncontent-type: image/webp\r\ncontent-length: 17280\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=1209600, must-revalidate\r\netag: ZiuoOltbv90_f-oEdhIK1xbLqP5rSGPU7eeXSYd3LbM\r\ncontent-disposition: attachment; filename=\"sweetbonanzasuperscatter.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=F%2FJhO0NMittvQkIPvHNI0dqT9o94am5jO80aGLZj2J7o8GPPPKDgly9nA4Fkrv3jM9QT%2BhVB6VX%2FnRP8q5zP%2Bz29JdHpOu4A5P9LjCQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e35c9c9f49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17280,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 300x200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"760e20748be7d56db8382706ce72ff90","sha1":"b00e93c2b57995c625d89d959ba1dd8642a53185","sha256":"662ba83a5b5bbfdd3f7fea0476120ad716cba8fe6b4863d4ede7974987772db3","sha512":"61ce3bef13af6405cd653653b2e16866f8558cd383d411baed1b8d1fb2befa1718da641172a97ef0b09ded4e8384be399bb37fec6e1c2e554acda068deee0dbe","ssdeep":"384:nmbiY7lMve7iAiGTSPUWz4u5UwazuOa+Y1F8sTtXa:nmeY7lOAVTwU0qw8aV1Frg","tlshash":"a972b09c27621f884e3582c9a4efd6d2550b7ac7f1a9800ff3ed7c172000766ada6c9d","first_seen":"2025-08-27T21:04:42.546954Z","last_seen":"2026-03-24T07:16:47.201949Z","times_seen":4,"resource_available":false,"data":null}},"time_used":238,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":237,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/media/155cae559bbd1a77-s.p.woff2","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.792Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/media/155cae559bbd1a77-s.p.woff2 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dewanusa.rest/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 13912\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"3658-19d0b6cc914\"\r\ncontent-security-policy: frame-ancestors *;\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rZvM7g3%2Blr3RStclUq3Nx74j4B3h6k7ZDZMBdqhqlCTQbX%2F7GTubD%2F8xxGp3oAD7Q00ArlUeMK8miitUIv0azvg6v3%2F2%2FOPcHvScZcM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9e13e33de87849c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13912,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 13912, version 1.0","md5":"268d01e94fa0e3a13787891fe19f739c","sha1":"64b2f150043886c95b0ed2bafa0071b01b93cad4","sha256":"7bb29c58eadc0f0c7b704f5fce2490d10cb62efa55797a09c9b8f91b3b54cb34","sha512":"5bdba045eedb848c7fbaa6755f6ea14c48f64eaff196405be512af1eb115d2e6b81bed4ab71ae4b6b09300f10f5562b1c518d06733cb27fdc3e27e3d3364bd26","ssdeep":"192:15DEV4fdDdGtHvIEY530I4w8aFzASJzSQDcdZ3FN2t9g2aigcaROswc21kvrg9Qr:7oKxGJIT4ZuPzSXdyg2alqc2uTg3CN1","tlshash":"8252d1d538798a8ec5a5212c255e6f4dd3237df37e196d4681dd8a34e19c8033ce8b98","first_seen":"2023-05-06T05:46:29Z","last_seen":"2026-06-13T07:20:38.516678Z","times_seen":2415,"resource_available":false,"data":null}},"time_used":1102,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":901,"receive":201,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fnewsa%2Fe2cb18be%2Fimages%2Fdefault%2Ftelecom-tsel-bolxv2wp.png\u0026w=256\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:59.120Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fnewsa%2Fe2cb18be%2Fimages%2Fdefault%2Ftelecom-tsel-bolxv2wp.png\u0026w=256\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 4780\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=60, must-revalidate\r\netag: qJGc-MKTYY112usUOvMaANqgGwEFqf393nu7zkeimT4\r\ncontent-disposition: attachment; filename=\"telecom-tsel-bolxv2wp.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: STALE\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qTLkXfH88APr%2FVJM0NbyaqShLRoloSiwe40Vu0885WymVy8HWl9FnLUo9SeQ%2BWcD%2F43OSXuRaD8i1UYYtTDVuRg%2F3mhtZKJT9EMCr3o%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e34659ae49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4780,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"2a36d75304360d9c93db8a48eabee25c","sha1":"9f3baab4e2ce3afa0eaf76a560f0023c42edef9e","sha256":"a8919cf8c293618d75daeb143af31a00daa01b0105a9fdfdde7bbbce47a2993e","sha512":"b902f120ccfd80e9b260422b8ff41f8145ba7d64b2d1e6b328e874b513fa1fd978f3204bd41d241d155824341802c00e8d99fe03939c013b7f2b2c000ea86da4","ssdeep":"96:bcNO2DxwbhW0vdBW64aplpvOvLD7c/h9gWjjKFCcVh5CpJ8iC:Ax1wtWWr+SrOvLn2heWjjK9Vh5C","tlshash":"9aa17eb9443e7f904853453858d0c914a9f1040bd76cea5f9fe2b11b6870a5cd29af55","first_seen":"2026-03-23T15:44:44.525084Z","last_seen":"2026-03-26T08:43:48.636128Z","times_seen":5,"resource_available":false,"data":null}},"time_used":319,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":318,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fnewsa%2Fe2cb18be%2Fimages%2Fdefault%2Fbank-bank-rakyat-indonesia--bri--8j3z87p2.png\u0026w=256\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:59.123Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fnewsa%2Fe2cb18be%2Fimages%2Fdefault%2Fbank-bank-rakyat-indonesia--bri--8j3z87p2.png\u0026w=256\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 8294\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=60, must-revalidate\r\netag: eOkCH1xRJ73wdDkiw8glR7PnUrC67U4gKbwojgRvG_U\r\ncontent-disposition: attachment; filename=\"bank-bank-rakyat-indonesia--bri--8j3z87p2.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: STALE\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yBIGiBZ%2FyyHVASfXqUaOGuU%2FCRzCp0SDLCO0Juq7jeA9sJdJm%2BX8ga6AEvNaPEEXihXwAjVWab0tud2Vh%2FMaw%2FhhL1APJfvDLcmLaBs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e34659b149c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8294,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"aef1f344bc68f21883aebdb04932c164","sha1":"79e26a78e579dc3a62ae3ebd926b8765b071c727","sha256":"78e9021f5c5127bdf0743922c3c82547b3e752b0baed4e2029bc288e046f1bf5","sha512":"94499e90f0f0a85708a047f54c3e947147973970ddaa73061e6d5c66ffcabde184791e218e6b1aea0121155f0b4b26267989cca40c3001529391c12ee00ef73b","ssdeep":"192:8dQ3oY9tMka4OoUAAuOmEnWTs/QJe63yzvWv8YC6pnAHUFV5k:mQ3198loKlOn3yyUYCyAHUlk","tlshash":"5602b04c863acc1ad97170d672e9e357613f20c18d924b321cdf486607f40f9d764623","first_seen":"2026-03-23T15:44:44.499097Z","last_seen":"2026-03-26T08:43:48.637946Z","times_seen":5,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":246,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2Fmga%2Fancientfortunesposeidonmegaways.png\u0026w=640\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:01.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2Fmga%2Fancientfortunesposeidonmegaways.png\u0026w=640\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:16:01 GMT\r\ncontent-type: image/webp\r\ncontent-length: 16076\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=1209600, must-revalidate\r\netag: 6CRiqQP0NEcHZzTVTMPyha7X9Ekvlolu8RdZ1Z9ecH4\r\ncontent-disposition: attachment; filename=\"ancientfortunesposeidonmegaways.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FuTkdhuvFnOkTuBDMxiES3H7%2F2Ca3Fk2gKgwIzEDExIf9pXOYFs7nBGOFsD6uXTskzF9DQD3QQf6pTLgwn0vad7KxBpIC3rP5C1ZdB0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e3531b4f49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16076,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 300x200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"56f14f41d9d4524b5911a012ca0dadfc","sha1":"0e7c1b5f0767967a712007b5cbf2024621c060ca","sha256":"e82462a903f43447076734d54cc3f285aed7f4492f96896ef11759d59f5e707e","sha512":"0ea3a7a5f9b57f90d6b8862dd27aefdd5f70c912eb6303bef30fd5b36388568b04c658ed5fe9ce2e84ba1e07bf8a8a5907870055c9a31c09fbd1cac020123601","ssdeep":"384:GwPpGglKh0QNf48JBYbUkq+aT20R6VSu5v31IKe0:G4+h0QNHIUkXX0R6hN35N","tlshash":"4c72d0d7728c478fb98b352c8a2075e765262439df2cc5969dc2ecccf644d82e044f1a","first_seen":"2025-07-08T04:46:21.887346Z","last_seen":"2026-03-24T07:16:47.161606Z","times_seen":7,"resource_available":false,"data":null}},"time_used":607,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":604,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/18.BwJqqA7t.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=17809494\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=b8f4f49c-d724-4914-a885-4e5a1e71f678\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2026-03-24T07:16:14.107Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/18.BwJqqA7t.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AGQBYWxgG2LC2_txLA5TZeNTUq-HobbXriSm3jOKX9pmKPzU6EA-UWJEGvUl0-kUvrpgKByDPsnCDufJ8QmC2w\r\nlast-modified: Fri, 20 Mar 2026 11:49:45 GMT\r\nx-goog-generation: 1774007385284775\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 4151\r\nx-goog-hash: crc32c=ej/cWA==, md5=t+6p4IVHFy2AqQ7eX8I5tQ==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\ncontent-encoding: br\r\ncontent-length: 1775\r\ncache-control: public, max-age=31536000\r\nexpires: Wed, 24 Mar 2027 07:16:14 GMT\r\ndate: Tue, 24 Mar 2026 07:16:14 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":4151,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (4150)","md5":"b7eea9e08547172d80a90ede5fc239b5","sha1":"c309ed972776ff2f42d6233d434199378b0b0449","sha256":"5c301867cb63a886e85962abdd05a64d3eb6df916260efc1433f22b97ed87128","sha512":"30e11b1d7dec0d21284297f0c6addd8aa824c4ae5a45514e6cb9c35767a092535e3d8b1a1d58593326f4d8cfc8eb451f4d92da5bae6bbcafb375409fdb2ff73d","ssdeep":"96:iIUUP2pJtLmIiCZ+lDFlL+o8C1iq9S3jHN+3NtbNu82HMTOC:6UV5CwlZlCo8uicS3jt+9txpBKC","tlshash":"2481c8ab32dcbcb6f5c682e690675160539d11a9280d4fd0d02bcfd501ba3d436eaf6b","first_seen":"2026-03-21T09:26:08.668755Z","last_seen":"2026-03-24T07:16:47.233684Z","times_seen":33,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/4935-12b0e84df5b0b290.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.814Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/chunks/4935-12b0e84df5b0b290.js HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"11e7d-19d0b6cc917\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vpgoF407aGIUaTJwxeUGTTlwez8SCQKhFDvMWJ4x%2BDEjvKipuXZUbiX9U6Cz%2BywUqI12O8eEhNR6zlRCe1MhV0LcayhiiqslJI1CqnM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e33df88749c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":73341,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"5974372b1639abacd1e89dc15d4f46d7","sha1":"41c5414b9306b914de713559e6b412aee41a1b91","sha256":"2df85bca68e5600779e33723e48ef2d1993cb426f3f56d65216467c1363bf4c0","sha512":"441fd919213cd10efc66439f63802a0d8749d572d00fc24f011cbaf53d3900de38d3c928dde1eddf5d57b236bb8b531409a750a362d05ebe2f4dd34011e9505a","ssdeep":"1536:82Ws6U4l7Ilhqx0s9CuLrDbM0QHSa2C9gwyX723p2In02tK2sS6b5pU:82WW4l7yMx0s9R5CN2C9gwyL23p2In0G","tlshash":"0f636ca972a2b0554367c0ced0af4887f76c2914310e4ca5f393f8b8a5a85dd9173f7a","first_seen":"2026-03-23T15:44:44.457063Z","last_seen":"2026-03-26T08:43:48.80745Z","times_seen":5,"resource_available":true,"data":null}},"time_used":1089,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":879,"receive":210,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2Fmga%2Fcandyrushwilds.png\u0026w=640\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:01.144Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2Fmga%2Fcandyrushwilds.png\u0026w=640\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:16:01 GMT\r\ncontent-type: image/webp\r\ncontent-length: 12312\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=1209600, must-revalidate\r\netag: 2PpHv6GQRhPOCDmZhAsIeW2rZi9MsezmQkAB_b2W2rA\r\ncontent-disposition: attachment; filename=\"candyrushwilds.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HCBqG6SDlFpxzJcqzrm%2B8rv6UUBc57yXlfTnCc1WnP02Vfx7F7TPjRaY30WSDEvLmn2FY7ZZuOIp2XkamX7dn5HV9OcZwLuzhvaFboI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e3531b4e49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12312,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 300x200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"e5d1d52c26830b7dae9bdddce31bcf8f","sha1":"49badcb2df6a5ec5532ebf5a79ba4a96bfc6d324","sha256":"d8fa47bfa1904613ce083999840b08796dab662f4cb1ece6424001fdbd96dab0","sha512":"29ec4c719754ca46e38e8c0417f1257e6b8f64faec98a032176b35b0ceeae3fedd67e7c1738dedc0f35de18e842b552923b0b2eee7f11f6ed9775efb389e619f","ssdeep":"192:awJEcrCQTFI2ci+oEMGkFS6s7WonY2tFM1KK/x4Of5+iKoAeJUa4HWKm:hrRTFAxotGk9SY2tFM1h/G37Ha4Hy","tlshash":"dd42aecbca97efd4f81382384dfe648d8e6160ba36f79451876a71620ec57c58825870","first_seen":"2025-07-08T04:46:21.924624Z","last_seen":"2026-03-24T07:16:47.158499Z","times_seen":7,"resource_available":false,"data":null}},"time_used":609,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":394,"receive":215,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/7.qYTqns9Q.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=17809494\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=b8f4f49c-d724-4914-a885-4e5a1e71f678\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2026-03-24T07:16:02.103Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/7.qYTqns9Q.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AGQBYWyxnNF90VtIrYKeURpOtZtoAaIudpmY6iNa0Oowc3SaYNCaPj-87cE8_vdWNmUItkA57SlQB_Q\r\nlast-modified: Fri, 20 Mar 2026 11:49:45 GMT\r\netag: \"d541ce2d754402b833cc65b76eaea2c6\"\r\nx-goog-generation: 1774007385334203\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 40\r\nx-goog-hash: crc32c=jQQqwg==, md5=1UHOLXVEArgzzGW3bq6ixg==\r\nx-goog-storage-class: STANDARD\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=31536000\r\nexpires: Wed, 24 Mar 2027 07:16:02 GMT\r\ndate: Tue, 24 Mar 2026 07:16:02 GMT\r\ncontent-length: 40\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]}],"data":{"size":40,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text","md5":"d541ce2d754402b833cc65b76eaea2c6","sha1":"c36a92a0f5cef497ce42b1e8b4c72c8d9bd3786b","sha256":"80353503e48ebf6c2ae9f70184d3e758f64bacf48afe147e039df807509200cb","sha512":"f8cd5cc49f9276c580419958bf312ee0a311194fd41d116ee709e56401d769511700031ec9f3e6151f8da6b7e13b16e374a231e31cb00b92413ce5c751c2a0b6","ssdeep":"","tlshash":"f090044530d334753111111c453f5c0551144c4c05d55730c010d5551f514f4571fc4c","first_seen":"2024-07-04T09:32:22Z","last_seen":"2026-06-13T16:26:54.641631Z","times_seen":29863,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/690-eb9a0daf484b161d.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.818Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/chunks/690-eb9a0daf484b161d.js HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"1de0-19d0b6cc917\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gZ%2Bn2iOTJ3kjpV3nXNC1tCS%2FXxhMbgTHtlhshgglJCJzsoEEc0gDgsMMjtJEtMSuc2GyjYakMSJXQ7tvPA52yJvGqudCcSDrrFAUlEU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e33e088c49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7648,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (7648), with no line terminators","md5":"3b75a7616909d74cf21e2a5da53519e4","sha1":"56c2bd4ef9f0cce901e8ca08464f41a680c3ce4c","sha256":"d108fc2e666ddfaf6e5a1bf9342bc91eb5b5aca8345e2c46f8bb74715f89ab4c","sha512":"a28064a65c7c4ac8c2dd0e98a7089a865d53019a6954d093f16d790e325659cab35f4456c2ae4efd909733b872d9132142e3ff94bb4764124c2965017232cb0f","ssdeep":"192:5A9eQshaA4xBSSwSVMX49sW31xNZZQwARcAhZbNWIepCx7TQPL9h:5vbamSBmtW31xNZKwARcAhvW2xnQD9h","tlshash":"35f17474a75194a03f6f49cce88e4d94f72a92028f394c75f57a1aa4538cbc4ed413bd","first_seen":"2026-03-23T15:44:44.496281Z","last_seen":"2026-03-26T08:43:48.714704Z","times_seen":5,"resource_available":true,"data":null}},"time_used":910,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":910,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/187-4e25cc6737ba3fc8.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.845Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/chunks/187-4e25cc6737ba3fc8.js HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"6264-19d0b6cc918\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SfnWIfNiw9mPLi5HKZ3U%2FIOu8pRwCc1yIgezcPsvWXCmakGK3D%2FqSUls8myrPSSTgmTF4u6cysTwWo%2B%2BlCJ1mohgzkrtBvsdpnbPcvk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e33e28a549c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":25188,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (25186), with no line terminators","md5":"518eb0816ba9bd65ccc10d23144f9784","sha1":"30675042d33fa65552d581a3ae55bbac01c0b524","sha256":"aaf45e97e2e2d0dbc8724f6d7fa5cbac55a0d5747d05f078d14070387d8a5db3","sha512":"34384fdb5ae09b27d59b69a6e29fb8b288048d10070f6ba77610394b147b3876823e660555ca92633687ca3375f78b9ccd3e0c843416aeb0db68fd39db757170","ssdeep":"384:RjqJMb6doxR810n0c0247bugZxIgNstICdb8a9Q7MQdXbG0:ltUC0dVbu6JGCLFdLz","tlshash":"1eb209712252f031e9ffe6dce88e46a8b73b1e84bd150c71b4a2ae550104ec4f5dbb29","first_seen":"2026-03-23T15:44:44.43909Z","last_seen":"2026-03-26T08:43:48.744621Z","times_seen":5,"resource_available":true,"data":null}},"time_used":907,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":907,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fimages%2Fui%2Fproviders%2Flogo%2Fgameart.webp\u0026w=256\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:59.157Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fimages%2Fui%2Fproviders%2Flogo%2Fgameart.webp\u0026w=256\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2462\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=60, must-revalidate\r\netag: y09J1uuho0QR5pGwtesDLFYfxXovhp54VCCpK38teNg\r\ncontent-disposition: attachment; filename=\"gameart.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: STALE\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CesRj417grjRdtHlgxkCdBLjlZmIkZfM6o9evLqELCulUpwdlwoR4G2vp6LeO3qd355OWd6DWaRgadV6HF2BwqAl%2BCleDZl%2B62PcWd0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e346b9c849c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2462,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d76af9b806077c6fbe1b0a1b682aadfd","sha1":"7aa34dd341468199d7261ee80f3c288c520a8cac","sha256":"cb4f49d6eba1a34411e691b0b5eb032c561fc57a2f869e785420a92b7f2d78d8","sha512":"66f0a1670058acf48ceae735955e831a16077acebb706d90ccedd9e0b0298bbc84417ced95b9ac65152d0abf348a053a097bcc954d027041a65e1489c279bf85","ssdeep":"","tlshash":"3b515d48cbc70cd0d40ab982c6d5690268cfac2596785fb87fb050df0eacaec49daf55","first_seen":"2025-07-23T13:52:55.42952Z","last_seen":"2026-03-24T07:16:47.25532Z","times_seen":4,"resource_available":false,"data":null}},"time_used":376,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":376,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2Fmga%2F3blazingvolcanoespowercombo.png\u0026w=640\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:01.184Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2Fmga%2F3blazingvolcanoespowercombo.png\u0026w=640\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:16:01 GMT\r\ncontent-type: image/webp\r\ncontent-length: 18416\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=1209600, must-revalidate\r\netag: lhaq_ZVrNMV10R97ftxkQJeSkqdoxenykm5ntEfOzPs\r\ncontent-disposition: attachment; filename=\"3blazingvolcanoespowercombo.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BODfujDJZ%2FEiPU%2FMX03%2FlKL0XO0kMAAW7Maj58PI1Ga%2FWCjLcnM7T1ujJI1ZYvBTF0MmQ8HaGtmiL10cjBfoA1obf%2FNO0YIqSISH%2Fzw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e3534b5c49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18416,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 300x200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"185228fa81ce46c024f8184ce7b89852","sha1":"d70c32919840769d42d31e9b5a319b8a9cd09877","sha256":"9616aafd956b34c575d11f7b7edc6440979292a768c5e9f2926e67b447ceccfb","sha512":"5ab7297f239c148ee2270400254db62e3a79d963114f2ba27a88539ccb52b25a9b3eff2f77e090a38ed6f7a4e7a5ec1a91dc705fdb9c22bccb200a7ce99ca68a","ssdeep":"384:qlOVBmyenYeoQZf0LlkcsZ2KWFGDapx2kJHcAuUlR/Exh4hprYA:qlOP/aYeoQZM57sZF2T2sGE/46wA","tlshash":"5e82e17e50fce370cce7f8c5eda03254d744e95c9d0087909896ed085483229fceb85a","first_seen":"2025-07-08T04:46:21.90241Z","last_seen":"2026-03-24T07:16:47.163213Z","times_seen":7,"resource_available":false,"data":null}},"time_used":1026,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":589,"receive":437,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/app/template-ce27f352978faf60.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.851Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/chunks/app/template-ce27f352978faf60.js HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"b93-19d0b6cc915\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=L9SwQxe%2Bu%2FHZlhOZ8MOBFP7Ok80kBZizyGuoQyvxWrvvzhahU2qGb5hUvjoHcelH5wjFM01YInU6GqiZADTNGGIcfd8Q1JO6otwPG08%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e33e38b149c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2963,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2963), with no line terminators","md5":"38c6b99b6ee948315ca4f974b0c49282","sha1":"f4553461ce821bd6ce08a2f96fb05574028e74c9","sha256":"3017bc953aeba87a234118e3e0913c48e60c454104914451f9cc4b66e904f569","sha512":"189bfc2a0b064a4a9bc8b6d80f83ebf108d1bd2d9569c0720557e00758f70f2b7e21203c9c0a3a1cae8a0e5ad0222f0a9368bd0401780893d8b8a0df9f01def3","ssdeep":"","tlshash":"c851d7bfa642388d23af45e4803b1407f24e6c79202e8c64a792dcb922d1d746676de8","first_seen":"2026-03-23T15:44:44.434719Z","last_seen":"2026-03-26T08:43:48.725384Z","times_seen":5,"resource_available":true,"data":null}},"time_used":986,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":986,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fnewsa%2Fe2cb18be%2Fimages%2Fdefault%2Fbank-bank-permata-8dchmk8j.jpg\u0026w=256\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:59.117Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fnewsa%2Fe2cb18be%2Fimages%2Fdefault%2Fbank-bank-permata-8dchmk8j.jpg\u0026w=256\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2250\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=60, must-revalidate\r\netag: w5CJmY_a8Z7hJqrIo0tBhvOO7bV2oFHY7UFY7V2428c\r\ncontent-disposition: attachment; filename=\"bank-bank-permata-8dchmk8j.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: STALE\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eWRNd%2BHgUrHW%2BYoFmO9DvOQrEKUbbmRoHxvACXvMvimbVrhoQbmKTgu%2Fdva%2FBVShF7JhVwTDgziEGLvahYFwiF09aP3gehGSIHaOzjs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e34659aa49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2250,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 256x170, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"d8e4439061ab59858e469b9eb6d407e1","sha1":"7efa5c6c355a4f6585aadb339ce6a80972558c55","sha256":"c39089998fdaf19ee126aac8a34b4186f38eedb576a051d8ed4158ed5db8dbc7","sha512":"4c8025c8a55930e7e5b93f7cd8f75e9b129e618ec215ef68275fd3fd6ff8ff89247119c8152a85fd23b5a9faba54660a0c60b338f3ea91572dcb24b92cf80fd4","ssdeep":"","tlshash":"534119026292a0add6c7cd275856fe8c6776f3f6e2888a37110fc5506327e616610a81","first_seen":"2026-03-23T15:44:44.415385Z","last_seen":"2026-03-26T08:43:48.62667Z","times_seen":5,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":247,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fimages%2Fui%2Fproviders%2Flogo%2Fpgsoft.webp\u0026w=256\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:59.130Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fimages%2Fui%2Fproviders%2Flogo%2Fpgsoft.webp\u0026w=256\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1352\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=60, must-revalidate\r\netag: JQYNGPeDXNwzExMrHBGgXqQUd9J5uXUjDChYljbvQtU\r\ncontent-disposition: attachment; filename=\"pgsoft.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: STALE\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9M7P49vnXe7k5NUeDZyK4kXQz%2Fr4CeZVcnW6LAfPWCetk8n22MxlBOT4BiEeWKnFy%2FAhFhlIngLNPQbalBeIOreHNH8oQGDbqk6YWA0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e34669b949c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1352,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"1b4ea113aa553638bde53387328a32fa","sha1":"8b7e22cab46bb0f1a82259b51cee9bc83989e365","sha256":"25060d18f7835cdc3313132b1c11a05ea41477d279b975230c28589636ef42d5","sha512":"0806ec5d583792f4d2b0f57c09fd83d7330a7db4accd031d0600a80a4c6bfd548371760b87c2a0cc69fa78dd2ea28f0acb8561ce2561774324959c36a06006a8","ssdeep":"","tlshash":"3d210843c94000ab98abb882ba2c224c8057c33a80f39f531602f574e2b8b793c62270","first_seen":"2025-07-23T13:52:55.405346Z","last_seen":"2026-03-26T08:43:48.814228Z","times_seen":6,"resource_available":false,"data":null}},"time_used":467,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":389,"receive":78,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2Fmga%2Fluckykoi.png\u0026w=640\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:01.175Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2Fmga%2Fluckykoi.png\u0026w=640\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:16:01 GMT\r\ncontent-type: image/webp\r\ncontent-length: 15014\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=1209600, must-revalidate\r\netag: PTr5Ja7kBDqr_BAsfBbY86hU6XDkyiOx8_exRh5ile0\r\ncontent-disposition: attachment; filename=\"luckykoi.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3v2JDljvb%2Bd38o0BKJbdlVPFF7Ggzcr3E5bciL8HhpqUFkEbqPFSHSftHCPlO%2BdH3fLjiLdDwiJ5mcc6YyiEmYURHt8Osu1JY8Yhdx4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e3533b5649c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15014,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 300x200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"e8a6015f58bec211c9ac6a390643cc77","sha1":"9c77cfc42c12fc8312c8d815328df98c19d56a9e","sha256":"3d3af925aee4043aabfc102c7c16d8f3a854e970e4ca23b1f3f7b1461e6295ed","sha512":"cdcc00864297fec06d79358b3a2357cd2ad82227d9ad2550dba92daad4c2e284f39a58e9fba85f64c4a0235160493881ec978a1c64a603eca30c231bdd07d26b","ssdeep":"384:wZWaDSxJYZTktQCWnxmAPZX/HYKQ7RZZilYKB+CCkfmh:OpSXY1kt080/HYKQV7iSKMCCl","tlshash":"9262c0036ad74beb0eded24077063ae643896679f40f1dc11dd84b959030acf96993af","first_seen":"2025-07-08T04:46:21.970633Z","last_seen":"2026-03-24T07:16:47.16239Z","times_seen":7,"resource_available":false,"data":null}},"time_used":812,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":592,"receive":220,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"core-1333692039.cos.ap-hongkong.myqcloud.com/newsa/031b4af5/images/ui/logo/desktop/logo-k9cgzumj.png","fqdn":"core-1333692039.cos.ap-hongkong.myqcloud.com","domain":"myqcloud.com","tld":"com"},"ip":{"addr":"43.132.105.206","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:59.112Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.cos.ap-hongkong.myqcloud.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"GlobalSign Atlas R3 OV TLS CA 2026 Q1","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Mar 2026 07:35:01 GMT","end":"Fri, 02 Apr 2027 07:35:01 GMT"},"fingerprint":{"sha1":"F3:D7:6E:13:68:23:65:72:46:DD:C3:C6:C6:97:CA:F3:1A:2A:BF:E0","sha256":"D3:73:DE:50:36:F6:35:C0:3E:DB:5A:B2:24:6D:88:10:98:AE:18:B5:11:83:30:89:69:94:CA:15:66:04:56:39"}}},"request":{"raw":"GET /newsa/031b4af5/images/ui/logo/desktop/logo-k9cgzumj.png HTTP/1.1\r\nHost: core-1333692039.cos.ap-hongkong.myqcloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/png\r\nContent-Length: 168736\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nContent-Disposition: attachment\r\nDate: Tue, 24 Mar 2026 07:16:00 GMT\r\nETag: \"decb82474a70e1db949ae1f5fab84d45\"\r\nLast-Modified: Mon, 16 Jun 2025 10:41:23 GMT\r\nServer: tencent-cos\r\nVary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method\r\nx-cos-force-download: true\r\nx-cos-hash-crc64ecma: 8803333732375305899\r\nx-cos-request-id: NjljMjNhMzBfZjAzNDUxMGJfZjg0YV84YWQzZmVk\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDQ5OTQwMDMyMjU4MDE2NjU\r\nx-cosindex-replication-status: Complete\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":168736,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1399 x 983, 8-bit/color RGBA, non-interlaced","md5":"decb82474a70e1db949ae1f5fab84d45","sha1":"03613606a5451249048fc937710d986dfa393a47","sha256":"ef3a4d32100ead0da51d780a5b46e4e08a04fa644d0b24307ca1f0e784e9164a","sha512":"1d498b173553d4796617bf0fc40116589f746d07dc6f837987ccc4099ce8219b62fe4fdf3c4d214cff68e80ee1e90a90811949653c728d85f66613d0b4bd7276","ssdeep":"3072:R0QNVGF/jp2vnKPD2WMlwDBUscfIscSFikkjqHZnjjQes729i/qh:7kVAnKPDmwB7cfIiFSqHZvQao6","tlshash":"f9f3f10d979708acd052d377fca10eb5e7f95a6948758b48bbb4cb3a4eca7e6c112d00","first_seen":"2026-03-23T15:44:44.447143Z","last_seen":"2026-03-26T08:43:48.716952Z","times_seen":5,"resource_available":false,"data":null}},"time_used":3799,"timings":{"blocked":1454,"dns":426,"connect":271,"send":0,"wait":307,"receive":558,"ssl":779},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/6930-97dbad9ee68747b3.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.831Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/chunks/6930-97dbad9ee68747b3.js HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"333e-19d0b6cc919\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FddGdgn2Nmf16zN%2BXnGBV6rt%2B4tjYLTAAXvbXDILzm%2FGS80k8GJfH%2Bqxyu4XFhzeww3EtzstVXFTeOcNZeyCQpfKBmb1HtNT1Nmb4kM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e33e189849c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13118,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (13118), with no line terminators","md5":"31525278b6dfb87f212de83495050d4d","sha1":"78a173c2dc7bc12dd0941cb1c794f6de69810f83","sha256":"b1b4c57f9fa8c8ded2d4860f4085affb25cd0930adc75f0a04ccf92d0d987ec8","sha512":"5b810523719f7334823af475cff7a939c524e24b0abc8126e64921116fe7504180158fd298986d4a2086f1a0674c58991e6468b54598c6e3a9cdeecfbc28fcfa","ssdeep":"384:IFxCFMMrS8kdzORMxpF278M8J8TveFxaM:0MFMQS8yzORmkoM8aTveXaM","tlshash":"ed42d79af565f061c3434466406f0146f23a3f5de5298408f33a9df93a9288a77b7f3a","first_seen":"2026-03-23T15:44:44.471677Z","last_seen":"2026-03-26T08:43:48.756787Z","times_seen":5,"resource_available":true,"data":null}},"time_used":876,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":876,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/7976-72b08d0d566b1866.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.847Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/chunks/7976-72b08d0d566b1866.js HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"10094-19d0b6cc918\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eOOkrUkzIc7WuWEKf8RhjdWkulQ2v9APAWKYsOZ%2Fk3D4bC880%2BJXDgALW78%2BrMmnRLj7wQTX0cOIx0RYQgcZwUDYckMZBbaxSso%2BUJw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e33e28a649c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":65684,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (39600)","md5":"0fd17b844422f8fa52a5a3fa4b053c68","sha1":"2af77b46b132f9a83e95297e4cf09ce6539ec844","sha256":"c72fb3c2b22630616909cd7bea6a90b9a7016e8c393d43769d52af72c5d1eebc","sha512":"c1748dad0db448c773cf1720719e7fa7509d9a6c89e7c760bb501f167098b099c6ad62032cab37b51da74c4f90dacf8c008220457943d2cdf1928d3bbbccdd81","ssdeep":"1536:AHaIGJF4jDMbBMbhVKXI8+2b/2fxwSV9JFQWbbEv4vVYHGrI7b3f+:A67J+jGIwSNEv4v6H7Xf+","tlshash":"b4533bc1b3d2f42a9b6d61d654254002f37a9eac240d94acf3b46ceb319694da0ebf35","first_seen":"2026-03-23T15:44:44.494107Z","last_seen":"2026-03-26T08:43:48.715646Z","times_seen":5,"resource_available":true,"data":null}},"time_used":1144,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":932,"receive":212,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fnewsa%2Fe2cb18be%2Fimages%2Fdefault%2Fbank-bank-central-asia--bca--2shrzkyo.png\u0026w=256\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:59.113Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fnewsa%2Fe2cb18be%2Fimages%2Fdefault%2Fbank-bank-central-asia--bca--2shrzkyo.png\u0026w=256\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 5176\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=60, must-revalidate\r\netag: NZMtEPY9iSrG_l48cqFEb2zd55HHhvXITBjG4sy5wfE\r\ncontent-disposition: attachment; filename=\"bank-bank-central-asia--bca--2shrzkyo.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: STALE\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TYWnl3an0sHu3qcZIUO697eNUAYULi0ybObhQX7MEazUi7pcl0qdSiLL6vRrAntAlX%2BfcYHt9nIGaG4KDP36IUo8HLEn3Y55aLS2%2B2s%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e34649a549c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5176,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"bd510f4757661c4ebc543db57993eddc","sha1":"94951dde1f0f026169f710096f899e60a2702d3c","sha256":"35932d10f63d892ac6fe5e3c72a1446f6cdde791c786f5c84c18c6e2ccb9c1f1","sha512":"b047a20954a0b5f7e45e0c7100896745a2df2353691bbc7f653241756cd9e391cd448d092a30429ff74b5d16457a6f20c02b893bebc55e7481ceb640cec0acb7","ssdeep":"96:cChS15HTctn82IVXZQhKI7oirOVJsds+JyeL0ouMJid2tP2IxeCkXbnvAa:cp1dctnaVJUM3nas+JyaJuq2IxeC2vj","tlshash":"8cb18e9c11764f1df2436acc0266b87dd04760baff5eb64904a87854fbe65c2ac30261","first_seen":"2026-03-23T15:44:44.522742Z","last_seen":"2026-03-26T08:43:48.80198Z","times_seen":5,"resource_available":false,"data":null}},"time_used":440,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":440,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fnewsa%2Fe2cb18be%2Fimages%2Fdefault%2Fbank-bank-negara-indonesia--bni--973yerhy.png\u0026w=256\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:59.116Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fnewsa%2Fe2cb18be%2Fimages%2Fdefault%2Fbank-bank-negara-indonesia--bni--973yerhy.png\u0026w=256\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 7350\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=60, must-revalidate\r\netag: lCFpXVZkG-XHhrkhZ-wK6yWniEaXucReNV7tkfOCGNg\r\ncontent-disposition: attachment; filename=\"bank-bank-negara-indonesia--bni--973yerhy.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: STALE\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=c3%2F5le5yB10qQqLz1KUB2K4fQLkgqSkqSTdQDdR9rWCHwli%2BGiDBbURF0T4uNKEcyRESYFvmTBxwZKGEM5JZkCRxQXjDt7Wx5bRT974%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e34659a949c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7350,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"e00826c6b392fcc8beb15719bc0dc61f","sha1":"e582cf5538dd7d5ea557efc9ee497fef723cbeed","sha256":"9421695d56641be5c786b92167ec0aeb25a7884697b9c45e355eed91f38218d8","sha512":"15dd4ac196c82310d91672be0147c35db3cc331e4c9158de27d2e1ca905d09cffa2fb9c1ae882a5f237c4c12bb28527b090143e90a22c7d193a5b6afee5665ad","ssdeep":"192:EfT9vEpUtBIHCm5bsFSnf6jj0GbgXbyZnJtJQY5BilyIYyE:EpyUtBqN5wFcwjNsX+ZnJtOY5+q","tlshash":"3ae19e64784089abf13f137cab295fb8b1448844a2472fe3d6610cb24da6c93b4e6485","first_seen":"2026-03-23T15:44:44.482887Z","last_seen":"2026-03-26T08:43:48.773052Z","times_seen":5,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":242,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fimages%2Fui%2Fproviders%2Flogo%2Fpstar.webp\u0026w=256\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:59.131Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fimages%2Fui%2Fproviders%2Flogo%2Fpstar.webp\u0026w=256\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 3376\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=60, must-revalidate\r\netag: XGjkBZgUOs5lyHd9Es3aXHCr7SL3tZTVGcw8ObGAhxM\r\ncontent-disposition: attachment; filename=\"pstar.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: STALE\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=V4Y7p8d7O%2FzRJKOiHg2WEFffgkIuex4jb%2Fjq%2F%2B97ZKGkuY0WnJzE6b6%2FafEatuyTetzusxfTivpHjxv07EaNGDfSO0zQwddAD9sCXSg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e34669bb49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3376,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"8439b2e1e3deeadcb603766a9e67c783","sha1":"22f00c018a40f4ce7f8195d400848b321cd72e59","sha256":"5c68e40598143ace65c8777d12cdda5c70abed22f7b594d519cc3c39b1808713","sha512":"c52a96985c09b8bc03fa4f45d9e7bef6a8d71070df093ad161b911d4f8ec22f11f2db2ad0de6a26ef4ef182d0f8793d3a4317dcacb2a2889c3a4c54de85a88a3","ssdeep":"","tlshash":"6e618bf590ea312034167ff4108837d06e3e9aa046bb460aeffa0a6c61d09806b9d3c1","first_seen":"2025-07-23T13:52:55.416788Z","last_seen":"2026-03-26T08:43:48.763652Z","times_seen":6,"resource_available":false,"data":null}},"time_used":423,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":423,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/2.e4ZPo7IS.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=17809494\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=b8f4f49c-d724-4914-a885-4e5a1e71f678\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2026-03-24T07:16:02.085Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/2.e4ZPo7IS.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AGQBYWxph-SK2LUSkHCU-SFR1xe7ddwlg6H9Jwxrl6rR-6Nq3MU1iGfXAU56uE4HDCem69YkO3QeoHQ\r\nx-goog-generation: 1774007385375770\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 445522\r\nx-goog-hash: crc32c=XulvnQ==, md5=uHBOmk+snMbtMajuHO1XRA==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\ncontent-encoding: br\r\ncontent-length: 125484\r\nlast-modified: Fri, 20 Mar 2026 11:49:45 GMT\r\ncache-control: public, max-age=31536000\r\nexpires: Wed, 24 Mar 2027 07:16:02 GMT\r\ndate: Tue, 24 Mar 2026 07:16:02 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]}],"data":{"size":445522,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"b8704e9a4fac9cc6ed31a8ee1ced5744","sha1":"599832fa652fb79cff9fee0acfc06371c39cd801","sha256":"b03428d1cd76ca76a60c969ad81ec13b9c53b424561703c4cde067c7c9dac2dc","sha512":"c175128402adf09a457727636f145aad345c2fbd4ae2a2ec1478e383bb1cb96a853163d3be9c911b249b943cc60ae82c8979f03468098cb4de96a9648003a16b","ssdeep":"12288:AR51UTGQCkC8iMQiiH56K1rNZoEOWtaPloSdXGZMRZNW8KfAZExrr8jr0IbM4f+T:AR51UTGnZohzGf","tlshash":"30946bd0b242b938dbe7c19b90bb1609f73d3d09b42a9661f1bde85d33940489277fa4","first_seen":"2026-03-20T13:10:16.638449Z","last_seen":"2026-03-24T07:16:47.227643Z","times_seen":225,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/14.CbrGcdbU.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=17809494\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=b8f4f49c-d724-4914-a885-4e5a1e71f678\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2026-03-24T07:16:14.146Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/14.CbrGcdbU.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AGQBYWzZINBkD8rrkQx_0RdbgyX8MDDKZSwDWBo5dhjmV8NNDHrhFixC1QpZfeZ3t38RvbtkSsDb2jw\r\nlast-modified: Fri, 20 Mar 2026 11:49:45 GMT\r\nx-goog-generation: 1774007385279180\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 1202\r\nx-goog-hash: crc32c=uhWGNw==, md5=EkX6w387Jm7kf7mtk1L/1g==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\ncontent-encoding: br\r\ncontent-length: 578\r\ncache-control: public, max-age=31536000\r\nexpires: Wed, 24 Mar 2027 07:16:14 GMT\r\ndate: Tue, 24 Mar 2026 07:16:14 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":1202,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (1201)","md5":"1245fac37f3b266ee47fb9ad9352ffd6","sha1":"2fcb3ffdf47f069995adb65b400bf97bf8376cc9","sha256":"6cad9e49d556963ec7d665099f069175775a55fdd40116dbccf8feab574242c3","sha512":"738b7f1cc7e2b47a1fbbe9210859ed0feb64bfcf8e26e5faf6a2d4ac890384b23a99d52d74896a177d47974c5e9b985b3514fbe2c7c1620ebcc4350cbaf9bc87","ssdeep":"","tlshash":"e421df9ead48e5714be84de590a21c36da68631cb1abc4f0f16b1e9633058c312f3e17","first_seen":"2026-03-19T11:32:13.705712Z","last_seen":"2026-03-24T07:16:47.234363Z","times_seen":41,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/media/4de1fea1a954a5b6-s.p.woff2","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.795Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/media/4de1fea1a954a5b6-s.p.woff2 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dewanusa.rest/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 13980\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"369c-19d0b6cc914\"\r\ncontent-security-policy: frame-ancestors *;\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Xg7SgYKxlQsebR1jF9HJy0mNIkVtHYcKBJm9kDlsT3uGf%2FNJ%2FsyK6%2FkhVq6PA84IEbgCsk9vBatrMm5clPxKmgs%2F5zkkIkcEyEHUOl0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9e13e33de87949c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13980,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 13980, version 1.0","md5":"b7d6b48d8d12946dc808ff39aed6c460","sha1":"3f18028a04b3fb39bb1cc33dce401d04e9207970","sha256":"d4ae5188a65370ecfe28f42293bbee8297cfd5712c6aadfdb270d48f2bcd88b0","sha512":"7c719a3026913201c92129f92b5c08bbe4344fc9c3b2d95445a3ec23974acc7de4555177145dfb8ae007572d03038fb3461e62654c386a60ddf32b0608edbd7a","ssdeep":"384:xE1ZUpMQcRcGQO/z6vwr1/4UcKURb5nbC5n:x+OcKGpz6vwrB4cURBQ","tlshash":"6552d041c8074200cbbb3471b46a9dd168914030a9dd24592b71e9b137f63affd5ae8e","first_seen":"2023-05-06T05:46:29Z","last_seen":"2026-06-13T15:29:19.778737Z","times_seen":10220,"resource_available":false,"data":null}},"time_used":1150,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":931,"receive":219,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/5604-eb2ed400912f2125.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.816Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/chunks/5604-eb2ed400912f2125.js HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"d3c1-19d0b6cc917\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aw8lR9e7C9RUP46Llt8%2BRDM%2BSn7dtQuxoIZKzmpD3Dn4kvAMrY4UyJI2Ghoh412wz7i%2Byju5WEW3Z58wcFgoILSoyfd6Y%2FqQB0yvNEI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e33e088949c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":54209,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (54203), with no line terminators","md5":"d73c4146dadc4dc2acafd052337daa3c","sha1":"2d169bb7340c1fecf1135a196af637026b9c3960","sha256":"90d408e834438e1e2536d6d4b24cf4cb0f01c22e5a29579708565ab748260bb3","sha512":"a7967420a477b09e112f079da9e79eb8ce9d2024e15b43134ca92877b15cfece50c7f2169a2a32d540b63b419a1d7805bd8c666699864d882c9dcf5d5dd9a177","ssdeep":"1536:DN3NpnQ2oY8pGNpTF2nwSreDx7p3v9aCf5LY/a+cvYbXyNHTRx3i:DN3NpnQ2oY8pGNpTF2nwSreD73vV53HO","tlshash":"2433e8a0f181b1262a4343d5843e0309af7e3874564ca46bb3ac9dd71d65cca4a7ffb2","first_seen":"2026-01-10T01:11:01.694763Z","last_seen":"2026-04-13T08:00:08.198132Z","times_seen":7,"resource_available":true,"data":null}},"time_used":1203,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":995,"receive":208,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/1991-b814e40b7d0ea1da.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.822Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/chunks/1991-b814e40b7d0ea1da.js HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"5e4d-19d0b6cc918\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XtckoDEg6YqOQAGB4ig%2F7o%2B7iU9UIKXsMnVlvXWvYAU848pAo3%2Bid07xNGTmOgaMbxm3P2mONTZ%2FEnEWH9t0K%2FODEmxfMShi9nwB7n0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e33e089049c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":24141,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (24141), with no line terminators","md5":"aedca25e4e2f16bc082e2ee8e417d2bf","sha1":"d597009134bfa2185e9394c0e5c6fc433f6ab771","sha256":"da6633a7e8dbe754838e0aec06bc1b8b764b7784eae368ebc08af29377f7b44f","sha512":"6d715e365e0f0a56dbc67ebf8ea0f7bac810524bbb90ab1177a713f4dd0c2f29ea6a5cfb8520e4c6595b157d49cbaf4324065d411c96309b38c8db11b14a15be","ssdeep":"384:SVqgvEGJtRO9gLcP6NIoDG0W/6CTmfGWWQ2WmSO:SVP5JtRO9gLIEK0VCT1WN7O","tlshash":"20b20988b593b41406a392a550ff514e72bd2d1ca5cc9098f2a2d0fe2df698c6177ff8","first_seen":"2026-03-23T15:44:44.449709Z","last_seen":"2026-03-26T08:43:48.701522Z","times_seen":5,"resource_available":true,"data":null}},"time_used":1085,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":880,"receive":205,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/6752-8e2650373eceb28f.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.847Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/chunks/6752-8e2650373eceb28f.js HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:59 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"3a60-19d0b6cc919\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tdA8wr%2B1%2BwUNymzJFgZJJBJ1kY9e3PYpPnj313pruQbuLG40T3ajoBz5jCISLZfTAAF%2B4Mx87NNQNw6AuJ9acy5v%2BANCsirck4UMSxc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e33e28a749c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14944,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (11684)","md5":"cfa456cb0a8808856582d7b25f136a5e","sha1":"8ce8cf6f6cf8898f1c92e482ea95464f642cb8f1","sha256":"bfc5e427febf562f55111a8deea9d6c8658af5fa56ac315a26f1b1f83916c3e5","sha512":"7bdff54535229c2d40fcf5b425fcecc0ae0c1388350b17e8974298bdbbd0c2f81a05ceb9b04d2dbcc69cc7b954a0e84f0c0403cf36800a82ed2eca7b05f319bd","ssdeep":"384:huFojZYTqc2YSu/XefrmUL4+7PTvV6VqX:huFoj4RxfML4TVqX","tlshash":"4162f9e8f235743146bb84bdd1afc07cb62a3628305fd474f1955c25266848db2e2fba","first_seen":"2026-03-23T15:44:44.49821Z","last_seen":"2026-03-26T08:43:48.803996Z","times_seen":5,"resource_available":true,"data":null}},"time_used":1230,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1230,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/app/layout-2e8be1fdea965f51.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.850Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/chunks/app/layout-2e8be1fdea965f51.js HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"8ae0-19d0b6cc915\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TQRKUvVQX8IsGDOXArV9cFMh1CZABQpiu7B%2FDde6sN2Ae7IhoIZuqhBF4c8qSk97ROtTLd2iem1vAAJznGlKDXMDzDyOZryn3m58We0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e33e38af49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":35552,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (35552), with no line terminators","md5":"c9f3ef737639a868ffbf8f755231ea57","sha1":"ecc55b841ccd1f8a6eef4820398bf24d9f62f0cf","sha256":"f8fe95842cac7ee85c9e32bb19497a5bf2cfeb2ad7d278bc8462c04dda4b0aa9","sha512":"ca3eb489c18e6c55d553c82d94a260b8905bb810f158cc5d6bc2cbea7df1b01f58a536fa75c3aeb957fecb784a3e3bc1e42a6ddc0528af6a12917c31f7603859","ssdeep":"768:fxBHzQvgUPYz68nyva2r2niSnnboKvr8GOVuWRV:fxBzYelnyvaTURV","tlshash":"16f2a7346d99ba58ada78cdca1e7480ca14f8c1c813b197cbb98fd9d01d3688b453bdd","first_seen":"2026-03-23T15:44:44.505181Z","last_seen":"2026-03-26T08:43:48.800927Z","times_seen":5,"resource_available":true,"data":null}},"time_used":861,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":860,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fimages%2Fui%2Fproviders%2Flogo%2Fr88.webp\u0026w=256\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:59.158Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fimages%2Fui%2Fproviders%2Flogo%2Fr88.webp\u0026w=256\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 4540\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=60, must-revalidate\r\netag: UE1PdsF749B6TODZo3ny56OZ9kUFfojgeX6-sdp4BS8\r\ncontent-disposition: attachment; filename=\"r88.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: STALE\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dbZE8Y8LpQJEIhK3H29%2BJZaJMlMyWlAvyxHtuDLc2%2BH1KFxeW2OqPswSfj2nL0MpNkSKLZLS1EZCjXa1CavSi1C3JQZnByz2DMx%2BGN0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e346b9c949c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4540,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"f5aec284c5e609365a615e99f88a082e","sha1":"cea785be948a7af14b3e046c2308eda84bba0604","sha256":"504d4f76c17be3d07a4ce0d9a379f2e7a399f645057e88e0797ebeb1da78052f","sha512":"88842fe8f8c5bde3d79b3eecf9b90b215dcd1676a67de30388565a79daaf594d8b76b340899ff21198057debd6194057d31f1d56508cb30ba26a9f6963970354","ssdeep":"96:rPrmVh8xBOAuA1q/KgQl5bNmAEFUtF2rvegUcFgl+XZGE1SP:GVh8xQAuA1q/czQ7FUDoUcFgwZX","tlshash":"77915ed4f9e0c14d9d63834cf9002a4b5868921a9ae61462e5bb76072984d44ebe42a3","first_seen":"2025-07-23T13:52:55.555386Z","last_seen":"2026-03-24T07:16:47.123747Z","times_seen":4,"resource_available":false,"data":null}},"time_used":255,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":255,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/5.DDJgJSMw.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=17809494\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=b8f4f49c-d724-4914-a885-4e5a1e71f678\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2026-03-24T07:16:02.099Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/5.DDJgJSMw.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AGQBYWyX_272eg8iP7HpPKMAKNxEbLhfmJ0Nv94PzSBXKHd2AmoOrpfl-GL6Us2yn9xs9WG5rzpR0s8\r\nlast-modified: Fri, 20 Mar 2026 11:49:45 GMT\r\nx-goog-generation: 1774007385324525\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 1189\r\nx-goog-hash: crc32c=X0+BTQ==, md5=CBg5idm8UF6CIVuW0VgVEg==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\ncontent-encoding: br\r\ncontent-length: 676\r\ncache-control: public, max-age=31536000\r\nexpires: Wed, 24 Mar 2027 07:16:02 GMT\r\ndate: Tue, 24 Mar 2026 07:16:02 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":1189,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"data","md5":"08183989d9bc505e82215b96d1581512","sha1":"1c0eab7cbf49c114ba686578f1fc1e6a32fa68b4","sha256":"30f5c6a4e57eae1f47d3c20ddc27f78d616094e519d1ded2eea87106fe08b34e","sha512":"3ff2c6ed74f219c420e45447b522a7155ec27f869fbb273ba1a1406400192e596da71dc5e5ab60910c447eada553545a96a0d1dd57cf7c6c307a7cc57ee5b01b","ssdeep":"","tlshash":"602121d91dc3d430d33c48e902e5889e697c8ea4e1ee01e0d9946dc67f20960667fead","first_seen":"2026-03-19T10:33:28.754436Z","last_seen":"2026-04-07T10:47:46.110501Z","times_seen":1312,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/media/7ff6869a1704182a-s.p.woff2","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.800Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/media/7ff6869a1704182a-s.p.woff2 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dewanusa.rest/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 13724\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"359c-19d0b6cc914\"\r\ncontent-security-policy: frame-ancestors *;\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ch9YsZWlR0%2FL2xbVc0zkckRwEcm9gU8nmUv5NCrb9hu%2BA9ezfqP1HSH6mNBIWI97iN7PYBE%2BOWSczn3EGu3NX4%2BoKW2VRYTxmAHen0U%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9e13e33de87c49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13724,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 13724, version 1.0","md5":"cf5ec3859b05de1b9351ab934b937417","sha1":"97ffac24ea5fe5c47301f1be229699330ea93bf2","sha256":"bd9a6192274f8f2f3ce31cd3d2cae5ebe32e2fa86fc7c4f60a3c28556e496d56","sha512":"5894f155f390451c92d81b84262cca374b72fde2a0d395022bb863de9eeecd314b35bec0a662e140855522e086c5d969a058d19e3983de5b4bfbda47aaaddcfa","ssdeep":"384:u1cEYWFjUsSDmv62hM0qOUXkBB4WD9U8efQ:L6UWi2IkDjBtefQ","tlshash":"1c52cf101bc50ebb822285b3160a951e5c430da7f18ac9ddb48ddae8e8d72f7d010baf","first_seen":"2023-05-06T05:46:29Z","last_seen":"2026-06-13T08:36:32.700811Z","times_seen":2434,"resource_available":false,"data":null}},"time_used":1206,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":981,"receive":225,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/8072-1ddc1b284d6d60a7.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.830Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/chunks/8072-1ddc1b284d6d60a7.js HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"4649-19d0b6cc918\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3bRB6iN83%2BEnpQkABOb6eIQOc%2FjKANntR98ilyeIOUNge1bJ5TILBRRAarx7qWqCTAF4neusJndWHk0UdMX9kOsElxkMN1o0oV6fxv8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e33e189a49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17993,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (17993), with no line terminators","md5":"8133de88065b216fdfdb4e3175509c75","sha1":"70b27dc6ae9a0f55ac87124d5fd97f63ad193589","sha256":"3b370869240b5acf09b839c45c5e8ad31c3c83002ba9b286cfd8fcd49fcac1c6","sha512":"40284beb9bdd51997a07f3587a08bcfb7caaa887115f62af9b920bf23b77527f6b83ef01c0fc4f059516ba41e722fcff8d9ddd371e8a0db495c0674c0fe78795","ssdeep":"192:iX0ivH0XBALjitAYvRFbCSJjyjEgxNc/IN1LYCBargyR2LfTWNVx+WFQpsFZfZ9b:4NpMZ1JjbUNhN1LggyTnAWI09Z96t4","tlshash":"b18274edb1c6b072a39b20e9802f9109f37f28d1684e0551e274d6c63c7916a8273fbd","first_seen":"2026-03-23T15:44:44.531166Z","last_seen":"2026-03-26T08:43:48.702312Z","times_seen":5,"resource_available":true,"data":null}},"time_used":1036,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1036,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-B9DLSJH0MC","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"216.58.201.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.852Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 18:19:44 GMT","end":"Mon, 18 May 2026 18:19:43 GMT"},"fingerprint":{"sha1":"5D:21:36:26:B5:1D:67:14:0D:6A:68:D3:7C:EB:39:6E:A1:45:8C:29","sha256":"BC:A5:DD:5A:08:3A:33:49:76:BB:EB:18:9C:45:17:80:A1:3E:31:5F:BA:F9:93:28:C7:76:A0:97:FF:E9:3F:1C"}}},"request":{"raw":"GET /gtag/js?id=G-B9DLSJH0MC HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 24 Mar 2026 07:15:57 GMT\r\nexpires: Tue, 24 Mar 2026 07:15:57 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 154715\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":466283,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"59776ed365040a12f4ecf61db9e92b0f","sha1":"332368d0bb687178967cbf92360aae854ec56b30","sha256":"f3b70c15827f41ee2d5ba328da0568cc719515c8e6682f916da3971bf37dbecc","sha512":"720509664d5b423c83c7d6f0b0ea11e6e73b6edb1e1855a56ede217d61922973beda06ac033bd1467ef1b2a2b54fe6b1e9e652042cd5fc5fdd92a4e03309da17","ssdeep":"6144:Tm6jcY1jZaNycfjt8y+HeIjTv87dc+GZD81Nb3fgE9QUB46Qe27km7ov:T/jZaocfIHeIjj8zv6U92I","tlshash":"6fa4f9ceb3d674265396f478903f018ba57b28a2b45cc89af189cce02e7465a4177f7c","first_seen":"2026-03-24T07:16:35.118671Z","last_seen":"2026-03-24T07:16:35.118671Z","times_seen":1,"resource_available":true,"data":null}},"time_used":202,"timings":{"blocked":41,"dns":2,"connect":8,"send":0,"wait":30,"receive":30,"ssl":87},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fnewsa%2Fe2cb18be%2Fimages%2Fdefault%2Fbank-bank-mandiri-0pido290.png\u0026w=256\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:59.114Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fnewsa%2Fe2cb18be%2Fimages%2Fdefault%2Fbank-bank-mandiri-0pido290.png\u0026w=256\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 6098\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=60, must-revalidate\r\netag: nh2Nw06P6zoKZxe9oHOzSAEMH1UxrwSjXAVc0TwjdrM\r\ncontent-disposition: attachment; filename=\"bank-bank-mandiri-0pido290.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: STALE\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BKoBM%2FXH8Kt%2FFwurJEdmsqcRbtYBvCy5%2Fm%2Br4bp1DG0g1MKhQ8OENy8aRjaBFB4MNFHf4Gz2bUIgB834OtfE6SIOT7a%2F0IyLUU6deUE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e34659a749c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6098,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"285ff626a9b194b8ffc1cbe26fa5725a","sha1":"a512c5d128063e99917051e6b19cc8bf4baf850c","sha256":"9e1d8dc34e8feb3a0a6717bda073b348010c1f5531af04a35c055cd13c2376b3","sha512":"69676733bbcd91f024aab234e896dab695060da236c561650e7c2fc99a08c8ba982e63b96525a9705611ecaf133167520b145b84127ba45cba8e6e835d178e0d","ssdeep":"96:3Ua5TqpX9OtTzRYMWSJ60zkEQrfm4b1zj8X4j2FHZOu80E8i5EW2Op0vrXtFLoAb:EK29YHzOD/UOuPEfu+0vrTLofy","tlshash":"3bc1bf191886b694f1c5843f1fdb452f29852b1cff79de285bf8eb12a46d03a06170a8","first_seen":"2026-03-23T15:44:44.441232Z","last_seen":"2026-03-26T08:43:48.700728Z","times_seen":5,"resource_available":false,"data":null}},"time_used":403,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":402,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=%2Ficons%2Fedge.webp\u0026w=48\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:59.128Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=%2Ficons%2Fedge.webp\u0026w=48\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 852\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=60, must-revalidate\r\netag: UBpqtcwO3I6dz2LSvO-bVqxVbkASsZNBoo5GeM5S2zA\r\ncontent-disposition: attachment; filename=\"edge.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: STALE\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BNjuTRimeKFMSidY3W0B08MTrm%2FvpucYOZn2QMaIcf%2BzydR7ZrLjn4vc4yqCxd5sbATKALnnDqqALhY2L3HGUQfUH8RkJekhBcmewwM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e34669b749c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":852,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"f8d603740d4576ca42532a6ee3196ad9","sha1":"8701b3eb876b737f5da1b28bf08473a26c0a4968","sha256":"501a6ab5cc0edc8e9dcf62d2bcef9b56ac556e4012b19341a28e4678ce52db30","sha512":"b8577842c1fbdbfd022ff8b06bb2060a0178367c9f995348cedaf9a17f4d69f95d63b1447a80272f1d0cb4febe12e5789f9281692679042519609873f6c8d38a","ssdeep":"","tlshash":"40015228d9a05298ae2cd5f750b0a0adf4b2a08716ec135a506762bae0ced516135a99","first_seen":"2025-07-23T13:52:55.528295Z","last_seen":"2026-03-26T08:43:48.642256Z","times_seen":6,"resource_available":false,"data":null}},"time_used":307,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":307,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?x-region=us-south1\u0026license_id=17809494\u0026client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5\u0026url=https%3A%2F%2Fdewanusa.rest%2F\u0026channel_type=code\u0026origin=livechat\u0026implementation_type=manual_channels\u0026jsonp=__wmqoqdwwkda","fqdn":"api.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"2.22.225.83","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:01.031Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /v3.6/customer/action/get_dynamic_configuration?x-region=us-south1\u0026license_id=17809494\u0026client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5\u0026url=https%3A%2F%2Fdewanusa.rest%2F\u0026channel_type=code\u0026origin=livechat\u0026implementation_type=manual_channels\u0026jsonp=__wmqoqdwwkda HTTP/1.1\r\nHost: api.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-security-policy: frame-ancestors https://dewanusa.rest/;\r\ncontent-type: application/javascript; charset=UTF-8\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\nx-frame-options: allow-from https://dewanusa.rest/\r\ncontent-length: 385\r\ndate: Tue, 24 Mar 2026 07:16:01 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":385,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (385), with no line terminators","md5":"8879825286a68780e62ba6bc03525f8f","sha1":"a6996d99c5dbb145ea38cc0f0e4c805dbfdd2696","sha256":"2758cb99d2e6a637b7b067f21b727e93fd43e1abcc7b2d63e68837511395aa7d","sha512":"27dd42167ba4e42f8f2703108f300144b3db41d81d211265ff46e1a81313db9a77ec206a3ccc898c3cd9359a5021573cfb34ef20069c3a99dfce347c7512e7d9","ssdeep":"","tlshash":"73e06872ea05942486c5e3f18410aa01ad30129ea084b8bce56a0120620f7edab2491b","first_seen":"2026-03-24T07:16:35.121905Z","last_seen":"2026-03-24T07:16:35.121905Z","times_seen":1,"resource_available":true,"data":null}},"time_used":150,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":150,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2Fmga%2Fbreakawaydeluxe.png\u0026w=640\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:01.186Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2Fmga%2Fbreakawaydeluxe.png\u0026w=640\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:16:01 GMT\r\ncontent-type: image/webp\r\ncontent-length: 16938\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=1209600, must-revalidate\r\netag: a5rBZSwjGKaHPE6akQaFXjwwdGOhQEXR7wG17pHsH7Y\r\ncontent-disposition: attachment; filename=\"breakawaydeluxe.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gYea9iMlv%2F9FUkxIIvP0R9SR2v65GUfzFvnUwDD1FXlOdrJhFQV9eocdc809RW4%2FM4vKPS%2BKT8Co8%2F%2FtFj5HPFHx6Ahp%2FXMZWS%2B52bs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e3534b5d49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16938,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 300x200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"2c304a0d64a267e60a07d788c30cc7c7","sha1":"077762f1662597f99d0db03c4366f9dbafcf61a5","sha256":"6b9ac1652c2318a6873c4e9a9106855e3c307463a14045d1ef01b5ee91ec1fb6","sha512":"84fb977ed73f3418e5205d4fc63ed1768e146418bb20aed6f8056aee9dadcadf5eedb3aab065a4b3623dbad559f82b78fa63c41b81713a847e9ce0673001e307","ssdeep":"192:UEVIS62QuVtFWnkzvVwzPylG7tAO5x52sLG2NYE0jr1zBrwJuM0Nq5+oZ1lxZF5e:UWH62Dk2izoVA/Er1zCJupG1lX0A+zwy","tlshash":"ea72e234b69f56b7032652f902df24a73b4a25d94322711781c915bd9962dbcccfc80b","first_seen":"2025-07-08T04:46:21.909912Z","last_seen":"2026-03-24T07:16:47.167043Z","times_seen":7,"resource_available":false,"data":null}},"time_used":1023,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":587,"receive":436,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.livechatinc.com/v3.6/customer/action/get_localization?organization_id=b8f4f49c-d724-4914-a885-4e5a1e71f678\u0026version=4940c52ca0caf914a8b155bf4411bbe5_e962324dd193458bfabb5f293c0a24ba\u0026language=id\u0026x-region=us-south1\u0026group_id=0\u0026jsonp=__lc_localization","fqdn":"api.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"2.22.225.83","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:01.513Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /v3.6/customer/action/get_localization?organization_id=b8f4f49c-d724-4914-a885-4e5a1e71f678\u0026version=4940c52ca0caf914a8b155bf4411bbe5_e962324dd193458bfabb5f293c0a24ba\u0026language=id\u0026x-region=us-south1\u0026group_id=0\u0026jsonp=__lc_localization HTTP/1.1\r\nHost: api.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=600\r\nexpires: Tue, 24 Mar 2026 07:26:01 GMT\r\ndate: Tue, 24 Mar 2026 07:16:01 GMT\r\ncontent-length: 5071\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14603,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (14601), with no line terminators","md5":"a10e19f65a782b170b55df663effca14","sha1":"169df5fc084123d96dd1ec7f1f3bc10965ed2d0b","sha256":"e46a5c8d8fc101b485540b22483b4830257d649722006dc63f8eae05c6a2ef01","sha512":"531cfa9828df473b1587cac3aadf1184a50d1509f6156a4f13161b62c215a3370f54f65960d548ff22fcfa3dc0d3cedfdeefe610d2a365ead5746d43998e6d3c","ssdeep":"384:k8eODwsFJ9KlFZmERbo1DQCBuLdAeAk+BdNJ0L:52i4FAnHuJAY+AL","tlshash":"2a62e8540daa79aa0b2753d6f5db5e1e38ec3368ab401a2fdd984f3042847c1735ba3d","first_seen":"2026-03-23T15:44:44.499934Z","last_seen":"2026-03-26T08:43:48.764578Z","times_seen":5,"resource_available":true,"data":null}},"time_used":183,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":182,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/5635-634e7af486094013.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.815Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/chunks/5635-634e7af486094013.js HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"2309-19d0b6cc917\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bhxdacDH7az7VoeD474XfXnhJOibpIr9YgyF%2B%2Fvj5LWfIQ6jDDzlcjmxe4pLm%2BnXidp9lSMTKbXnoZipl3u2Msucae5E%2FI6Mn1pWjWQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e33e088b49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8969,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (8969), with no line terminators","md5":"1d7309f2b4a216402a2a3af3148b65fa","sha1":"04de0bd77f458970ea1785f713571e441155cf2c","sha256":"4803b1e8464e102e70b53de21e9c02a06eb99d446f8c4d3f9619f5e47f5c536d","sha512":"8f8128016b282173843523fe40262969dd604a36089ce230a3fd47ab4d5485010b0bf977578345ef8de8b6e06911b875905ada73d9d8ff2cb1169492762a58bc","ssdeep":"192:urep/cZpmoOwhWKSv8hcXS4meDEagFaBij3W5wFfK1JN:urXI78hcXS4mQaF8wW5wFf+N","tlshash":"3802e7d471d2f470bba79160d03f406db21c28541a8cadbcf3a3dcf429a05ead222b69","first_seen":"2026-03-23T15:44:44.530202Z","last_seen":"2026-03-26T08:43:48.694066Z","times_seen":5,"resource_available":true,"data":null}},"time_used":927,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":927,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fnewsa%2Fe2cb18be%2Fimages%2Fdefault%2Ftelecom-xl---axis-r0i4m81e.png\u0026w=256\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:59.121Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fnewsa%2Fe2cb18be%2Fimages%2Fdefault%2Ftelecom-xl---axis-r0i4m81e.png\u0026w=256\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 6020\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=60, must-revalidate\r\netag: TO1txLza2v0pF8ds12YGi9C9ko70EmWKcOgpZLJ4LBg\r\ncontent-disposition: attachment; filename=\"telecom-xl---axis-r0i4m81e.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: STALE\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uG7cYxcVwyeJLi6tFQ8iXYrCboJ4jCIVVfaYk2l1vK2v1KR8UeU%2BEVjxIKrXBTuuv431SQwusvG55jZe4dlXhLzUN0Rlrh39JQvgRN4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e34659af49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6020,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"32f9ff05402f6895fe92da7be38aa8c3","sha1":"b14f91a379e1bd581594dc4025ced26e49d0a611","sha256":"4ced6dc4bcdadafd2917c76cd766068bd0bd928ef412658a70e82964b2782c18","sha512":"63950f89cb6701431497b5f041c994d4d4dda49edb682e330ccf4d2899e33678f9c1d88127836df61324693fb301d199f83488fad455dec13dfd22bbca0e8d90","ssdeep":"96:sBEUi4S6JRIo7wZrzpLICgK7CQhDZtD3dyALQ1Nrw692TpWpoR/trTtwJRR2iNkZ:sWUi4v7Yzb5GQDZtD3dbLmD92TpWGTRd","tlshash":"22c18d03966028a6186dd70b1d1419cbc21885dbd10a536afffe807b6d6fbdc009af4e","first_seen":"2026-03-23T15:44:44.478823Z","last_seen":"2026-03-26T08:43:48.687742Z","times_seen":5,"resource_available":false,"data":null}},"time_used":435,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":397,"receive":38,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fimages%2Fui%2Fproviders%2Flogo%2Fpp.webp\u0026w=256\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:59.129Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fimages%2Fui%2Fproviders%2Flogo%2Fpp.webp\u0026w=256\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1876\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=60, must-revalidate\r\netag: vTMPeyLx1f_AecgVpEcG53LRWAZju4iEzpQRvTWRjdk\r\ncontent-disposition: attachment; filename=\"pp.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: STALE\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=a5OHtqBzGomaXuNtDF3XCymyLoTburCKEWsreMEnu7ZvytSN7MGdG34jP8QJFYfo4wpbKr%2FRQpKLuVJhmMjfKg8JWgP4cFOl0gF9MqQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e34669b849c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1876,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"b495205bc7423f834b2b6bf853d52e5d","sha1":"a08fc379bdbb07e677cf7219ecde50ea098b9e6a","sha256":"bd330f7b22f1d5ffc079c815a44706e772d1580663bb8884ce9411bd35918dd9","sha512":"51da307d3a68445c140f77cc1c1372adfebb63e17b82f9b6c6b76b43017981edf5cad356990955a71548d0f72a897e6fe2448cbc5f243e06077a2ec9e18bdc3d","ssdeep":"","tlshash":"76311b2cd9948937bb505b9518d8119dc61692ce29df853e910437e0ae882b8eea37a4","first_seen":"2025-07-23T13:52:55.505183Z","last_seen":"2026-03-26T08:43:48.675506Z","times_seen":6,"resource_available":false,"data":null}},"time_used":254,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":254,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/1.CCzcvYl-.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=17809494\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=b8f4f49c-d724-4914-a885-4e5a1e71f678\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2026-03-24T07:16:02.080Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/1.CCzcvYl-.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AGQBYWwHbMmkQuVyvd6ht4mPBJo2BtqtVoZ4byjkgIh-FtQLs0gg62r3VwMQ9Vf0D0m2duqqWHWC1A\r\nx-goog-generation: 1774007385285458\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 55443\r\nx-goog-hash: crc32c=NOoE+w==, md5=44l79bbPhGoVpH+2vxMIng==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\ncontent-encoding: br\r\ncontent-length: 20007\r\nlast-modified: Fri, 20 Mar 2026 11:49:45 GMT\r\ncache-control: public, max-age=31536000\r\nexpires: Wed, 24 Mar 2027 07:16:02 GMT\r\ndate: Tue, 24 Mar 2026 07:16:02 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":55443,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (37855)","md5":"e3897bf5b6cf846a15a47fb6bf13089e","sha1":"f08e34f980dc8677948f7306bd1fd6cefb907bb8","sha256":"0600b0e00c69c6400774404bcdd90b535f434713aca3c815c051cda8b77e50c3","sha512":"6b53d096db4db441ff016916cc829b6ba5a4cc8097cb2d818411d1278d2aa7d96156085cc3c1c04dda6d0ea041bd16ae6908120c99c632f78ac8f33e1f8b9b53","ssdeep":"1536:EOW45ZFdvjhCQgPVA2vtIFSGurXS3qNFJ0WW:pjv7hgq2OSGSXS6Ngh","tlshash":"f7434ddef14174315be355f2a06f9006b73a2a2c385cc0b0f629dd9925de44ba227f6d","first_seen":"2026-03-20T13:10:16.647118Z","last_seen":"2026-03-24T07:16:47.243606Z","times_seen":225,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/6.CmDDbhqB.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=17809494\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=b8f4f49c-d724-4914-a885-4e5a1e71f678\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2026-03-24T07:16:02.102Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/6.CmDDbhqB.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AGQBYWyaHCsD2Pz4QcFoK3R2XL2zvVbq3gbRNVm3VsA8wpwHOIGqRAUE3YNJ4b_W2avgJJzw6LMeQTU\r\nlast-modified: Fri, 20 Mar 2026 11:49:45 GMT\r\nx-goog-generation: 1774007385432191\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 138079\r\nx-goog-hash: crc32c=Z9KKRw==, md5=w7xjh1rzXmQZ6/SZDpoSkQ==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\ncontent-encoding: br\r\ncontent-length: 43513\r\ncache-control: public, max-age=31536000\r\nexpires: Wed, 24 Mar 2027 07:16:02 GMT\r\ndate: Tue, 24 Mar 2026 07:16:02 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":138079,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (48378)","md5":"c3bc63875af35e6419ebf4990e9a1291","sha1":"0e0b7d2dd95abd8f282c722fe3fa4c4c90a275da","sha256":"a9162f8842f5d0b7554ee148f946446e6acbadcb40a2f232c828681a9685582a","sha512":"db8e5b7f70baab09bbd380fc701424bb71a75dd65599fa995333474df2ea5d69baa52da9e4ea25b04c02ca63b6ce80ba5e7467a99c8534719ccfcd45a23cffac","ssdeep":"1536:VgZQ8kK8O9hbCvSPT/FyXb+BzpHxQwXzmyU9zP+M3jYPuCoOTAjyp5pmLWqVWM:VgK8kKB9hbCWBswEwDm93j+tUWbAWqVP","tlshash":"d9d3f9e83951f9626bf312a710af5807b33c192b280c4950a211fdddb9b845eb17bf9d","first_seen":"2026-03-18T09:33:42.057685Z","last_seen":"2026-04-07T10:47:46.058674Z","times_seen":1367,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/19.CmqAOXBd.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=17809494\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=b8f4f49c-d724-4914-a885-4e5a1e71f678\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2026-03-24T07:16:14.059Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/19.CmqAOXBd.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AGQBYWz4SDROGeBnf-gUknAJy88cUfJXfDKFT1B1icVP_xy7_WQelF3m9rtVd8yR0e0N_hM-6KZRQmA\r\nlast-modified: Fri, 20 Mar 2026 11:49:45 GMT\r\nx-goog-generation: 1774007385344426\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 170974\r\nx-goog-hash: crc32c=tNxtUg==, md5=lGRsO0k9o0KkVZwIp9V8CA==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\ncontent-encoding: br\r\ncontent-length: 49362\r\ncache-control: public, max-age=31536000\r\nexpires: Wed, 24 Mar 2027 07:16:14 GMT\r\ndate: Tue, 24 Mar 2026 07:16:14 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":170974,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (65487), with no line terminators","md5":"94646c3b493da342a4559c08a7d57c08","sha1":"c56d10f3fd8f619136ce94a4566cede8b77e6600","sha256":"4a4a80749665cd9223fbae945b708f81eec6bd7abac80c653651868bfb5530e4","sha512":"f7922e344997ea9cdfe4f8268acd7031e143d2941090c5e0e21ba59ab7003f83f565e08f04fff2b0eef31253327a7413bb46e9d13253a50758a5d60b33065463","ssdeep":"3072:zazYGdShfUE2W852wucPNPJS5ZKcDArf+fiGmD5rSEz/XC97XyXFfX6djpGoZXY:zZGdShfUE2W85rrPxJcDArfQiGmD5r93","tlshash":"6df31ae07352ba2cdbe7c1d9e1a63504f33cae45b82b0756f1af6c1e3094a846171fa5","first_seen":"2026-03-21T09:26:08.649052Z","last_seen":"2026-03-24T07:16:47.257501Z","times_seen":33,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":3,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/934-a7039514578e6f7a.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.820Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/chunks/934-a7039514578e6f7a.js HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"1fb1-19d0b6cc917\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=s%2F6lGIpdADMexl5Tl6DgMWLS1YOyh4Fsh5qgmUw29S6JnbwHIh0ex3j%2Bul93dKvz5IBfaPPujzOFJSAT3HQMt3Ut7tfR8F7SOkmmFBY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e33e088d49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8113,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (8113), with no line terminators","md5":"d579e34f0dd9aa8a5ea228b3e0150a93","sha1":"155184d5f39552a5e161a542d5cbfce0be74a51e","sha256":"631b5894eecddfa397aa192ab4f051c69a36369115b10b1ec56f14af38e5fb1e","sha512":"a23df9fc8a78db6e2865ec8e64a65be8bbd6481cabe42eae18dec5678f184360c6abe2061f311e20b665dbe0352fb8bff82f5d554205327e6d2a491730e355f5","ssdeep":"96:dq0BbZ6O7yCtR8hXsE4C7RRmMKIyNHI/bSI1Mqz81fuyV4tNv9fA2Xh2KoZZKQQH:nljxosVCjKIpTSgXafVV43atZZjLdJ1C","tlshash":"6ff196e1f792a465ad6bc2c9e5db8804f6390a0416250e34f173189432886daff53fb9","first_seen":"2026-03-23T15:44:44.527593Z","last_seen":"2026-03-26T08:43:48.709558Z","times_seen":5,"resource_available":true,"data":null}},"time_used":955,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":955,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fnewsa%2Fe2cb18be%2Fimages%2Fbanners%2Fhome%2Fdesktop%2F2025%2F11%2Fclaim-bonus-harian-setiap-hari-tanpa-batas-pr1dteyt.jpg\u0026w=1920\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:58.005Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fnewsa%2Fe2cb18be%2Fimages%2Fbanners%2Fhome%2Fdesktop%2F2025%2F11%2Fclaim-bonus-harian-setiap-hari-tanpa-batas-pr1dteyt.jpg\u0026w=1920\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: image/webp\r\ncontent-length: 154458\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=60, must-revalidate\r\netag: ncmIpVPB0hr90SuhK4mR-AEuwrjsx6-Il_v98VE2XtQ\r\ncontent-disposition: attachment; filename=\"claim-bonus-harian-setiap-hari-tanpa-batas-pr1dteyt.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: STALE\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oWj%2BDjLvheJe04AtligAtNJ8YYQufuaqJMZsEb8yWUq5mm6yk3VEjGoIBZqHgAbNtPK%2BZ27cXCuPjHpWDIqVJEyhcXEXEPz1%2BU3f6C8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e33f88dc49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":154458,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1900x600, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"60167b23efd6173c201d168e8b0de430","sha1":"be89959b5f2c8fd8ee693f7e0da486bd8ebb94b8","sha256":"9dc988a553c1d21afdd12ba12b8991f8012ec2b8ecc7af8897fbfdf151365ed4","sha512":"3a70c8cea1a12b96d00bf4232371abde097efbebab629e1bd619374380ed4fef0510b3529de5050fabbf8774bc8e422cf50e9e87f9dd589ddde82a6cd0c37d68","ssdeep":"3072:kofhlR6pYUzpgUU3GZ12xY4jWYIOmsC5x9pu73KcKU5Ot8uFP:kofjs+Z3GZDE2OvC7Xu73K7BXFP","tlshash":"dee3126ef777021ac581c0b333eb72144b68867b8b338dd72095f0eba5973a4a43492d","first_seen":"2026-03-23T16:13:32.374662Z","last_seen":"2026-03-24T07:16:47.185522Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1737,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":877,"receive":860,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fimages%2Fui%2Fproviders%2Flogo%2Fbng.webp\u0026w=256\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:59.133Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fimages%2Fui%2Fproviders%2Flogo%2Fbng.webp\u0026w=256\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 4558\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=60, must-revalidate\r\netag: WCGHsTtAcswO7YROkP3SBZ6ZlzJ28tlEZMPw13nALQM\r\ncontent-disposition: attachment; filename=\"bng.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: STALE\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yoDjMH%2B3GAwwoRTk2jWgzNtzobXfsFPEHTYKcQVWzsZcrOu9Gp0wZqxTdpWZzaUCboF1ILjkLP9w%2Bxd9%2Bc6Lq%2B7nCupzORKmitNGRS4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e34669bd49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4558,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d1962e62cd3289176db750b42df39fad","sha1":"649607c21bd6415a760a5dd6b82b70b6f1aa88e1","sha256":"582187b13b4072cc0eed844e90fdd2059e99973276f2d94464c3f0d779c02d03","sha512":"de0670070d22e1ed8fbb0f248ac3ff5579ac6094d32110331570c4dcc17be794052d4e9dd4bf29d3f68f8a980024697822b8341fb812b6d43f3b067864cfec66","ssdeep":"96:Tfwku81/pgcddLDiRQz2G82hlZd9GLhQFMX9IvW/W5fi:jTjgsdSWl8WEQFM4","tlshash":"b7917dcd4d98dc2c6dd8e9e4720119429de744595f36400bd59cacbd1b3ef7629bc281","first_seen":"2025-07-23T13:52:55.384517Z","last_seen":"2026-03-26T08:43:48.717982Z","times_seen":6,"resource_available":false,"data":null}},"time_used":425,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":387,"receive":38,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2Fmga%2F10000wishes.png\u0026w=640\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:01.193Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2Fmga%2F10000wishes.png\u0026w=640\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:16:01 GMT\r\ncontent-type: image/webp\r\ncontent-length: 9280\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=1209600, must-revalidate\r\netag: qIrt23q11oFgVHFALRYzxFqYuOzvdoQFL4SHhGIqHGw\r\ncontent-disposition: attachment; filename=\"10000wishes.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=weMclkKZtdrAswZUei97E5AGOMiSrCq0lKcBr6jxeCr2aqJzwgPogxz4BBQs7YdfB3j5nrv3zxrlYFoF9EDqptUjmcRjZBvl1DtxKDc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e3534b6049c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9280,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 300x200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"7fd42ef082c163b9582a19c56a39a151","sha1":"af98d8d4adbbbc8d27d37cdb2e6bed5ef7f94cf4","sha256":"a88aeddb7ab5d681605471402d1633c45a98b8ecef7684052f848784622a1c6c","sha512":"782ff738da237b0788c94f67d53dbcec0e6cd197215b5054fae3d2e3769760f5f58130e507eaecba771e9623c59dd1de58a0906626b508ebf96157394794eb7f","ssdeep":"192:O15D17sUfpzGkGOEwA3o/Oxt+fSrGcRNzJBIsqBoLzTjZRCgwQvg:CJpzLGOq4/Oxt+SNuMTqIg","tlshash":"af12af85440178f6de271f7fb270b52d628db3756294e0daae631a1ee8e4ef4113c92c","first_seen":"2025-07-08T04:46:21.888499Z","last_seen":"2026-03-24T07:16:47.21549Z","times_seen":7,"resource_available":false,"data":null}},"time_used":1017,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":583,"receive":434,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/promotion?_rsc=3lb4g","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:01.316Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /promotion?_rsc=3lb4g HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dewanusa.rest/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:16:02 GMT\r\ncontent-type: text/x-component\r\nserver: cloudflare\r\nx-current-path: /promotion\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NM07eT4ghaC8Ut84MQJLYYEHbiYxzBqvfjmqXyjbRVdCeWxO5iFqcRfmPXpJp7viQK53a13aBxHQUhsDYSTqTgQt03K6xe%2F96uIlbLk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e3543b8049c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":138,"size_decoded":0,"mime_type":"text/x-component","magic":"ASCII text","md5":"683446884f14bc23295f3d0117ac49a6","sha1":"08a3e28862d3378c2f1351a5e807b9a78acf7a8a","sha256":"db13bc5d6b80a7e931dbc72b5222eb056b83cda1004efeb1731b6548b48b2d3f","sha512":"87ef356f61104112ffecf3743d7565eee0f5a101ffef6ce46c88e0614e2b826bfe39d8e2dbd27951d88c7e569f7c32a95c5539cb9b6c5c711d50d271cf32e777","ssdeep":"","tlshash":"7dc08c22844029f98c661291101dc78f2a2f0207b0d834f850924900a3b713110034e8","first_seen":"2026-03-23T15:44:44.455299Z","last_seen":"2026-03-26T08:43:48.705713Z","times_seen":5,"resource_available":false,"data":null}},"time_used":872,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":868,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/media/b8f580e68a5b7ff9-s.p.woff2","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.802Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/media/b8f580e68a5b7ff9-s.p.woff2 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dewanusa.rest/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 15252\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"3b94-19d0b6cc915\"\r\ncontent-security-policy: frame-ancestors *;\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Tjq7BkmvFrLU4JLD%2Fvci%2BDaS3S4wze03HCmxKoVGpw6y3fXNfLDhjmmAsALwtYxQtSQEA5LVCMFuhbHHmrOkygwr57y%2BBS5uJ3eUU0Q%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9e13e33df87e49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15252,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15252, version 1.0","md5":"f7424a6dd4c2ebb7107163cc6f56f89d","sha1":"c24ea81327d81b67001a592fe00c1c42478cac22","sha256":"2d8a5ea8a21f2776d444e5835930ea043b2c886da6cda9e5369b669d35e16607","sha512":"7ddea9bd6b2d0cc01513013e1a495eafac51371bb7391eead4518fee43f2c9136479c52f58eb7e9d15f4cb0306fb77967249750bcb4d766e0fe7d0627265050b","ssdeep":"192:0+qxZaBatEaZiOnx7enB6v/uQKIy6P6a1UDDLmfxptGUrfUxchSjMTU3:J56VP7qB6Z+HLmfxpgUjUxz","tlshash":"df62d1bd63c0d0a7fa7d967cb58c20c355315baed83b43c1aa6a8829819ebf244c5984","first_seen":"2025-06-16T21:10:16.935162Z","last_seen":"2026-03-24T07:16:47.147995Z","times_seen":16,"resource_available":false,"data":null}},"time_used":1111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":904,"receive":207,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/app/page-b2cb7dcd397e9a12.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.841Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/chunks/app/page-b2cb7dcd397e9a12.js HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"5c12-19d0b6cc916\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hS8%2FLNE9fWRI%2FZykIbIfrUmqh7ucQaYVmDSVDpCnTlDvWMFzzXx784Dl27HtdG9caELQ%2BakCSuDmTZyS%2FSr%2Fox2HYWj1MIvmWTKP058%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e33e28a149c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":23570,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (23570), with no line terminators","md5":"2acc9d0ad104b485223c51b5c9126382","sha1":"48e5e5946780b98ad9d37edd4d5f41858f82e12a","sha256":"aedebeecbb374df05cfb8a38c26a9359c43e8c32892ebfe87e3bc26aa74e6d28","sha512":"3d79031631699a10c5484510a853198d2d9d0f29dddf6c47f98815b44d3b7e122ed6392b8b3324e4030dd398ff0b752801c4f51be1b28f97c892c0dc411df457","ssdeep":"384:DEnmeNmt535CYUeuubW6t2TP7Lc6aViaV7nRll+AHqUg44AuE6y8yJQLhiuA0ZCK:HLnXW2sP7w6aViaVfqNqcyJQLhiuRZCK","tlshash":"89b2c8b8abd9fd48a8778ddce097840d624f4c2c833f5a6cb3955c4912d5ac47123bad","first_seen":"2026-03-23T15:44:44.461093Z","last_seen":"2026-03-26T08:43:48.808582Z","times_seen":5,"resource_available":true,"data":null}},"time_used":855,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":854,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/app/error-7a82f2ef8d29ec42.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.850Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/chunks/app/error-7a82f2ef8d29ec42.js HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"439-19d0b6cc915\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vLKVh58hEPbE%2BlRNJRX%2Ft9JK7puLkREYmWFxwWuurJru8IbEys3pyfVhJOq4ypT3xqaS2MJ4oghv9i%2FqkiiSm5s0UyWO22IJdCPUBN8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e33e38ad49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1081,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1081), with no line terminators","md5":"1fa113a0d59cc37823cbd298803ef7de","sha1":"75137b033027726e63d9e6f23008da2a196c23c6","sha256":"f5718e61ffab4ea80b96f11fb4650f15a20955da7cde323d6f2ea0d8c6d8bf25","sha512":"e6990bb57cc2646013fee52b5adc0224554a204bb6e9ded1a5b8b76c2e67f453707b759544cecbe08f8aa275bd25ba00d69cdac04374666c02cc9e41ebfb8539","ssdeep":"","tlshash":"571120697184bc98786708ec583bd41cb1570c3c027daa7c7ad79d1c01d84c0f1637c8","first_seen":"2026-03-23T15:44:44.414508Z","last_seen":"2026-03-26T08:43:48.686756Z","times_seen":5,"resource_available":true,"data":null}},"time_used":914,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":914,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/8.qaAu5sBM.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=17809494\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=b8f4f49c-d724-4914-a885-4e5a1e71f678\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2026-03-24T07:16:02.111Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/8.qaAu5sBM.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AGQBYWwgYecx2ym_Hy0K4iDfMhcb5SWe3mPH7XsVYJEGQw4HixvV5xgFSIj0s50MV34m7lTXuPv9aqY\r\nlast-modified: Fri, 20 Mar 2026 11:49:45 GMT\r\nx-goog-generation: 1774007385321191\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 7870\r\nx-goog-hash: crc32c=+M3fxw==, md5=JVOVRU9h55xDLJCLGwjwLA==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\ncontent-encoding: br\r\ncontent-length: 2996\r\ncache-control: public, max-age=31536000\r\nexpires: Wed, 24 Mar 2027 07:16:02 GMT\r\ndate: Tue, 24 Mar 2026 07:16:02 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":7870,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (7869)","md5":"255395454f61e79c432c908b1b08f02c","sha1":"42781fc9b0ddec9e5955addc220eed0109a416d5","sha256":"42b40b6c26a69e783cf4549c74313d7f1d5a891cc56d626aa60104293359c913","sha512":"50f1ff0866f5a5e119b1fffb727638aa1efa97ab58b3300755fb299a0817f993b6f4f568bddd233770b612a73e16180cd736fa07faa8d189146b5e31891e066e","ssdeep":"192:hbZtPuLpcfXjyJzCgvNtURXJmrkZYfnwS1flhXX1WXzqdByyYYfktwIaQ4oD:5ZtbjyJDvNtURXJM1ph1XdByy38twDY","tlshash":"92f10abff741e4b0e3eb48e19a190113aa3a1754755d8070f62c8d14a15aac4b277ffb","first_seen":"2026-03-19T10:33:28.672131Z","last_seen":"2026-03-24T07:16:47.214047Z","times_seen":265,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/main-app-b61413a84bc595d1.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.813Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/chunks/main-app-b61413a84bc595d1.js HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding, Accept-Encoding\r\ncache-control: public, max-age=31536000, immutable\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"23c-19d0b6cc915\"\r\ncontent-security-policy: frame-ancestors *;\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sCEPnj6BGDTOzcAj9DkmMbyN%2FPI0DhVAqVlquF5ptmkKiFrCYq8M%2BIr6xe2%2FJ%2BkEqGEQKsHtx1ubasnmWh1I2Doow9La2VZUjcytGhQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e33df88649c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":572,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (572), with no line terminators","md5":"873a366407cddd9410a06f6bc85f65b8","sha1":"1845118bd7f0a9cf92be879a0d5e64d9a0cb98a1","sha256":"74a13df85e93d18fa1a8ca01360d7a6affc5eae57b04d001da47045f6e2a8eb4","sha512":"a56c1673ed347c16b216aa36a054ec91610141f4af548929ef85f69a1750b0b4145c2392f0dd9acbbaa3bf8d97186614ef2436b6ab6c08d2940e1a2819f9d238","ssdeep":"","tlshash":"a4f0fb9a4f1cf52f5d26ad75fe97ace2285f5275202b4e606901de713c23bacd270414","first_seen":"2026-03-23T15:44:44.493231Z","last_seen":"2026-03-26T08:43:48.789753Z","times_seen":5,"resource_available":true,"data":null}},"time_used":906,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":906,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/2619-04bc32f026a0d946.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.824Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/chunks/2619-04bc32f026a0d946.js HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"2174-19d0b6cc918\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Hl9PHKLqB34AfHQaDh%2Bx%2BWkVxTBXOlZIJseaQue8TNz1ep7zfcnfCA7eQDSAO%2BpPlcSC4sZkHqKpX%2FHGIcD2199trQdxLm%2BFw6%2FBTAc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e33e089249c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8564,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (8564), with no line terminators","md5":"3c358925a71873c489c9acf268fcec12","sha1":"920c46adfeeefb53491083e8f0167ff485bb5c0e","sha256":"a9b6c2213ea787a015c0169d198b4a90d7a44a0cc17abb0d132e8362d3016ced","sha512":"4642c5b3998c2ed71d006501a710a64b8c58ce5310963dd3ece3f4b4010e8ffef9df1364e33cb575869705f78893217bcdabeec60f947afd64fcac6a60339892","ssdeep":"192:w2cihbWekOYxxURMeobT9jZHYOHC0dwMcGW/j:RxUGMFvjimwMcGWb","tlshash":"0b02c8e675e1f8e2836b0190443b100bf37e1db5181e9184e3a95ce6f9b046dd1b2faa","first_seen":"2025-09-10T05:14:21.968653Z","last_seen":"2026-06-13T13:53:37.035482Z","times_seen":2748,"resource_available":true,"data":null}},"time_used":1196,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1196,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fnewsa%2Fe2cb18be%2Fimages%2Fdefault%2Fe-wallet-ovo-vs5lg2kf.jpg\u0026w=256\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:59.118Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fnewsa%2Fe2cb18be%2Fimages%2Fdefault%2Fe-wallet-ovo-vs5lg2kf.jpg\u0026w=256\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1986\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=60, must-revalidate\r\netag: XHJCq73mF9xfUg04ajc6EK3l8hE0wZf6AJX2e8HajuQ\r\ncontent-disposition: attachment; filename=\"e-wallet-ovo-vs5lg2kf.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: STALE\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=M%2BKHvNMmaMjk0895BHofh1OnCLBKx%2FA00coK1zeyOw9h%2FwGp3WSWl9QNQcqzVZy6%2FXt2aul%2F%2B%2Bl3hIllDL02KU84HdvhQTcYnaAH0wU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e34659ad49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1986,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 256x256, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"9e7fdfac58d9a5e06ad296883f031f96","sha1":"f820512ca0da782b21a8b69b94db35ea424131e6","sha256":"5c7242abbde617dc5f520d386a373a10ade5f21134c197fa0095f67bc1da8ee4","sha512":"b71cd7eca815d85e9c4643fd9c61d833476106a5e420635ee14f99e89e53f3a1a702abd7dec81c1d9a1c092221347de15f09ce689d42531babef886fb546dd29","ssdeep":"","tlshash":"c6410ab7f673c533c15c5e758d6643402f81f6c96868e4076ea036b5916eed23183a88","first_seen":"2026-03-23T15:44:44.45417Z","last_seen":"2026-03-26T08:43:48.712206Z","times_seen":5,"resource_available":false,"data":null}},"time_used":434,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":434,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fimages%2Fui%2Fproviders%2Flogo%2Frt.webp\u0026w=256\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:59.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fimages%2Fui%2Fproviders%2Flogo%2Frt.webp\u0026w=256\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 9664\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=60, must-revalidate\r\netag: XKUFIh66AoJC4zXk9rz2XVxp0Bete_M_QD1xLoGNSeQ\r\ncontent-disposition: attachment; filename=\"rt.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: STALE\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=P2LKVoQRJNK0symZCA43Wjmu2si2ukTa9DSykV8xWrw2pUAECxIWODilpf7Xip9Aaqa6uds6Pv3eWjUT1FWJJ6Y2i2iY4etb%2BE23E%2Fw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e346a9c549c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9664,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"3440af5efd7e6ff633e459451cc101d9","sha1":"c0accb169d32af3334a52b0c42be8a2270c6398c","sha256":"5ca505221eba028242e335e4f6bcf65d5c69d017ad7bf33f403d712e818d49e4","sha512":"a7454b16badd3d697cc8580300835f6c3db71796b89aeef9dc22197d16fea0599bba59a131448aa2d186d48b33bbedcd11dace531147738a928f1e8533016d11","ssdeep":"192:S1dc0V4NOD20Lh49rrBJiG0nm1FUv2ieGvSlS:STlpDlO9re3v2RS","tlshash":"5c12af49bfcb39dcae43453d73df8388586d2b191d8726572f5a00d6ce86482d35e1b4","first_seen":"2025-07-23T13:52:55.529787Z","last_seen":"2026-03-24T07:16:47.237144Z","times_seen":4,"resource_available":false,"data":null}},"time_used":258,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":257,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fimages%2Fui%2Fproviders%2Flogo%2Foaks.webp\u0026w=256\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:59.159Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fimages%2Fui%2Fproviders%2Flogo%2Foaks.webp\u0026w=256\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 4846\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=60, must-revalidate\r\netag: HhFelGlcbcA89AZ4klIrMIHl9zkaQHKBB6SEX9be3l8\r\ncontent-disposition: attachment; filename=\"oaks.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: STALE\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=x6Qjv3q5j%2FOznOUMD6GCHKADJE1ZFzSQO9%2F2v69LWH%2FOVCFdVUImH9l%2BQ2ivrY46axXZfuFqogX8WbA7rsNlioIZIPsJTz%2BOFAIJGCw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e346b9cb49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4846,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"4c28c1c02e5fb7dce041be70d4624157","sha1":"3acad64d728a86351eb4269f784dab24af189013","sha256":"1e115e94695c6dc03cf4067892522b3081e5f7391a40728107a4845fd6dede5f","sha512":"96af2a7e4539a064fedb662711f6c3790e998a903f80ac5fd6348da7becba27f89859732ba39abe6f739e2f4c623a19c6949cefd17c6e838b96b74b1a1949769","ssdeep":"96:a0eAgJsVmycxV9mI7jiP5DM1p50nkMZ5cx1ppY:ahJsVmhoqji6lqk51","tlshash":"cba15c5d96b80383d793e2a048259d1c2c9b3861087d9d433afb3c7e94e2ded204acd0","first_seen":"2025-07-23T13:52:55.31543Z","last_seen":"2026-03-24T07:16:47.195419Z","times_seen":4,"resource_available":false,"data":null}},"time_used":375,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":375,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"accounts.livechatinc.com/v2/customer/token","fqdn":"accounts.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"2.22.225.83","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=17809494\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=b8f4f49c-d724-4914-a885-4e5a1e71f678\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2026-03-24T07:16:02.346Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"POST /v2/customer/token HTTP/1.1\r\nHost: accounts.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 225\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.livechatinc.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":225,"data":"{\"response_type\":\"token\",\"grant_type\":\"cookie\",\"client_id\":\"c5e4f61e1a6c3b1521b541bc5c5a2ac5\",\"organization_id\":\"b8f4f49c-d724-4914-a885-4e5a1e71f678\",\"redirect_uri\":\"https://secure.livechatinc.com/customer/action/open_chat\"}"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://secure.livechatinc.com\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\ncontent-type: application/json\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\npragma: no-cache\r\ncontent-length: 201\r\ndate: Tue, 24 Mar 2026 07:16:02 GMT\r\nset-cookie: __lc_cid=8349bfd8-4d07-4d90-8210-45b279661365; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Fri, 24 Mar 2028 07:16:02 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None; Partitioned\n__lc_cst=f960e628f88cba73dfa51d233206f6073282a55e7ae1cf780736f491ed8970ef477565cdeb29c2b8b60e485b03be76d41571e21d79905e13259dfb047b3b; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Fri, 24 Mar 2028 07:16:02 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None; Partitioned\n__lc_cid=8349bfd8-4d07-4d90-8210-45b279661365; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Fri, 24 Mar 2028 07:16:02 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None; Partitioned\n__lc_cst=f960e628f88cba73dfa51d233206f6073282a55e7ae1cf780736f491ed8970ef477565cdeb29c2b8b60e485b03be76d41571e21d79905e13259dfb047b3b; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Fri, 24 Mar 2028 07:16:02 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None; Partitioned\n__oauth_redirect_detector=counter=1\u0026t=1774336592\u0026tag=5158ce1351f1d68651da33b44bb3906b83e7511e; Path=/; Expires=Tue, 24 Mar 2026 07:16:32 GMT; HttpOnly; Secure; SameSite=None\r\nstrict-transport-security: max-age=86400 ; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":201,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"1925b4192de6214969f3277e34d88e8c","sha1":"690f1c2a709096e7881bd47598330e234df30178","sha256":"43776d543897743f35a66eb5603fc15101b0edf8ad15ef18dcec27718ee90fb2","sha512":"6a913567bc3a03659f51899bf2bb99600fff0448c45453441d97f61c8558a47864455f5024d2516da09a7fd1aabe6b0af6053e7f8894775652f95ab4593df373","ssdeep":"","tlshash":"1ad022da4e837cabc6c41a5394000a026c023054c18c08fdc1fad01d2b08e32230faa6","first_seen":"2026-03-24T07:16:35.150915Z","last_seen":"2026-03-24T07:16:35.150915Z","times_seen":1,"resource_available":false,"data":null}},"time_used":183,"timings":{"blocked":39,"dns":0,"connect":0,"send":0,"wait":143,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/8548-dcb26dca6b83bdbc.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.843Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/chunks/8548-dcb26dca6b83bdbc.js HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"28f4-19d0b6cc918\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LhRiITZfl1qu76cY6k0wrWri4FWc33%2FSGWwR21QZd%2FjEldhbLJXW9XD2X5cvw%2FXDNx7hP8%2BuGR2W4A4TDAD9r%2FAgXn%2B5Gdt%2BJWLivW4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e33e28a349c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10484,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (10484), with no line terminators","md5":"4533f2f5c172d95fd90bb5b6a7d1d1b5","sha1":"3beac665fe87c54301f286b9f645b5b4f81c22ac","sha256":"134271ad0b9fb6a7119793018ad7d4bcd7e87e8c413986f4bc3af0ebd5d5bc9d","sha512":"994404b82dfc71f7e6f7fbdb37c635257e691c142c22856395caefe83c5eba717e1e70aa6929e730a1e99e79611d00afdee4b4a83cc185886fdc1f55ed8dd968","ssdeep":"192:kDQ0Sg+W0Wu39iHTVz0x57k3Tv59kjCQsENC/MET0IkV:gSgpu32Vz0x5o3Tv5KjnsEkEEwIa","tlshash":"f62267a87f2390626b3f4bcde95e8bd8f71a221217150e79f67738550a5cdc8ec82149","first_seen":"2026-03-23T15:44:44.419139Z","last_seen":"2026-03-26T08:43:48.762348Z","times_seen":5,"resource_available":true,"data":null}},"time_used":877,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":877,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fd4735e3a%2Fimages%2Fdefault%2Fe-wallet-dana-0qia0agh.jpeg\u0026w=256\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:59.122Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fd4735e3a%2Fimages%2Fdefault%2Fe-wallet-dana-0qia0agh.jpeg\u0026w=256\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2298\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=60, must-revalidate\r\netag: 9NxZN56f4aoE28eR0mvXlmqiCE67Pr8q-EGzwkE8VyI\r\ncontent-disposition: attachment; filename=\"e-wallet-dana-0qia0agh.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: STALE\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EfOMQHwXRL3W0PUh5%2BBgDXW9h6yhIOOA5DZW2HPP1vD9Ddz2EjtR8PJ%2BuTpVi1KgIg1Nsr0BZgUECsXKVzXZdUuqGD6g9CcA2FU4yes%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e34659b049c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2298,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 225x225, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"59d6bb769ddc7307146c86a0b8205359","sha1":"74ecdee51d3adcfc519d97c58b19f15e330550a8","sha256":"f4dc59379e9fe1aa04dbc791d26bd7966aa2084ebb3ebf2af841b3c2413c5722","sha512":"68a9fe19eeb689591314cf302a08f93b1e2dc9e1cbd7984e5a0df61c54f9cbf59c9f84f93a21acde6bf6660ea1e8ff8a7281745f4bb2a48bd4fc01f8349eb4b8","ssdeep":"","tlshash":"54413b76a31588a9cc0e13b4f29794cc660b0ff00cd1a5f762965ce0c2517fc760f119","first_seen":"2025-07-23T13:52:55.553206Z","last_seen":"2026-03-26T08:43:48.797904Z","times_seen":6,"resource_available":false,"data":null}},"time_used":433,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":433,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/game/arcade?_rsc=3lb4g","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:01.074Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /game/arcade?_rsc=3lb4g HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dewanusa.rest/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:16:01 GMT\r\ncontent-type: text/x-component\r\nserver: cloudflare\r\nx-current-path: /game/arcade\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=t2avOzA5rRRWSWQsYIy9RLlH9QSMWlAQrdJaAfJEksaqjlx%2Fv2wVRwDWY3BF2LDd8NIHcAn31s8vZaMIH69vGMKEzbZ9iicHmMaPFWY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e352ab3d49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":200,"size_decoded":0,"mime_type":"text/x-component","magic":"ASCII text","md5":"5d024af129ccfeb1c2ffe7f1c7f7a45f","sha1":"08d55a0bb9207b6867425672a7b2b26b921abfcc","sha256":"a7f0521c8bcde4b6f5c6208e17efcf8a4d8d9a521657b9128b2d7ec78e27b9a4","sha512":"582c83556f614ad6c1cd160d5f641651b8c4e80d93dd1917cb7ac05c3d97c7d7310dc908b463d36bd1ce0276f82ffcce4bc8e4a8a2250cdb08f85b360e49fc49","ssdeep":"","tlshash":"f6d0a922485829b609ba10a0002eea4f38ce483b22c83cf090924e043bb322101836c8","first_seen":"2026-03-23T15:44:44.533106Z","last_seen":"2026-03-26T08:43:48.814965Z","times_seen":5,"resource_available":false,"data":null}},"time_used":461,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":461,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2FPGsoft%2Fwildbountyshowdown.png\u0026w=640\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:02.661Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2FPGsoft%2Fwildbountyshowdown.png\u0026w=640\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:16:02 GMT\r\ncontent-type: image/webp\r\ncontent-length: 14924\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=1209600, must-revalidate\r\netag: BaX_txyPe076vPEeE4c0DwiGq3zT-C4aiz4DJ4Tl95g\r\ncontent-disposition: attachment; filename=\"wildbountyshowdown.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eoj1u8va%2BAs7LUBmupCEcsPf0Ho8ClXUyZu7GhwJ3vJvK8h5J4Dv5Ww6htRDUGOvXh4nXbUJ3gKb607TBgTJ1rwg2i%2F1V2cMz%2FEgdvM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e35c9ca149c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14924,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 300x200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"6694cac5dc9555247dfa83be601f9e4d","sha1":"6d60d1f8aa6414263a4776f3aa76f79406fa3855","sha256":"05a5ffb71c8f7b4efabcf11e1387340f0886ab7cd3f82e1a8b3e032784e5f798","sha512":"eba67791596c05ebcccfd761f111e05f864585c40af1785b74dd2333f35aef38c6cfcbaab8dc341eff0bb1ac5e0cb6faae9890fbca7362d803c9c38e153da0f7","ssdeep":"384:1IQfdA47jgg0jDBmCfV3ikVwx7U5LpunnXPZ9rjryf+Duv:1IP4YjwCfdVAUX2XPZC","tlshash":"8362d1db4ddc839a43e951979b2730f5e0814c9ef10a6803e433f66ba9377d281cae12","first_seen":"2025-07-08T04:46:21.967872Z","last_seen":"2026-03-24T07:16:47.247293Z","times_seen":7,"resource_available":false,"data":null}},"time_used":236,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":235,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fnewsa%2Fe2cb18be%2Fimages%2Fbanners%2Fhome%2Fdesktop%2F2025%2F11%2Fclaim-bonus-pendatang-baru-100--dewanusa-6rdxwb5q.jpg\u0026w=1920\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:08.341Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fnewsa%2Fe2cb18be%2Fimages%2Fbanners%2Fhome%2Fdesktop%2F2025%2F11%2Fclaim-bonus-pendatang-baru-100--dewanusa-6rdxwb5q.jpg\u0026w=1920\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:16:08 GMT\r\ncontent-type: image/webp\r\ncontent-length: 155786\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=60, must-revalidate\r\netag: zyXNbTNAn_86gbaSI32YXhJPsqkwpOGsSxkHkgz2raM\r\ncontent-disposition: attachment; filename=\"claim-bonus-pendatang-baru-100--dewanusa-6rdxwb5q.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: STALE\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zrOj9UwUPEi7Jlk8oSC0Hptqqr3g7SNFg3fgn7FAt9vSW7otXljkO8xfANqQWfcQ7nGsg3REiJIOT0rPrg3914WZ3yXBKTiNU7bkh0c%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e38029c649c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":155786,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1900x600, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"8eca67322d71ade51bea066b0d028180","sha1":"116370a2586facc8314c0ce1deaab1e5a46c51f9","sha256":"cf25cd6d33409fff3a81b692237d985e124fb2a930a4e1ac4b1907920cf6ada3","sha512":"f4ade8790943cdda08d751f03fcd70616992904ee1e3d199b294e1399c63c0f5ac501c0b808c25d1d79423be5c8ffed659e6df032031d2343363c10e8809d118","ssdeep":"3072:qptfTrg9RMZhDQst7NoBxDhrilsQc+I6rWEWJTKIpjmqISwMrqHe:qptfwPM7Q2NexDhOu3+Qy+jifMr3","tlshash":"9de3121f35385352895277a5eb279bec0a81453fffda4de2fbf37821389085a183464a","first_seen":"2026-03-23T16:13:32.369868Z","last_seen":"2026-03-24T07:16:47.131182Z","times_seen":3,"resource_available":false,"data":null}},"time_used":905,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":665,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/23.CG_0O8z6.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=17809494\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=b8f4f49c-d724-4914-a885-4e5a1e71f678\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2026-03-24T07:16:14.099Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/23.CG_0O8z6.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AGQBYWy-yZuU_J_7gYtH43EnoOFmoel8ujk3L2a9y1RZfn494cRPZCOkZFeA-WJdcQQSCJdFY3oAK-8\r\nlast-modified: Fri, 20 Mar 2026 11:49:45 GMT\r\nx-goog-generation: 1774007385351319\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 151470\r\nx-goog-hash: crc32c=tFBKnw==, md5=t2EbJTvU0Nk9h9Myfbaa/w==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\ncontent-encoding: br\r\ncontent-length: 46902\r\ncache-control: public, max-age=31536000\r\nexpires: Wed, 24 Mar 2027 07:16:14 GMT\r\ndate: Tue, 24 Mar 2026 07:16:14 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]}],"data":{"size":151470,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (64055)","md5":"b7611b253bd4d0d93d87d3327db69aff","sha1":"3a632aa9bbbff151c5feb72041252f17e67b9b53","sha256":"f626b5a9fa608f7ba023f39c76917ac3c2fac66c65b058b9c92612ace640e349","sha512":"a3a5be915ea0b4e5597485cc717919d9ec19fd14234ce64ff52be921b84b3bb90af91b375d397d11377365b2f3b3f977af576290a3f59b5a270ec6c3af24a0d9","ssdeep":"3072:PNWiqU4tayaOrRbD5Ify5yVj2nLYMwgYa/gYaf3UXf3L5P5jgYgMZki:wiL4tayaOrRbD5Ify5yV4LYMwgYa/gYV","tlshash":"d8e35cc4b362e27cdbd7c1e590ab5405f37d3e59b82a4310f1ea9c6a31a89cc513af61","first_seen":"2026-03-21T09:26:08.577924Z","last_seen":"2026-03-24T07:16:47.168612Z","times_seen":33,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":2,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-24T07:15:56.359Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:57 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nx-current-path: /\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nlink: \u003c/_next/static/media/155cae559bbd1a77-s.p.woff2\u003e; rel=preload; as=\"font\"; crossorigin=\"\"; type=\"font/woff2\", \u003c/_next/static/media/4de1fea1a954a5b6-s.p.woff2\u003e; rel=preload; as=\"font\"; crossorigin=\"\"; type=\"font/woff2\", \u003c/_next/static/media/55c20a7790588da9-s.p.woff2\u003e; rel=preload; as=\"font\"; crossorigin=\"\"; type=\"font/woff2\", \u003c/_next/static/media/6d664cce900333ee-s.p.woff2\u003e; rel=preload; as=\"font\"; crossorigin=\"\"; type=\"font/woff2\", \u003c/_next/static/media/7ff6869a1704182a-s.p.woff2\u003e; rel=preload; as=\"font\"; crossorigin=\"\"; type=\"font/woff2\", \u003c/_next/static/media/74b1a93e987e274a-s.p.ttf\u003e; rel=preload; as=\"font\"; crossorigin=\"\"; type=\"font/ttf\", \u003c/_next/static/media/b8f580e68a5b7ff9-s.p.woff2\u003e; rel=preload; as=\"font\"; crossorigin=\"\"; type=\"font/woff2\"\r\nx-powered-by: Next.js\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ryBgIOlzxLd%2FAegkT3b5eFFgN6HCEUubZgFJYsb1QBtorQPDYTtMD3vNiEBW9J6lxMYj%2BFBMSzwPMc5T2Ne6rjct3PDAMVUEufYUulE%3D\"}]}\r\ncontent-security-policy: frame-ancestors *;\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9e13e3359aa71525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Next.js","description":"Next.js is a React framework for developing single page Javascript applications.","website":"https://nextjs.org","common_platform_enumeration":"cpe:2.3:a:zeit:next.js:*:*:*:*:*:*:*:*","icon":"Next.js.svg","categories":["JavaScript frameworks","Web frameworks"]},{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]},{"name":"Webpack","description":"Webpack is an open-source JavaScript module bundler.","website":"https://webpack.js.org/","common_platform_enumeration":"","icon":"Webpack.svg","categories":["Miscellaneous"]},{"name":"AMP","description":"AMP, originally created by Google, is an open-source HTML framework developed by the AMP open-source Project. AMP is designed to help webpages load faster.","website":"https://www.amp.dev","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["JavaScript frameworks"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":860194,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (65531), with no line terminators","md5":"2800535f34f6d3673580e2f5e873667d","sha1":"030597b78620b0508d9ad0fbed0d3d05040f4492","sha256":"bc63620546b06d82fb0e95532c1d0d21e403014af84713bd55ca918535893b86","sha512":"c2ebefbf675d15b051fda47c0562ea1291745cfcdc7a0a4f096cf0525fccfdedd97ecbabacc1328205ef7bcc8e4ae7dcdd6ba0a4cc8928c2072c8dc89811897a","ssdeep":"6144:600rEQCAF2htQSGf28+RVGcwuspcpcZI3uULueN/D6mM1/2rUuXFEgTmloCfcf10:6GQCAF2htQSGf28YaukdRNbfgzi","tlshash":"140585e4c644fd97b4b35c57b4fade8ba04b8025b2c9dab41a4a899503fbc370b121dd","first_seen":"2026-03-24T07:16:35.156903Z","last_seen":"2026-03-24T07:16:35.156903Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1230,"timings":{"blocked":56,"dns":37,"connect":1,"send":0,"wait":1117,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/6475-b9a765fe0c43db46.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.828Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/chunks/6475-b9a765fe0c43db46.js HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"13f2-19d0b6cc918\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eCk62%2BFty3Flsf1igSToLsYBo60x7ByxekW6HcjHbOX4q%2BC1rqYP6103rE4LRTDrVJ6YoBKjM7b0wBZ%2BlO%2BVS0KZL2tG9aONDcsJlCg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e33e189649c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5106,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5106), with no line terminators","md5":"14d7677bad5c23090385341929bdf0f1","sha1":"1e1734b550ebf2544a4fa9a897c57c4ef35c2aed","sha256":"945ecafb15e6a508ea8d273cab19b5b31b97c18d617263403b4d95388a038b53","sha512":"6ede005e1e53a467e18f4d11e5997c2698f86b0df48623fbfba74f0f0c58a4183dee3d4a8b09f1ce240ec376842ed99d0d9bb470290d52f1ccbd3423027dfaab","ssdeep":"96:bhPPSo9qYMSSqCPT2sd7PyKV3KJtNSTCtO+Q46d+QhTT9/pmhE9s739+WyBsd:BPLtlSqix5GlQ46F10T","tlshash":"6cb1b7f3b782f834aa3f5564906a001dbb975c8dc05d1c6cf3a6ec809694186ce75fba","first_seen":"2026-03-23T15:44:44.487539Z","last_seen":"2026-03-26T08:43:48.755608Z","times_seen":5,"resource_available":true,"data":null}},"time_used":962,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":962,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/3004-d71fa8f3a72b482a.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.845Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/chunks/3004-d71fa8f3a72b482a.js HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"576a-19d0b6cc918\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1lwBldlDP8Ztd8kkVRvYGHJOlZumBh%2FXMAfMiA8xOtcS8eWm47zuirQ2e3FLS3UoYt9Pq2eIfOtBGUeXHaALHNnaBU7nSNEPjfC88Uo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e33e28a449c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22378,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (22378), with no line terminators","md5":"8b3eeb5ea65a7b13f084b59ea1b1a387","sha1":"49b8903f335edbd7ee67781ed9d52b08b56d3a1a","sha256":"cdd756e4d00c3a4f84e1fab47742c808667b81ea48bcd24db850b00f793f8319","sha512":"25ad370572e1133b5c6b8a035f28a72a935c316b5cca389b699917b24a705848d50355fd5f0ef9541d787c0a4567c54af461730f86764eb8f7a60783a9470226","ssdeep":"384:CQ6Ciq+wfMD/baeBxH+uq1mBomW1mfGGWsoLQYlT1Nnmb0to5j5MNblEn8hXbKBk:uxIMTbaeBEuWmumJWJEYx1NnmKo5j5MJ","tlshash":"f2a2f7dc3290f0f1567b83fa807f401e71375924228ea110b155e6dd2c79ebaa26bd7e","first_seen":"2026-03-23T15:44:44.475823Z","last_seen":"2026-03-26T08:43:48.683106Z","times_seen":5,"resource_available":true,"data":null}},"time_used":1066,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1066,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.873Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript\r\nexpires: Tue, 24 Mar 2026 08:03:57 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9%2FsSRKXZCElNO7SuupTCAB7XN%2BLtP3UiUfH7U%2FsFREflQ5fmecG0pkl8oRoIQ%2F2GQT02QuEAUIW%2Fu0fq6Zbo%2BSmGQbr%2BrasARbGfcUc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ndate: Tue, 24 Mar 2026 07:15:57 GMT\r\ncf-ray: 9e13e33eb8c349c5-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1239,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1238)","md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-06-13T17:33:46.023529Z","times_seen":368207,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/media/4de1fea1a954a5b6-s.p.woff2","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:59.299Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/media/4de1fea1a954a5b6-s.p.woff2 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dewanusa.rest/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:59 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 13980\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"369c-19d0b6cc914\"\r\ncontent-security-policy: frame-ancestors *;\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=A%2BuvWWSw7qG06jA0radVWylQRZxJ%2Fm9GEczmCppWGTefqkUIbuPCt21PB7ce%2FKS0HI%2FafmtsSwnsMVfRjH8uSAzz9gH7vIPftO6Iri0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9e13e347a9e649c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13980,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 13980, version 1.0","md5":"b7d6b48d8d12946dc808ff39aed6c460","sha1":"3f18028a04b3fb39bb1cc33dce401d04e9207970","sha256":"d4ae5188a65370ecfe28f42293bbee8297cfd5712c6aadfdb270d48f2bcd88b0","sha512":"7c719a3026913201c92129f92b5c08bbe4344fc9c3b2d95445a3ec23974acc7de4555177145dfb8ae007572d03038fb3461e62654c386a60ddf32b0608edbd7a","ssdeep":"384:xE1ZUpMQcRcGQO/z6vwr1/4UcKURb5nbC5n:x+OcKGpz6vwrB4cURBQ","tlshash":"6552d041c8074200cbbb3471b46a9dd168914030a9dd24592b71e9b137f63affd5ae8e","first_seen":"2023-05-06T05:46:29Z","last_seen":"2026-06-13T15:29:19.778737Z","times_seen":10220,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2Fmga%2Fpongpongmahjong.png\u0026w=640\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:01.176Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2Fmga%2Fpongpongmahjong.png\u0026w=640\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:16:01 GMT\r\ncontent-type: image/webp\r\ncontent-length: 11736\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=1209600, must-revalidate\r\netag: oosrUebcBDZ9qJixS9NaFuQpEtSnC717kSKcufoSmcw\r\ncontent-disposition: attachment; filename=\"pongpongmahjong.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LxDSWOqmLt8EFCO3guX1ap5%2BfYW1pU8QrhIc1c3nAAYNcBoZppw5iRVswZGnJAsmou72742vHmIAr4HYpnPZ2sk%2F9XNX6348rd%2B7jes%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e3533b5749c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11736,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 300x200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"b4e03f6f326ee06f577df8dcfbdbc660","sha1":"5aa63fe1b3ecb6b126d72658759c9b3c147f81d9","sha256":"a28b2b51e6dc04367da898b14bd35a16e42912d4a70bbd7b91229cb9fa1299cc","sha512":"7e29fdf451198f35d45aad8448cfa8b0c7738d6e6476c3151946c4872663326e36b91132b21d61d255a7e4040da4887d7c2aa4c28a075525f4818c11067a7207","ssdeep":"192:6Os3jFrWNy3Oa5Kw3oP1nJKdmhShSSMHcgf4fxQEyWKI9pCO2HusLxdeH7cRNnBk:6Os3jFrWNm5JqKdmhShSagQfxQdWJ9+M","tlshash":"4232c0d84e1c573d1c19ea34044fe58073e9f4777e72a609a5993c3e65cb88500f086e","first_seen":"2025-07-08T04:46:21.909205Z","last_seen":"2026-03-24T07:16:47.183854Z","times_seen":7,"resource_available":false,"data":null}},"time_used":809,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":595,"receive":214,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.files-text.com/us-south1/api/lc/main/17809494/0/ec/ff772af303e6959cebfa57ba80ca5a23.png","fqdn":"cdn.files-text.com","domain":"files-text.com","tld":"com"},"ip":{"addr":"2.22.225.83","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:03.524Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /us-south1/api/lc/main/17809494/0/ec/ff772af303e6959cebfa57ba80ca5a23.png HTTP/1.1\r\nHost: cdn.files-text.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 38126\r\ncontent-type: image/png\r\ndate: Tue, 24 Mar 2026 07:16:03 GMT\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":38126,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 320 x 320, 8-bit colormap, non-interlaced","md5":"8c2e21de74abeab3daa2b4f0a5a95125","sha1":"b3f1d8b4317fed225bb49a92f860457b05dc3113","sha256":"309e6b06a2a3a681c6ce247edf51d97ba6ea4c784f5d56c69a3a3326d187d107","sha512":"0c32eec10c4bd3e908af2706bd5fa1aaaf19b2488b60a983a57f1d655fc45dcda9d39f2f01f662057a44305ac61b97b94253c1db3238cf7e79be130bcc610e7a","ssdeep":"768:5ARyPEwSW9xri44QZD5FUSTgy2VmBTQGINpwJDUTcM:5ARyswfP+44QZMEGVmBT4NEUgM","tlshash":"0403f1c5106702ba8191333def0caade80408ca27674d17ca5fba0adec56e554d6bcfa","first_seen":"2026-03-23T15:44:44.453174Z","last_seen":"2026-03-26T08:43:48.648934Z","times_seen":5,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":25,"dns":0,"connect":0,"send":0,"wait":15,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/game/sport?_rsc=3lb4g","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:01.078Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /game/sport?_rsc=3lb4g HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dewanusa.rest/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:16:01 GMT\r\ncontent-type: text/x-component\r\nserver: cloudflare\r\nx-current-path: /game/sport\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Fqsc5IiFDidhVpQmkyRmlrvsoI1NQvOdjt3N%2BLlMyXJmw%2Fs2aqQyBrtZ6GF2NsQ5%2BcLRH9oe90NPaPKnR4P5jWHQyGLNNx94RXboQno%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e352ab4049c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":199,"size_decoded":0,"mime_type":"text/x-component","magic":"ASCII text","md5":"6d6eb3f4c2dbcaddc6d67089dcee4e24","sha1":"f111a821b5b0f51088231f24ac3164efd1366acf","sha256":"abd4bbe1792aed8f83765aebfcf5f881d943fc414339dbca336101c32c82e13d","sha512":"e198c985beb2784cffb3f84a053dabe3eb8f03c8d89dc2291825454c024306970cf64fe1c3155d91c4510eb95aa07bcef8cd6281c1d87d0748d1f6764fae68dd","ssdeep":"","tlshash":"ffd0a922484029b609ba10a0002eea4b38ce483b22c828f0e0d25e083bb323542436c8","first_seen":"2026-03-23T15:44:44.507022Z","last_seen":"2026-03-26T08:43:48.775241Z","times_seen":5,"resource_available":false,"data":null}},"time_used":458,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":244,"receive":214,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.files-text.com/us-south1/api/lc/main/17809494/greeting/64abfe68f1317ee1a1cb999fd3e66e91.png","fqdn":"cdn.files-text.com","domain":"files-text.com","tld":"com"},"ip":{"addr":"2.22.225.83","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=17809494\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=b8f4f49c-d724-4914-a885-4e5a1e71f678\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2026-03-24T07:16:14.235Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /us-south1/api/lc/main/17809494/greeting/64abfe68f1317ee1a1cb999fd3e66e91.png HTTP/1.1\r\nHost: cdn.files-text.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.livechatinc.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 272769\r\ncontent-type: image/png\r\ndate: Tue, 24 Mar 2026 07:16:14 GMT\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":272769,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 600 x 600, 8-bit/color RGBA, non-interlaced","md5":"95e45444dbd349f2798312e0075dba7e","sha1":"159114a1862c90e6f4038dfa7584401732b271a1","sha256":"f052861e8a7ac853a37f4f4317e0d15f890f8ec628f5bfc7f9132b5fd2856f1d","sha512":"eb74aaa87ef7d3fe7810108ed20ad30d3b524ee1b951c87832a24e0b45f7c47a46018392b8472cca330dbc8f45a5674e3ce741cc8010f8bf03c4bcb86d2f5490","ssdeep":"6144:2f6nPCc6P0tAZaLN2FaZIB8gkTqiXSF56ZhlkCTUjFgqZ+aHy:A6P/LNMB8gkTE5YlkCAKqZJS","tlshash":"6f44233e644294097aeb81ae7266f7c4adc32dd858c49d23b90ddd313b9185f70b1f82","first_seen":"2026-03-23T15:44:44.413611Z","last_seen":"2026-03-26T08:43:48.689937Z","times_seen":5,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":24,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/css/04bf0757b8056398.css","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.805Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/css/04bf0757b8056398.css HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"dad-19d0b6cc917\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CbxFdMFTo%2F0bpSNDwku2c1nKibQewYnULcGI%2BN6jXRsQf%2F%2FfFS12hqFf%2Blcpfp7%2Bmar%2FeCBr521qV9t%2FLBFKw39K1Ia9y1DrWSnQQ0k%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e33df88049c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3501,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (3501), with no line terminators","md5":"75ca6b514d710608b3fc6b021663766d","sha1":"2d8ded6da1f2d0d7b4d29bb1ca40fb9d6ac27839","sha256":"28c196da3d862c7379f77ac2e5904e041f784a140ddbf54fd5024fa23f521837","sha512":"99501ff5de1a545da924f85fe2358a0b0aa9e1d6c8ebbe322f2420c363f2ff930940b324345ccebb19142fad9714fc5854efbe13896a198f76e082eb0531957d","ssdeep":"","tlshash":"2d71af30841e940ed932fc8230c97f136d3d00195ad49d12ee5c89a98fabc6ab3d1f9c","first_seen":"2025-09-24T01:38:43.766302Z","last_seen":"2026-05-31T23:57:54.16019Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1073,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1073,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fnewsa%2Fd4735e3a%2Fimages%2Fdefault%2Fqris-qris-mvp-hqersiv3.png\u0026w=256\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:59.124Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fnewsa%2Fd4735e3a%2Fimages%2Fdefault%2Fqris-qris-mvp-hqersiv3.png\u0026w=256\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1970\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=60, must-revalidate\r\netag: 4UP4igr8aFRFCQUUQ1BhD4TMSNmsjDxEdv49M1zVGro\r\ncontent-disposition: attachment; filename=\"qris-qris-mvp-hqersiv3.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: STALE\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8Uc1%2FWL4WrvNkm5usFnktmSyOWMthzGS%2BmBY7iFIoDHbMNUe2jhAyI7tRdwWsxDOZJqmjw5z7bViSEiTNLxBmMRw5Dpnd5xI2UhvY%2FQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e34659b249c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1970,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d02f9a430239726d3634b12552ea67e4","sha1":"a5e8c4266b577476f13f54d5071815b0f100fa9a","sha256":"e143f88a0afc6854450905144350610f84cc48d9ac8c3c4476fe3d335cd51aba","sha512":"198f6dd4a1de5c3e3f384ec90c0c16d189b20a3464acef5796e378eff31615fa013a67b83b28d5f4e237c9448832480352c62720d1c23238de4b0422f306c673","ssdeep":"","tlshash":"9b410a6d5d5af0848de0652e759fb7d75420878c8be14f243c6b2a454ff43609b23360","first_seen":"2026-03-23T15:44:44.518467Z","last_seen":"2026-03-26T08:43:48.640045Z","times_seen":5,"resource_available":false,"data":null}},"time_used":311,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":311,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fimages%2Fui%2Fproviders%2Flogo%2Faspect.webp\u0026w=256\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:59.136Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fimages%2Fui%2Fproviders%2Flogo%2Faspect.webp\u0026w=256\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 4506\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=60, must-revalidate\r\netag: NlTDPvLRUteFaXSPDputi6UEAC0SWAYd2eiexKoHrrA\r\ncontent-disposition: attachment; filename=\"aspect.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: STALE\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=v4MxbFBpfDAohcrV77KZ1DFLGX%2FU5DHtPL%2BQz6VnMLFScKbrDknSvk%2F7ts4zOYaxAIKcywDWtHo6cbK7HNPcD4I46SZiL%2BqrzaDnKRk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e34669c049c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4506,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"990ab1705d0bf69d16131329316af209","sha1":"7e77d2d6bddc6bfb934066988532f3dac9510086","sha256":"3654c33ef2d152d78569748f0e9bad8ba504002d1258061dd9e89ec4aa07aeb0","sha512":"be24aa5006f1ce9cd7455184535f59aa769c54be6dba81171fddf027382e85be158bc61953e40d7295556ab6a913bdf6c1506a1a32f1038cce64fc37efb96004","ssdeep":"96:MWyU5jVL1WiPTdmG6Qvpn+Uk2jHCwMtROqVKIL56gnjE6ce:MWyC1BDv9fi9RLpHj","tlshash":"b1915c18d84b62c2dd3f16a9e78575c2d6eb3489c20c4a56ce1880903ee3ec8e7d41e5","first_seen":"2025-07-23T13:52:55.539103Z","last_seen":"2026-03-26T08:43:48.759217Z","times_seen":6,"resource_available":false,"data":null}},"time_used":421,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":384,"receive":37,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/9562-2506a7181cab6977.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.823Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/chunks/9562-2506a7181cab6977.js HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"3090-19d0b6cc918\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2cCsgtaUvQKX1ybEsK04%2FK%2BV%2BD5gG0ngLWc5piq94trGEBd2SZ2EJOBwca4j6wi1kJIbhEJuVechXbrpX4ZTJVj3Re5yQ%2F86b4cBbu0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e33e089149c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12432,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (12428), with no line terminators","md5":"7f83a7432737dd3bf4745de4b10f081a","sha1":"a8412bfc72190b5e638cb7c38e6daac72019d298","sha256":"a635d04c9ba0e9cc4ba004241e4ca328c9daab7762e75bec28b4e4b33ec1a16e","sha512":"f6a9725bd49b7aa7e79e3005fba627bb81eb33ee4215d5a02f859f5a8b2e27ac918f160a9dd0759a90e97a2143e0c2c182004ef82d35bcaaa28e308ef91c7924","ssdeep":"384:A5HLQiyMaNARPZQBfHA58jDJwVWn6Q8WnGl:KCNA1IAMAv1WM","tlshash":"6142fae4a293b866ff6fe1c5d8cf4416bb0e98106b290d25f273564411c8784e562ffe","first_seen":"2026-03-23T15:44:44.418202Z","last_seen":"2026-03-26T08:43:48.682461Z","times_seen":5,"resource_available":true,"data":null}},"time_used":1025,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1025,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=%2Ficons%2Fgambling-support.webp\u0026w=96\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:59.125Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=%2Ficons%2Fgambling-support.webp\u0026w=96\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1286\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=60, must-revalidate\r\netag: 9lta1xyi7M8Ry1OQf_Ips5zMwQyupdr9Yv18UnvWRDE\r\ncontent-disposition: attachment; filename=\"gambling-support.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: STALE\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ylp4Bb8Dp7NQrAMSIv4H5%2F%2B8k3fsc67km7a%2BxmEAoCGfJbxo%2BmVV8lCEEAZknuWx2301DoDpDM0WU8R6P9nWN7cdmZHO%2FXtci3JE6WE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e34659b349c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1286,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"3ccc6907db94d03df6c97ab7c1679861","sha1":"d6822de046931a3b0569aaf2f6618f8da9a6c2d4","sha256":"f65b5ad71ca2eccf11cb53907ff229b39cccc10caea5dafd62fd7c527bd64431","sha512":"f2c4f21b98db214e1c2dbb338bbc6bcdb60903490ed6079c6e029d3bbd1fed8620c73b525f8436293b910b7ccef8853420a832b54e9b10b10db35ee1319ff2cd","ssdeep":"","tlshash":"9221871a9cb4548fca807fe34ed4688e375e24c22c8d646ec81ba2b9c0232dd577e7d1","first_seen":"2025-07-23T13:52:55.425333Z","last_seen":"2026-03-26T08:43:48.663347Z","times_seen":6,"resource_available":false,"data":null}},"time_used":432,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":396,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fimages%2Fui%2Fproviders%2Flogo%2Fps.webp\u0026w=256\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:59.134Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fimages%2Fui%2Fproviders%2Flogo%2Fps.webp\u0026w=256\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 4050\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=60, must-revalidate\r\netag: 2iKEoXYo__EhnBtz2dYDuUD6SrVWmv3MSiZGKOgh8-8\r\ncontent-disposition: attachment; filename=\"ps.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: STALE\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CpqKRkiNQBjkT3R7OWgC0eNhRlioXJyp00jQQ%2BmxQ8OwqWWRHbtcWSoajbcIHbQD8M6B4kfdHYjJHauQgmcPiVhfgHx0IBh22hhrL%2B4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e34669be49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4050,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"94c88ab5569bdc658eb8e1c8ef79ef7c","sha1":"9e9c618ab089d632c8321a83636f902ea05e8446","sha256":"da2284a17628fff1219c1b73d9d603b940fa4ab5569afdcc4a264628e821f3ef","sha512":"d08af16f594638338eb8358719fabc6354048f5946ab84cb45d86afe8cfb0652219d2124f01dc32449dc3340bea26a9183b2821e3067a5d51eece50fd3aaf3c7","ssdeep":"","tlshash":"ed815b9d98871d82309e56b1a041871743873cfee3bdc5a978402d27c7c73497198cb5","first_seen":"2025-07-23T13:52:55.427561Z","last_seen":"2026-03-26T08:43:48.664567Z","times_seen":6,"resource_available":false,"data":null}},"time_used":246,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":246,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/9.xhyEK0_l.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=17809494\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=b8f4f49c-d724-4914-a885-4e5a1e71f678\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2026-03-24T07:16:02.117Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/9.xhyEK0_l.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AGQBYWxKJVKx5dzvd3iehm1OAgJzNSeVzLNDVU59XQNFyrTaPYGvaILqMz48H1Ik42zFT9Y4Pc_BpJc\r\nlast-modified: Fri, 20 Mar 2026 11:49:45 GMT\r\netag: \"c96a39460d2b0a92409b2b92f3da88f9\"\r\nx-goog-generation: 1774007385404793\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 74\r\nx-goog-hash: crc32c=pjIEnA==, md5=yWo5Rg0rCpJAmyuS89qI+Q==\r\nx-goog-storage-class: STANDARD\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=31536000\r\nexpires: Wed, 24 Mar 2027 07:16:02 GMT\r\ndate: Tue, 24 Mar 2026 07:16:02 GMT\r\ncontent-length: 74\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":74,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text","md5":"c96a39460d2b0a92409b2b92f3da88f9","sha1":"c1ad7e3c7f38743ebadf589676726dad6799a9d5","sha256":"af2012b0cdfa449f186df2f8dc9b3e64b48b8c5c630cc8d3c4df61973499e7c4","sha512":"c6a642b4f09c7dc0b2679c972cc99e4c1e00e268d309aae062883d3eeeb7d3e39bef53388dd20aae7f733da57ed2374c1b12ded0997cbca2762b4b03c332cbfd","ssdeep":"","tlshash":"27a022ca38ca32ae020230300f0f20c0e0b8c02c030e0328800a0200b2300a002ffc3c","first_seen":"2024-06-24T12:34:03Z","last_seen":"2026-06-13T16:26:54.64225Z","times_seen":18446,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/css/bfbc09307378af05.css","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.804Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/css/bfbc09307378af05.css HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"bc2-19d0b6cc917\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hJM%2FbRc844%2F29mxJmhCYKb3LrPKz%2BQ7cGUbh%2FT%2BR1Z2EvBr3CZdzGM%2FgKkCFx32dqLrW7LKIg%2F7TzwkbNIJ6SdyZlh2Q3GAfuSILPNc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e33df87f49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3010,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (3010), with no line terminators","md5":"650cc8352107e40240f0060a4b2e173f","sha1":"231ba87aef04d6002450f99284ea6230fd0b7a56","sha256":"76a620512c620711e06b28b80f1cbcd9d4433545d5d0fff403bb042d22ba7359","sha512":"7eb6f81cb7d0d10d43698b2d6194146bfab8223a7fc5f16aaaa4a4a81515c2486760079121e281ccae5a0a87c9111a11d3d3b077a4ca0c5f9ad147d19cc2561c","ssdeep":"","tlshash":"0851df31927434b8d7ff922545d3667c152a90c2bfae028cd536af28a2c967e1a165cc","first_seen":"2023-10-16T00:24:03Z","last_seen":"2026-06-11T02:31:34.706904Z","times_seen":127,"resource_available":false,"data":null}},"time_used":941,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":941,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/5606-73fe25b398aebe1a.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.821Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/chunks/5606-73fe25b398aebe1a.js HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"b839-19d0b6cc918\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PAedDRPoGhDlLgJ72%2FZ41TzkaIOhWzymKQX2LRWuk4ctykYp%2BipsVF1f%2FBpbt36ZtAiD0%2BhWg65%2Ba62SvCLysRrd7YObnqTyfuSYf3M%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e33e088f49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":47161,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (47155), with no line terminators","md5":"1c8b57cf6368fd64e90cd10b0fc0912b","sha1":"c4da03169475eb92f39f95a86d69540478aa3270","sha256":"bf456dfb1339c1b680cd08c82481d3995b392f0a87f67abe08273620f0b69797","sha512":"206f5366af83be0cb7ab8d7688c81ac50a5b7501328f30bbf73902c47d3849890ac6da67d15042b34c4e29ba594b07b37ed44959560e0364bdf00d705b835679","ssdeep":"768:lGbSlwA2G1auheb30Xcp6/S6IjZaZcPnYshxjob9i/P:0elwAJa9kX1SJNaCPYsHkb9uP","tlshash":"96231ab4ba82f975dfbfc1c5e4ce445ef71e06146e1a08a4f2325c5c1285e88d392fa9","first_seen":"2026-03-23T15:44:44.469813Z","last_seen":"2026-03-26T08:43:48.694768Z","times_seen":5,"resource_available":true,"data":null}},"time_used":1240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1032,"receive":208,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/1448-5bf4aecc6643c106.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.833Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/chunks/1448-5bf4aecc6643c106.js HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"2852-19d0b6cc91a\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ukqlnSO2yLjknJav8MuhtomoyMcodsjyGZJ2jVJq5HQhpY39u9cHNJJ4tS3v%2BeXOtb5bVocRPYNOxYd540EY6aw3Xsbbyg3pddrYt4U%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e33e189e49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10322,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (10322), with no line terminators","md5":"007c0b55698293e58966e1dc5d770409","sha1":"f699609555491407a1f155e6283e0a3de0717da6","sha256":"83fa8bbac169d2ea73abe178b4aafc458d5b09d4ffc68d9ed1e26f5258666625","sha512":"05b4c57f2c3940ed7210a509932650258d73cbcd76f9b86734a2611dc5305f9556014a93fe11ce82c03c8614991f4b7910400acf12b2450f5d2fbf71609a3e2a","ssdeep":"192:X/xQWNzZ8Ux0rQJwk1EqpcoBzPpz8UzSTTalE7j9mYyM3KXEwJrVqGGrc:5nNzZ8UyreHzPpz8UzSTT3hwXXFVqFY","tlshash":"90220a91b01235a8e7ab4685c7af010c7f7a2b08af0e5574b2b88c26577938cd3a577d","first_seen":"2026-03-23T15:44:44.532004Z","last_seen":"2026-03-26T08:43:48.707758Z","times_seen":5,"resource_available":true,"data":null}},"time_used":1186,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1186,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fnewsa%2Fe2cb18be%2Fimages%2Fbanners%2Fhome%2Fdesktop%2F2025%2F11%2Fdeposit-qris-instant-dewanusa-j84cijsl.jpg\u0026w=1920\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:58.004Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fnewsa%2Fe2cb18be%2Fimages%2Fbanners%2Fhome%2Fdesktop%2F2025%2F11%2Fdeposit-qris-instant-dewanusa-j84cijsl.jpg\u0026w=1920\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: image/webp\r\ncontent-length: 152416\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=60, must-revalidate\r\netag: ovJGOen27QyK73M8PXU8sahjMwcxCb0AIShT5SmHxcI\r\ncontent-disposition: attachment; filename=\"deposit-qris-instant-dewanusa-j84cijsl.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: STALE\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=I7GuIOAdZp9%2B%2BdS6tL0yplZzgqkucV9dOWWLBlbFuCOr0CtM7T0oIwumsvO5m4NPyTkkFGPh6Ziic3f85dI%2BD%2BUIj21HzXE%2FKC39JI4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e33f88dd49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":152416,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1900x600, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"f518545baaa9c7607fda913f2573a701","sha1":"6cbcd59d4e037fedba0dd6182ab20148b0f76511","sha256":"a2f24639e9f6ed0c8aef733c3d753cb1a86333073109bd00212853e52987c5c2","sha512":"24a7b32dbd9c62f4053c99f8f42402514a7f5051791019ea06cd1e8809f5931e85d96e372507c12736a78e14e40ec5078bf8ff10e9f9c5e9c0c936d45cf4d44d","ssdeep":"3072:AVZc/L483JX1hyIPMv61dLDoEZP/wrJRBU6kw9u9wre8Pr6Oe:AWc8ZzyIPMEdYEh/wrK6dzO3","tlshash":"65e3126b82cbcbd4d469d4c5104db53c063de32addfc1c76a9bb84b066ee94e0819de2","first_seen":"2026-03-23T16:13:32.363204Z","last_seen":"2026-03-24T07:16:47.140625Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1638,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":941,"receive":697,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/game/slots?_rsc=3lb4g","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:01.070Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /game/slots?_rsc=3lb4g HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dewanusa.rest/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:16:01 GMT\r\ncontent-type: text/x-component\r\nserver: cloudflare\r\nx-current-path: /game/slots\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=prVSRFTB8SjBerZnIBqgn8J%2BU9CPrfc85ba6Ms%2Bpnumow2%2BWH%2BrFgnP67hSIyz5AaexPy3Rr8U8o0GJnKeOYmayCD3crj40Euc1lvJw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e352ab3b49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":199,"size_decoded":0,"mime_type":"text/x-component","magic":"ASCII text","md5":"19fea0bddd9732b42cc4eefc29cc6ee9","sha1":"6626087fd6b6edcedb75441fe677a176d350741c","sha256":"ccd8be484ced4955b53eb35fe8d7d9481ab41723f5810df493de619f5a4b0ce0","sha512":"c80e24d116e597306107335f3b8efb0dff9e5ebe62abbc862d012bd76fd71d9ec23ba28aee2c17fba4bad08fbbb0575d13c64982f60e5d743c93f8fada8744e0","ssdeep":"","tlshash":"a8d0a922094029b64dba10e0042eea4b38ce483b22c828f090924d043bb322651476c9","first_seen":"2026-03-23T15:44:44.528453Z","last_seen":"2026-03-26T08:43:48.804912Z","times_seen":5,"resource_available":false,"data":null}},"time_used":242,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":242,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/game/slots/pp?_rsc=3lb4g","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:02.649Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /game/slots/pp?_rsc=3lb4g HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dewanusa.rest/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:16:02 GMT\r\ncontent-type: text/x-component\r\nserver: cloudflare\r\nx-current-path: /game/slots/pp\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3wZ%2FR2%2F8rb9GEJl8T7lSoHfbLguJzbn3T7AAr0GaYa6av6SA3XF8MvA7U9QB8nVtu%2FN6q1Fv%2BnisKBHsPnFohrX4rkv24U7FAd9fICI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e35c8c9b49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":240,"size_decoded":0,"mime_type":"text/x-component","magic":"ASCII text","md5":"344b3db5652148731de6c1f674e5e33e","sha1":"c5a4ece82bf6d647686d41dd8a259caa461b7a92","sha256":"e2a3285e0a0f9ec69f1b7878ef44b12d9981995e876fb88c663cf4398ad87c95","sha512":"9bc2b410194a51605dd26ab465c6a78fa390e3cb4bbe1c061428f0cc626aecaba5023e144878acc3854d3ba22db275e3e9b223a2e2baafda283d6c4bbd394b0c","ssdeep":"","tlshash":"2fd05e27494429f65dbb10e1083ee94b3ccf582b62dc29f090925e157bb323651476d9","first_seen":"2026-03-23T16:13:32.206797Z","last_seen":"2026-03-24T07:16:47.164059Z","times_seen":3,"resource_available":false,"data":null}},"time_used":239,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":239,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/webpack-a14bbb028c643c2b.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.808Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/chunks/webpack-a14bbb028c643c2b.js HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"d83-19d0b6cc917\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dGhvFrO3sBA0yh6KZ6E756thlUTvT5SRRffHDH2uz3E6tIVaLxkakOqi9lhunxjR%2B7qmLQmGC%2FZm2dUWu%2FrQ%2B1KIu09HyeQqArBtzKo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e33df88249c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3459,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (3459), with no line terminators","md5":"1d08718f04035cafc5368d1105c3fcf5","sha1":"ce2909b595532520922e985e5f18b076780b5cc6","sha256":"0209363b52c896fc38d6c674b70d28a24ea564429a3091da3e49e24929898dda","sha512":"a895541e84f7e1fdfb5e6d6fc11567a42df7216372b643006935b1b2162222a22cf58f565d738e3cb66ff9f2bcb2166e9b7a3691bab23a908199d31562680e21","ssdeep":"","tlshash":"9e61c4a93621fab557f004c5987fc142f21a203b051afcb0e707d8bab468aa10462ff3","first_seen":"2026-03-23T15:44:44.504319Z","last_seen":"2026-03-26T08:43:48.719817Z","times_seen":5,"resource_available":true,"data":null}},"time_used":878,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":878,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/1256-417ff298a02f60ce.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.832Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/chunks/1256-417ff298a02f60ce.js HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"8a18-19d0b6cc919\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=trYIFOvmc%2FnSDURVi3q6%2BCW0ddjjPG3e0u1hTJeNnGooWjaey2OJ2r0hdFu466tjlsDMld%2BjNoZTGe6uRtNaHwbso7vN1k2dhhvh9fE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e33e189b49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":35352,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (35350), with no line terminators","md5":"d599ab04eb3ee581d79dc69acae9f762","sha1":"1efd244916a7e38086cffcaea98d27ddf3d3edec","sha256":"e223e8762a5d39e1f9af494cd93768b0456865c90f0a5c147ccab70e3c9ce6b5","sha512":"65a067e5365ff1f82ed434bdb227733604d0690edc0b3c243be75f5b381eaa7102149b9a7e66fcbeb33ff67d306aab2295df313fd55de34ae61e3bdde9f01f89","ssdeep":"768:SP58/YJJZNsOrlcXUgO6EQj3pl/izf+Z3LbI1iIW0Egp/u:SP5wuZN7lgUgO6EQj3n/izf+Z3LbI1iz","tlshash":"9df2f89a6112f8728aff82ead05f1b04732c1159670c48ecb57e9ee922e0d646747f7c","first_seen":"2026-03-23T15:44:44.422674Z","last_seen":"2026-03-26T08:43:48.690661Z","times_seen":5,"resource_available":true,"data":null}},"time_used":1068,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":881,"receive":187,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fimages%2Fui%2Fproviders%2Flogo%2Fvibra.webp\u0026w=256\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:59.156Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fimages%2Fui%2Fproviders%2Flogo%2Fvibra.webp\u0026w=256\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 5248\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=60, must-revalidate\r\netag: o2c44a0P0awGnq2aMh8UM_fE0991kJTRLsBq20ogELg\r\ncontent-disposition: attachment; filename=\"vibra.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: STALE\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZILzZ6QsyMyp%2BzxIPGTb2jTqVeQFXzGWSmaRKdvsne9UKAro2dVVbQ%2FdkXai70iHZq476yqNY0D8%2Bo1fkN4lmvLXU7z7H%2BbZCA8Pfhc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e346b9c649c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5248,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"690d44af1f6b3802735ebdd612c51c59","sha1":"79b94119dfbec06a1b31136d3032dc45ad6168e3","sha256":"a36738e1ad0fd1ac069ead9a321f1433f7c4d3df759094d12ec06adb4a2010b8","sha512":"4ccdc6d9deb5a3e05630883f62119505a3064115d0a109f52a32a545f2c85d5b893eff26c33961b1b73a33208849f71fe52a0d4799cdf2bd6a5fe16bc24f2ce6","ssdeep":"96:KF0uVhD8BuVmPDRyUP/3aDdSbNLtZ5GFL1iPLHhraJw7ugMQBYGXAyTws/ZLli61:KWGd8BuqFNKYbnZsx1gjhEw7ugpBUZsj","tlshash":"cfb19ed0f40a69bd8ac36dacc6c643d13db4f78f48087f9624abc0b47e932557951752","first_seen":"2025-07-23T13:52:55.511055Z","last_seen":"2026-03-24T07:16:47.156172Z","times_seen":4,"resource_available":false,"data":null}},"time_used":257,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":257,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/media/6d664cce900333ee-s.p.woff2","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:59.302Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/media/6d664cce900333ee-s.p.woff2 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dewanusa.rest/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:59 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 14168\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"3758-19d0b6cc914\"\r\ncontent-security-policy: frame-ancestors *;\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GrxXi3ZVKjPyHDdkbwSewBjO78N20HH8Vjv3JgHU3x%2FWtf5c%2F%2FUr2hueureytD2tJ0iF3%2B1nweT%2ByyQ4OetRyYHvp%2BxsUDovZkwiW7U%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9e13e347a9e749c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14168,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 14168, version 1.0","md5":"017598645bcc882a3610effe171c2ca3","sha1":"ceaca8172b95b6954d5a5752698a5162d7e9877c","sha256":"7a7ce1a34f3e9944fe88fc61abbc93b6db383afa2b90815fd7ccea456fbce4e5","sha512":"cadb36cbcdcd7e84ee9305a676f4d8d3b19fc199481835b726fbcd20f2463074908040b7aca60e284b5ab8ab3b03798f38cc06873d6e4b06ddf7a018e6c666d8","ssdeep":"384:cIeFsvkj/uwoczzNcnQzpjJSx7MZBEuNdu:ihxhzsQ9YxEEQg","tlshash":"bb52e181361151524c851f6d3784c3efec1118dff2acaae07e22255506fe4f276be92b","first_seen":"2023-05-06T05:46:29Z","last_seen":"2026-06-13T09:28:23.634112Z","times_seen":7232,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/livechat.hgJsKRWh.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=17809494\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=b8f4f49c-d724-4914-a885-4e5a1e71f678\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2026-03-24T07:16:02.035Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/livechat.hgJsKRWh.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AGQBYWz4cO_QzE_YckGZzyfFPJh_3vcf6yi2ye8G7_vS8nI4t4oXmY5FTt5SU4fWLP37h7mgTSptMgQ\r\nx-goog-generation: 1774007385363393\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 401\r\nx-goog-hash: crc32c=vxQ2HA==, md5=egbssK6mJHqc9EWMYEwJEA==\r\nx-goog-storage-class: STANDARD\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\nlast-modified: Fri, 20 Mar 2026 11:49:45 GMT\r\netag: \"7a06ecb0aea6247a9cf4458c604c0910\"\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=31536000\r\nexpires: Wed, 24 Mar 2027 07:16:02 GMT\r\ndate: Tue, 24 Mar 2026 07:16:02 GMT\r\ncontent-length: 401\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":401,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (400)","md5":"7a06ecb0aea6247a9cf4458c604c0910","sha1":"1cde3c0d6ccec1951dde410fa90f224572d0f567","sha256":"e8317dbfe5c4731a8f0b8d2ba68cf03987156d773de81f916e6861a7c5a817f8","sha512":"614992feae9cf682a18c5e8d9893587e67be993e4d02566ba0fbed9d3e7572058aed41237268ed19428a1f54606d9f1926680c7ac086a38c7597eeba26aec597","ssdeep":"","tlshash":"75e0cadadb0039e2f688ddf4c404e4e206fb13aa4bb583b084cf137153150a5de06502","first_seen":"2026-03-20T13:10:16.665174Z","last_seen":"2026-03-24T07:16:47.182581Z","times_seen":223,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":20,"dns":1,"connect":1,"send":0,"wait":3,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"wss","addr":"api.livechatinc.com/v3.6/customer/rtm/ws?organization_id=b8f4f49c-d724-4914-a885-4e5a1e71f678\u0026x-region=us-south1","fqdn":"api.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"2.22.225.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=17809494\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=b8f4f49c-d724-4914-a885-4e5a1e71f678\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2026-03-24T07:16:02.334Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /v3.6/customer/rtm/ws?organization_id=b8f4f49c-d724-4914-a885-4e5a1e71f678\u0026x-region=us-south1 HTTP/1.1\r\nHost: api.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://secure.livechatinc.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: MubEMfGEL7JPB/TKRs8Xyg==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nsec-websocket-accept: G/OmBdARmeDSFBqD9VaWDmwe9/A=\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Origin: https://secure.livechatinc.com\r\nDate: Tue, 24 Mar 2026 07:16:02 GMT\r\nUpgrade: websocket\r\nConnection: Upgrade\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T17:33:37.826371Z","times_seen":16391923,"resource_available":true,"data":null}},"time_used":404,"timings":{"blocked":0,"dns":1,"connect":1,"send":0,"wait":386,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/17.BT9jUAD0.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=17809494\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=b8f4f49c-d724-4914-a885-4e5a1e71f678\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2026-03-24T07:16:14.103Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/17.BT9jUAD0.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AGQBYWxeZo7w69TlFEETcnGM_83RUFKIb6xx0BWVS-EKiQU90cNmhPF9AZWgRSCIqCeiuIvlZ32aoZg\r\nx-goog-generation: 1774007385292373\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 8044\r\nx-goog-hash: crc32c=Bws5zg==, md5=FGmLmXE1sinBW8WBftAg0w==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\ncontent-encoding: br\r\nlast-modified: Fri, 20 Mar 2026 11:49:45 GMT\r\ncontent-length: 3182\r\ncache-control: public, max-age=31536000\r\nexpires: Wed, 24 Mar 2027 07:16:14 GMT\r\ndate: Tue, 24 Mar 2026 07:16:14 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":8044,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (8043)","md5":"14698b997135b229c15bc5817ed020d3","sha1":"5afc2438a71273a8f1820c766e96f397b2806699","sha256":"96e43792002693d12bffd72956dc425e03e113315cbf63031c7e839e661fd115","sha512":"add083fc100a740d1de15b363e3e213cc84ca9fc4913da9ea691619f688e6b885d8ac7a16d96309f9b55fc10322cb54c3f23c4281df1f5131fa8d40655fc0793","ssdeep":"192:JIcs/+sXpRMzExyv5vHcj/pIWpIizfq7ovx7vc:Gcs/+sX7Mzpv8llbqs7vc","tlshash":"2af1f9dc1322eaedd98296fe12381009b16d6de93c36c244dfeec81a70255c86d38db3","first_seen":"2026-03-21T09:26:08.692071Z","last_seen":"2026-03-24T07:16:47.244372Z","times_seen":33,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fnewsa%2Fe2cb18be%2Fimages%2Fbanners%2Fhome%2Fdesktop%2F2025%2F11%2Fselamat-datang-di-situs-dewanusa-px14rxer.jpg\u0026w=1920\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:58.003Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fnewsa%2Fe2cb18be%2Fimages%2Fbanners%2Fhome%2Fdesktop%2F2025%2F11%2Fselamat-datang-di-situs-dewanusa-px14rxer.jpg\u0026w=1920\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: image/webp\r\ncontent-length: 157186\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=60, must-revalidate\r\netag: Xh_0mWfniqG_gfJ16ss3AJJHQi9SLHfQMPlq8JXWFvw\r\ncontent-disposition: attachment; filename=\"selamat-datang-di-situs-dewanusa-px14rxer.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: STALE\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XCxI0uqGCHKkKipWlX3OJntBLZix6kidnSAVg0lHHc7NkyvBnMZzUqKzZPwemZ46TSHtufJpcdyHd0xchDzZFhWlCWX8tqN%2FgM08Vmw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e33f88da49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":157186,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1900x600, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"6e0a9a3c7677b8b22f6b0c025c21f0e5","sha1":"a8ea2974e0e0e6242fa52e3c24b8f4c8350fd4ee","sha256":"5e1ff49967e78aa1bf81f275eacb37009247422f522c77d030f96af095d616fc","sha512":"ea7a81501319ba887677be013fd37594480e3ebf61a5b4165e3534b4e9a9fe9c90bffb407c4267ad32f85c633ae9849e65a949c19c33492751b310082d210edd","ssdeep":"3072:t50ZN33apXSSSgy+YH62aOHEgRj7nB/qIk/SQcOhHRvm7iBTGy1Ty:t5UakDgy+YHlarEjrnkqQcOh8mJGc2","tlshash":"77e312f80eb33dd8c80cb6417134771ed9b1b88d921be5e2d7835a7d654b44be4122ba","first_seen":"2026-03-23T16:13:32.394063Z","last_seen":"2026-03-24T07:16:47.154639Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1704,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":861,"receive":843,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/tracking.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:58.908Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /tracking.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AGQBYWxEvAsMvymxHM1muhyHDA-zLZDHowIUx7I-l6KrC9GMQHHu7v0TCzFkLMOvx4zcu5N-p4u3GXA\r\nlast-modified: Fri, 20 Mar 2026 11:49:45 GMT\r\nx-goog-generation: 1774007385482931\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 102724\r\nx-goog-hash: crc32c=e1J+Pg==, md5=o0TGerG0Lm67nCPjvZFtmQ==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\naccess-control-expose-headers: *\r\nserver: UploadServer\r\ncontent-encoding: br\r\ncontent-length: 33200\r\ncache-control: public, max-age=28800\r\nexpires: Tue, 24 Mar 2026 15:15:58 GMT\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]}],"data":{"size":102724,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"data","md5":"a344c67ab1b42e6ebb9c23e3bd916d99","sha1":"1b8af7b30cc9831348b1dc8b61cb57ae912a2b05","sha256":"216a409d1add9fcb0ec72ef2d4d02cbab37761ae2dbf41dbc2fecf6aae0474ae","sha512":"df8fe41d081450012161536e726cfe19aa425e2bd3544f8d3e612d9c623d4fc480ba7a60f9a9a6270a06121db1edb0a310b9d7e7d0ae9b5a1bfcd94980b07fe6","ssdeep":"1536:E5y/uRri7DJnagIckNmeuR5bydWiBwpDwLCPoRvCRW6Rtt:E4/uRu79aXuRxyk8vCdRf","tlshash":"07a338d67282b03493f785e7a17f6216b33a291c740d8410f17cec6a396a9878177f2e","first_seen":"2026-03-20T12:44:21.754759Z","last_seen":"2026-04-25T08:26:24.664416Z","times_seen":269,"resource_available":true,"data":null}},"time_used":137,"timings":{"blocked":66,"dns":44,"connect":1,"send":0,"wait":3,"receive":1,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fnewsa%2Fe2cb18be%2Fimages%2Fdefault%2Fe-wallet-link-aja-zkrz6knt.png\u0026w=256\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:59.119Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fnewsa%2Fe2cb18be%2Fimages%2Fdefault%2Fe-wallet-link-aja-zkrz6knt.png\u0026w=256\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 4748\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=60, must-revalidate\r\netag: TinvNVQdrLAJw2ywtPwgxw68vnd2y6PLKXwAE25icak\r\ncontent-disposition: attachment; filename=\"e-wallet-link-aja-zkrz6knt.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: STALE\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=se3fRFvWkCw6T1gMHZaokxqyZpeWidsP1ZCw5tFtVVjY9O1NU5NuiTDNa3cJTBXIz4Raod4ucU07y5UxVeG6FXm8xwVo7ni1MuTILCo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e34659ab49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4748,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 225x225, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"12ae2c058228add2fbfc37334df8c26c","sha1":"9bcc5cec270d662ed0b4d2b32422a2e2d23f8a2c","sha256":"4e29ef35541dacb009c36cb0b4fc20c70ebcbe7776cba3cb297c00136e6271a9","sha512":"403e71143a699187aa6f9f1e1cf6bf5e406f24e8bbd52f634b2e137e23896abe8d1614fa01365482974281bf82016b115aceb9ed16f98b5d74631948394910c1","ssdeep":"96:qwibRc4dy77XDGIGUaAw8GTG2n4wINeEmiNhLdHFzMglca21Mv:q/bRcvfXDGIGUA4TSyhLZ5Me2uv","tlshash":"97a16cb073fa97d810abc61de3ec5bc8335c62b12b354a0c211a997f44e066520d63ae","first_seen":"2026-03-23T15:44:44.523989Z","last_seen":"2026-03-26T08:43:48.726619Z","times_seen":5,"resource_available":false,"data":null}},"time_used":315,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":315,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2Fmga%2Fwildfirewins.png\u0026w=640\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:01.181Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2Fmga%2Fwildfirewins.png\u0026w=640\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:16:01 GMT\r\ncontent-type: image/webp\r\ncontent-length: 9808\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=1209600, must-revalidate\r\netag: 04F5eyFbzVb9T82sm8cfjzDmPlJz3TOIUo-Kzx82_ik\r\ncontent-disposition: attachment; filename=\"wildfirewins.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rcQfMcnIMe6XB4AIxNTZTc7WQAkV6nNzRYDJGDx%2FpY5uxa6K9q3z2f9pfE%2BkoglIgNCS8vNeZkxoNugJW0WDGiBC3DqU9JUxezrAHsk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e3534b5b49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9808,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 300x200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"0ba385f6b4a85dc1c1a8d90f06c711fe","sha1":"d11e43321c28013bcb8cddd797cf004ad4911c1e","sha256":"d381797b215bcd56fd4fcdac9bc71f8f30e63e5273dd3388528f8acf1f36fe29","sha512":"1ddd742f873d9a2ae32c90cf202de9daaebc6c361f7c48d5cc028bb870d1f5637940a927700600a02e9caf7b099dd17f9aa9fcb202f4113c18cdcbaf36530b28","ssdeep":"192:uVBQQ96Rgnh/u81ZjuKPq7LOsWggg09FcklgGJFdlMtKbZ2Kd2i71lb9F8ei:uVSdRgnh/lLP0LMTV9ngGJHSKdldRVF8","tlshash":"e612afc0e4a72826a387d10d1c7685c91fd9f2813d179b0780cc9d75da1e97d36e3795","first_seen":"2025-07-08T04:46:21.962289Z","last_seen":"2026-03-24T07:16:47.156733Z","times_seen":7,"resource_available":false,"data":null}},"time_used":805,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":586,"receive":219,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2FPP%2Fgatesofolympus1000.png\u0026w=640\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:02.659Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2FPP%2Fgatesofolympus1000.png\u0026w=640\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:16:02 GMT\r\ncontent-type: image/webp\r\ncontent-length: 13086\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=1209600, must-revalidate\r\netag: 4ndnRP4ybH7PkceShR24P0F7vzP-hZVmhCQbdTLH9Ts\r\ncontent-disposition: attachment; filename=\"gatesofolympus1000.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2EUNz0c6tky7VNRwDT0Q5GHmLG7%2B%2FkjpmxrW%2BxX3JzC9c%2BqPS7lxzvMMY%2F0Kf0Nn4QYj3LGXrYxZ1yfox4rGr8DGjjZ5JWXNmjdb4z4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e35c9ca049c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13086,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 300x200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"72168b25ea067f677a16c67a91e9455a","sha1":"f76a2657475fd298727ad00fcfe7dc164410fd91","sha256":"e2776744fe326c7ecf91c792851db83f417bbf33fe85956684241b7532c7f53b","sha512":"a99d7bf287cf4d0b7ec97e27381ccba94f1e7f5932eb093902cea116ab822da61619c7416ae65119f47fc687e8b5985faf910ec81c582deb51ce2d542065753d","ssdeep":"384:+gdX9pa4muetM5IsK/SF2tOJphTa7l65XvT:DjatbtM5VlM7UXvT","tlshash":"0c42c0740dac6b7c466de866f0b07dd36937505b8406cecc93dc9cd22a64f59b6264c3","first_seen":"2025-07-08T04:46:21.910752Z","last_seen":"2026-03-24T07:16:47.216307Z","times_seen":7,"resource_available":false,"data":null}},"time_used":235,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":234,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/7632-d71d85eb2f5f70b7.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.820Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/chunks/7632-d71d85eb2f5f70b7.js HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"519f-19d0b6cc918\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qAWSEOckyP1i7PPM3ZS0vNIBwadaIZR9km1zKF2eALFlu%2BouoPNcByAw0TzffJpwiyi2dXaIIxdAZI0Gktj%2FxXikVs9PuHTfIMJ57ro%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e33e088e49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20895,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (20895), with no line terminators","md5":"a472ba03665b61da6913975d1ef2ae77","sha1":"b34745b44facaa4cc35eb3c185563ba87c5e4b24","sha256":"57606df2fc02930d91b6e5dc4a9779d5fa5694037aab027c861c31e780fc3b1f","sha512":"f9e6c8a660c053ea1b9baea350706d5dad28dfe80c5a39d256a18b466e75104390591ee9f941fcbd61534e7b8fcb6522c031ef6a00b7df27dd6f72971ab4c43e","ssdeep":"384:gRHyBTXW3TYTgNm7XTlcM7ayxTlKZ3trSYn+2qy/2HTgGMBMDDHIQ+9Hw3xnPdTw:TamJPayRCdGA+2qVgHBMDDHIB9GtK","tlshash":"9f920a9172437430cffb8286e45b401eb77d695a7a0b4528b263b8e621d6a4df053ff8","first_seen":"2026-03-23T15:44:44.521754Z","last_seen":"2026-03-26T08:43:48.791126Z","times_seen":5,"resource_available":true,"data":null}},"time_used":903,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":902,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fnewsa%2Fe2cb18be%2Fimages%2Fui%2Flogo%2Fdesktop%2Flogo-znti7pse.png\u0026w=1920\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.853Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fnewsa%2Fe2cb18be%2Fimages%2Fui%2Flogo%2Fdesktop%2Flogo-znti7pse.png\u0026w=1920\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: image/webp\r\ncontent-length: 20184\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=60, must-revalidate\r\netag: YEw8dyvgQkHLZYlShBC-qCRSsEAPlV8RpKvodojDA2E\r\ncontent-disposition: attachment; filename=\"logo-znti7pse.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: STALE\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3ZtDffoTNDm0Tr8xv3lkNDj5wquowoEZYfEfnNaug75GxOU%2FHT3kAg0qrp9g5dthfbHEi5LlS1eUHDAQFfBeAV2qVEjEmjV9RxegMjE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e33e38b049c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20184,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"e28ef4abcfada64fa352739b2108f9a0","sha1":"5d9857090047f6d95ee54cf9517a0a34ece11327","sha256":"604c3c772be04241cb6589528410bea82452b0400f955f11a4abe87688c30361","sha512":"712f098f25a649b6cc5a70717def815490a66d057a411d393ea057336ea2f199ad325e5313a490458645c22d0d33b025ba2c69ca5e75b3f64783fed0e0506b53","ssdeep":"384:5WLl4BKupUnmcuC9CekkgeIi2QlkaO4M0ZqRbGkhRcsenCfSLrMK6x8:5GlPupAmwCekkg22QPi0M7hysIMK28","tlshash":"9a92e0f0fb6cd904f0a3cf09a9ce9d3e3400e411a5c9ae624a43d8bfd566964369452b","first_seen":"2026-03-23T15:44:44.519438Z","last_seen":"2026-03-26T08:43:48.75795Z","times_seen":5,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":236,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fimages%2Fui%2Fproviders%2Flogo%2Fag.webp\u0026w=256\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:59.135Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fimages%2Fui%2Fproviders%2Flogo%2Fag.webp\u0026w=256\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1908\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=60, must-revalidate\r\netag: y0FWtV1VjNVBECE9wmT5J8edBKw_DLi3U_v_xRECLO8\r\ncontent-disposition: attachment; filename=\"ag.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: STALE\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vA54Wqeiqjp5isGjT9MlAFeDblw4QzA3zp%2Bkp8mjykQ6tFEpToPiGBSXS9nohkFfKxsAH8GdDtwrLzGbhLaSRznwIYSwn%2FNLwNuyhjg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e34669bf49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1908,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"4c14a18d3b1c3167a7d91c241892c711","sha1":"33b75426a0920b687eb350451b00bb37125dc461","sha256":"cb4156b55d558cd54110213dc264f927c79d04ac3f0cb8b753fbffc511022cef","sha512":"9a3f3472b4aea480c7405136de706ae68202e4d3ee8e01abe42ef0c2868b3bf1880e4e72708f53cfe30eab1fb9a99d54646f64b5751c21cdc131faef5710fe7f","ssdeep":"","tlshash":"73411d9d1fa549458b58e723aa3fe6d01f4e62d101b95d433056acd3bb95fd03434c84","first_seen":"2025-07-23T13:52:55.526486Z","last_seen":"2026-03-26T08:43:48.677587Z","times_seen":6,"resource_available":false,"data":null}},"time_used":302,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":302,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2Fmga%2Falmightyzeuswilds.png\u0026w=640\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:01.163Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2Fmga%2Falmightyzeuswilds.png\u0026w=640\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:16:01 GMT\r\ncontent-type: image/webp\r\ncontent-length: 12164\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=1209600, must-revalidate\r\netag: ZGmAYWD0OV1QJFDaJzUjU31Gt2x0ZSYaiofeBLENgeg\r\ncontent-disposition: attachment; filename=\"almightyzeuswilds.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FysKh2nd25SktTEcKnskPLLUuJza%2FydvMgoIrW6mUCrV0jX5TDsnTUsm%2B78%2FSImPTZvfMy4Xp%2BVOT%2B2%2FkKcv33o9TE8BU0ehyJNYitg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e3532b5349c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12164,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 300x200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"1ae21ed5d4eee03ba7ad7da5947246f7","sha1":"a2f6fb03661e02b2e832eb659a1e9808f2e22e1d","sha256":"6469806160f4395d502450da273523537d46b76c7465261a8a87de04b10d81e8","sha512":"cdec45f74cbf4c2415a1c286da92cbe7ecc4bbfc39cb81c3ee70ca06ad2bbfca42a6da56e1731a3de253f58808fc22d14db8f078ceffdcb69f3e51a44ce86cfa","ssdeep":"192:F4pTXx/ot2cB+hLt25eMeePJzKGKrmYtMWlpB95KABlRYCdlQftdrSjI9xdoLKr:uXx/O+hLteBKGKHnPK2lqCsneKxH","tlshash":"0342c076838fee96803519363e27aac6afc983d24253f41ed5906d0064f265f3d0db43","first_seen":"2025-07-08T04:46:21.897796Z","last_seen":"2026-03-24T07:16:47.220799Z","times_seen":7,"resource_available":false,"data":null}},"time_used":606,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":605,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2Fmga%2Fsweetjarcombo.png\u0026w=640\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:01.177Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2Fmga%2Fsweetjarcombo.png\u0026w=640\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:16:01 GMT\r\ncontent-type: image/webp\r\ncontent-length: 16338\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=1209600, must-revalidate\r\netag: CSg_GeaLjwnCE7S7bvwx4LWgAns-7_5cGnphxYHM1vQ\r\ncontent-disposition: attachment; filename=\"sweetjarcombo.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LYyTRc%2FwVBI4Bp%2BznZNn9MbOzCQt7DctagDW9RAzSQXXf1xkbxEkbBfrs3oM%2Bn%2B%2BRlvdqh2UMqGdNDh6C3717IzlmKBj4SZskim8WTQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e3533b5849c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16338,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 300x200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"74cd24ed2112587eb0463d66fab78a17","sha1":"3775deb084266b0ee902b3619c46ce5275028937","sha256":"09283f19e68b8f09c213b4bb6efc31e0b5a0027b3eeffe5c1a7a61c581ccd6f4","sha512":"3daee458736c3caae3aa53e397a26b4e8283866626d4e6a05ce2aa01dbc2d7f3be53f0ab0b9ea6b470908f415c5aa04e07469fbe9247ad5aa74ca52371f63216","ssdeep":"384:o1RV6AmEBbzGkUSIJ2dY9Ry8tllq5oGKOUtoI8kbODv6jcH:ImEB6SK3tzqmGbUtoT3","tlshash":"c372d14b7c44bc246cb990407dadc9b22a35e1dd336c5e564dc60ed1d6a3e58285e3c7","first_seen":"2025-07-08T04:46:21.966477Z","last_seen":"2026-03-24T07:16:47.172012Z","times_seen":7,"resource_available":false,"data":null}},"time_used":1031,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":597,"receive":434,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/4bd1b696-100b9d70ed4e49c1.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.811Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/chunks/4bd1b696-100b9d70ed4e49c1.js HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"2a3e1-19d0b6cc917\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Cjk%2B7g3qyEx%2B8xq%2BMbw%2FQAlDrATP7f%2FMnFGLsqv3ZZrCyYcjJEVTqlPvmCfKQmdsSuAfS%2F1%2FoHtfn3UmSYAagN%2FGByzhzCuHs%2FZp4ro%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e33df88449c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":173025,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"2a9c2166a0ae63c27a466c7fb5903d80","sha1":"51f1c90c3f1e1d32d0c81e836ded7ed5ba0601d6","sha256":"5421e13a91a9389517b66179f3b4b5eaa0d95245438066d4d7b19ac30aeb809b","sha512":"8dc6274f2637076f1b5c4cd3f61b14259ec5552d844245c8b93a64f19c8b6b7347554a03b994b0f880b7dae74ad65e54eaa00be81783c2cedbae82a7fd4b89dd","ssdeep":"1536:DWET9Lwegcl2MywYleojBFOQLfioEV7hNc7lFlgXGhJx4bzZc5zg5tgW/zAe6c0:Z9LwzMyh1vLEE7RgXOQ5SIA1","tlshash":"ecf3f8ec3999e611aeb342a700df28037378261b240d4d60a614fd9ea57845bb17bfde","first_seen":"2025-08-21T15:49:50.637902Z","last_seen":"2026-06-13T17:49:50.684716Z","times_seen":11893,"resource_available":true,"data":null}},"time_used":1419,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":957,"receive":462,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=%2Ficons%2Fchrome.webp\u0026w=48\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:59.126Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=%2Ficons%2Fchrome.webp\u0026w=48\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 756\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=60, must-revalidate\r\netag: t939NK3Gt7N6Aoj_BtyA-D3yJ_2zgZuss_3yGcsRVog\r\ncontent-disposition: attachment; filename=\"chrome.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: STALE\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Z7nlvgA7Y6nsbF%2FMZLThBQ0jvMLpfDDVRqf9RgAudr1xaL3YDkgYQvt0M1pDvPz7r0dMRXlwE4s65qICkNxusDZDK%2FGUblx7x2p6t1Y%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e34669b549c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":756,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"361a99615d8a295dac469571216884bc","sha1":"76f57788c375adc49e4cc5f016bb2239fbe771e8","sha256":"b7ddfd34adc6b7b37a0288ff06dc80f83df227fdb3819bacb3fdf219cb115688","sha512":"e4d27edfc29ec3e48c5a8e8f06159849f3cf13bdba35546fc63dd1a1fdcece09718c608eefc1ba4706d6123e2df3698e8908d568864d3cdf6af0f39e049bfdad","ssdeep":"","tlshash":"a201655b975da6bc986eb820b16878090ce2c5d3201380a6307985c140876b8ffd2d10","first_seen":"2025-07-23T13:52:55.457242Z","last_seen":"2026-03-26T08:43:48.774338Z","times_seen":6,"resource_available":false,"data":null}},"time_used":427,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":427,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/api/mastergame/filterrtp","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:02.361Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"POST /api/mastergame/filterrtp HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dewanusa.rest/\r\nContent-Type: application/json\r\nx-client-ipx: 0.0.0.0\r\nContent-Length: 7012\r\nOrigin: https://dewanusa.rest\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":7012,"data":"{\"idGame\":[441948,442254,441896,442291,442266,442105,442284,452858,442252,442233,441893,452854,442171,442247,442218,442210,441926,452850,442167,441197,441906,449365,452856,441900,441944,452842,442223,442288,441905,442178,434865,442249,434582,441914,434559,442255,434511,441917,434593,441897,434568,442162,442235,434496,441936,434553,442169,434542,434648,441943,434646,434672,441898,434657,434867,442285,434493,434851,442170,434644,434669,442262,434554,450158,442090,434589,434659,442245,434671,434677,452843,434543,434564,434880,442244,434592,434674,442159,439319,434537,434640,441918,434664,434877,452849,434490,434594,441895,434488,434649,442246,434481,434849,442258,434504,434675,442190,434653,434860,441910,434855,442215,434505,434875,442140,434486,434661,442064,434555,434652,453334,441931,434588,434656,453356,441892,434647,434872,453107,442073,434864,434876,453331,442147,434530,434678,453073,442269,439344,434556,434869,453344,442052,434489,434881,453182,441934,434550,434567,453409,441932,434485,434532,453310,442240,436716,434885,453317,441908,434535,434890,453380,442137,434510,434596,453184,441947,434569,434873,453335,442180,434494,434667,453046,442217,434597,434639,434868,453318,452847,434635,434642,434670,453323,442143,434551,434590,453353,441935,434500,434558,453387,442278,434545,434566,453109,442079,452844,434571,434636,453339,442276,434482,434541,453316,441951,439343,434585,434665,453179,442283,434577,453049,442161,434512,453348,442082,436839,451511,434638,453108,442280,451497,434853,453069,442166,451495,434878,449362,442219,451496,453342,442287,434529,453345,442242,434676,453074,442074,451537,434538,453347,453390,452845,451592,434854,453031,441920,451576,453032,442248,451595,434552,453338,442102,451508,434539,453314,442271,451617,434883,453185,441949,442275,451398,434557,453327,441901,451562,434503,450230,452859,451627,434637,453343,442264,451500,434527,453363,442226,451431,434650,453340,441907,451629,434861,453322,442172,451510,434563,453183,453311,442282,451612,453071,453378,442260,451603,453186,453332,442214,451517,453041,453333,442259,436725,451618,453178,453421,441912,451535,434591,453385,453401,442192,451631,453329,453407,441916,451600,453072,453308,441904,442118,451527,453355,449364,439320,451598,453111,442158,439317,451536,434544,453395,442156,451439,453406,452863,451601,453336,442151,451557,453358,442207,451540,453354,441911,451518,453341,442130,451435,453394,442131,434450,451611,436888,453324,442253,451605,451623,436885,452464,453350,442088,451388,451507,436884,452465,452029,452494,442690,440444,453312,442227,451578,442858,440492,436894,452411,451656,452542,441074,439676,453068,442089,451532,442859,440491,436879,452397,451910,452501,440784,439674,442199,439321,451424,450619,439945,436882,452460,451822,452493,440779,439658,441525,453075,452846,451480,442877,440494,436883,452430,451921,442675,440309,442933,453181,452853,451625,442907,439973,436880,452431,451782,452587,440669,440442,436634,453357,442164,451419,441201,440483,436887,452429,451858,452502,439382,440302,450215,453412,442261,451513,439450,439325,436893,452384,451894,452500,442580,453369,442184,451542,441202,439324,436889,452421,451823,452498,440904,440467,436630,453187,442229,451434,442780,440489,436892,452457,451729,452503,442715,440429,441537,453396,442050,451442,439454,439962,436881,452371,451780,452504,441064,440379,442913,453313,442281,439345,451613,450225,439959,436891,452376,451985,452509,440644,439740,441526,453306,441929,439346,451472,442911,439975,436877,452355,452035,452517,441089,439650,453309,441938,451550,439977,436878,452369,452325,452499,436660,440284,442922,453399,442108,451395,439455,439948,436904,452399,452091,452512,440729,439707,439299,436738,453070,441941,436478,442892,436943,452426,451654,452523,440689,440365,441532,441138,453422,442057,436719,451486,442873,439953,436920,452427,451655,452524,442700,439724,441540,442844,453377,441902,451573,439452,439968,436901,452428,451652,452520,440724,439749,441536,441166,453376,442091,442889,436764,436924,452422,452013,452505,436645,440275,439300,441158,453319,441955,451607,442871,440486,436905,452382,451888,452531,440949,440398,442931,441154,453321,442270,451622,434889,442897,439965,436908,452393,451898,452577,440749,440406,440141,442850,453110,442168,451522,434886,442914,439956,436921,452461,451645,452511,440769,440449,441528,442816,453405,442100,451501,451628,434645,439451,439955,436928,452405,451914,452496,442655,440397,439301,442813,453379,442220,451440,451638,434584,442874,439972,436926,452404,451939,452497,442630,440328,442837,453417,442049,439318,434572,442903,436609,436895,452363,451643,440849,440274,441524,441170,453362,442058,434506,442864,440493,436915,452433,451658,452506,442680,439665,442917,441146,453410,442051,442237,451577,434501,439453,439976,436897,452352,452551,436665,439640,441527,442833,453360,441915,451626,434484,442905,439969,436919,452473,452544,440584,440464,442915,442826,453372,453386,442268,451575,434866,442872,439949,436918,452456,451666,452514,440884,439639,450591,442841,453349,442153,451498,434862,442885,439961,436917,452357,452548,440774,439702,442926,441200,453419,442206,451559,434658,434887,442868,439966,436916,452391,452528,440559,439746,442923,436604,453416,452851,451632,434666,439456,439950,436927,452361,451753,452570,440554,439690,453366,442070,451524,434651,442879,439942,436922,452446,452573,440649,439666,436194,453365,442059,451606,434654,442860,440487,436912,452471,452556,440899,439689,442848,453375,442096,451637,434495,442884,439957,436902,452410,451710,452593,441059,440433,442918,441162,453307,442286,451506,434534,442908,439952,436896,452398,452412,451698,452549,440509,440276,442830,442204,451546,434874,442909,439978,436909,452440,451694,452522,442575,439683,442919,436605,442066,451523,434595,442865,439954,436906,452383,452425,451670,451699,452546,442615,439750,441539,438694,453389,442053,451596,434562,442861,439974,436923,452381,451669,452515,440824,439752,441542,436418,442849,453388,452852,451504,434888,442891,440490,436903,452444,451697,452495,440574,439754,441531,441150,453346,442216,451581,434863,442893,439943,436900,452417,451672,451708,452507,440804,440325,441534,442815,453411,442080,451423,434857,442899,439971,436925,452394,451671,451949,452521,442605,440385,441523,441185,453180,442234,439347,451502,434498,442888,439979,441196,436913,452358,451725,452545,442685,440329,442924,436336,453404,442238,451446,434655,442882,437046,442904,436907,452370,451691,452017,452529,440954,439776,442928,441174,453351,441891,442150,451433,434502,439960,442906,436911,452415,451688,451732,452519,442595,440350,436484,436596,453398,441928,442067,451526,434524,434850,442867,439941,436978,452377,451733,452575,442640,440400,449512,436735,453315,442277,451421,434487,434523,442881,439944,440041,436898,452401,451746,452543,439748,442921,449511,441178,453383,441933,451621,434518,434673,442894,439964,440040,436890,436899,452380,451726,453520,452554,440929,439642,449354,436597,453391,442289,451568,434520,434570,442875,439946,436338]}"}},"response":{"raw":"HTTP/3 201 Created\r\ndate: Tue, 24 Mar 2026 07:16:02 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 51\r\nserver: cloudflare\r\nx-powered-by: Express\r\naccess-control-allow-origin: https://dewanusa.rest\r\nvary: Origin, Accept-Encoding\r\netag: W/\"33-uGYhynmT1l+UCD9jowOEpOtB/f0\"\r\ncontent-security-policy: frame-ancestors *;\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=akxTuUts7HKEZyX3fCrgD2YNgUm7HnHNsuXbvPJ64XHR0E99IJuedCm8h6nh8l2gYH6eC8NiejV8VKDZlVlKCtXEhOcaq%2FGWM8A9%2FF8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e35acc6349c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"201","status_text":"Created","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":51,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"ea7a3c91f07b580ab37644d0cae534c0","sha1":"b86621ca7993d65f94083f63a30384a4eb41fdfd","sha256":"1ccde6cc68769bf4cf3ac2515b518b4abc5c7ca030019c6b732890b9327f69c1","sha512":"55b1ef3dacfaf946585e21affe945551a898fff92255d913dc71eefad22c752d74ada08084a5a7d9b3b936c9ad01b36ff531517404b281b9cb33026b6072f2e5","ssdeep":"","tlshash":"5f90020119117ed60a01014674019d8950c130855140541b566d6019cb9c96a7452621","first_seen":"2026-03-23T15:44:44.490279Z","last_seen":"2026-03-26T08:43:48.779112Z","times_seen":5,"resource_available":false,"data":null}},"time_used":272,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":272,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2FPP%2Fgatesofolympussuperscatter.png\u0026w=640\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:02.652Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2FPP%2Fgatesofolympussuperscatter.png\u0026w=640\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:16:02 GMT\r\ncontent-type: image/webp\r\ncontent-length: 13226\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=1209600, must-revalidate\r\netag: 1Wj72A2hTD8K0dWA9TXV82G9elJasSIpUnxp7eekh7E\r\ncontent-disposition: attachment; filename=\"gatesofolympussuperscatter.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HsAcu9TCuYEJuNH%2BDwEkU%2FaNI0rG6rcyqZTpNN5hK%2B7vf826EM4W0z9Fx3jV7W7yekG6tU%2BOSIUJbeXOVY6D5WEBBnvsbxs69abJkJI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e35c8c9c49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13226,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 300x200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"b98e15acbad4c6972529b2ebfeda32e9","sha1":"92f2522a2c291b1374aafdafa2977bb5a415d663","sha256":"d568fbd80da14c3f0ad1d580f535d5f361bd7a525ab12229527c69ede7a487b1","sha512":"61ca4cdab5e424307140b8d3fa3a312a8432793294b479b10d0ceff934c16207dd01ae073d896ec261305151c740ed0aae5e7153e711d0f92dec4c93f4c4132c","ssdeep":"384:8gZ8IhIExownajrJaU1ulcQNLfTEf1To7/zbI7e6nTBL8LeWD7w83:8UIOaHJaculcoWy/43YLoU","tlshash":"a652d092aa60d0b9898fe68d7334e6a485040fe8c408fe20ff877987d77c57192d1e70","first_seen":"2025-08-27T21:04:42.506094Z","last_seen":"2026-03-24T07:16:47.191316Z","times_seen":4,"resource_available":false,"data":null}},"time_used":238,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":237,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/5239-b24dd7149d741c56.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.829Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/chunks/5239-b24dd7149d741c56.js HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"3792-19d0b6cc918\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MHYEszM5BVTds2tdv64tac8QqM5K7j9IIxjhEMgKj8Tn4zdkOcEJIviVuW1hymHNcjrvVE9bxLUHvOI7C8xAGltE4yw2589vHeVis0w%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e33e189949c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14226,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (14226), with no line terminators","md5":"24ffdff582fac1bdd8b78863dfd9407d","sha1":"3d0f974d40796861b8ae1de7cf57d6a7ad703114","sha256":"60fc951da3b5d4e0590a75e5ee728e1590ff1345d76b70c3b90a07283b0b710d","sha512":"b2163a0dc170339066493b68e0914480d7e52a6cd8fbacbce64326ee330aede0fd04d631001a0254e49267fb75ed66ab0394983a544376bc2aeebabfe6917cc5","ssdeep":"192:fiRFVYEC4Bg4zKjOoGuP8wAjLIaWA3L2BVUwroOmMV7uD8avnswa+d8Xb+JN:CI4q4gOoh8PUaW6cVFqND5swZWXbC","tlshash":"325219723695fce6239bc0d5d43f000af3755d71762ab08873ea88d9e9e4584b0a2f76","first_seen":"2025-09-20T22:56:48.515572Z","last_seen":"2026-06-12T21:32:28.690993Z","times_seen":115,"resource_available":true,"data":null}},"time_used":1060,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1060,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/app/loading-283d6049c6462cb3.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.842Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/chunks/app/loading-283d6049c6462cb3.js HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"2601-19d0b6cc915\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RytKfP0hrZrFpUzn3CMPLRCrrDzzbPN2qUXpnzxtp1GOGTWSI1SbPZ59tzicpdwzgHZZhY5EDSGGYEm9tS%2FvPSpbP7%2FXaGqfC37QV8M%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e33e28a249c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9729,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (9729), with no line terminators","md5":"e42255a6ffc1ef644fee177ae658d9f4","sha1":"a4c7ab46e12a1bcb21da60c79eaabeb27885f027","sha256":"ca666a8ded373a83e94751c9b38e7caea3d79cc41d5eb9becd2f4173b5dac5a1","sha512":"78316e3fb0ff16d8d62567cf7b6f53155ec1e200f8b03b5c95580afe2966f14065a31b525a9f3c4fca0a2132d1442677cfcf00f0d1d154148fe6bb28e34e808a","ssdeep":"192:s8KhKfaOSOvxzQYHM51Qn3q9jIde8R8xOpCIFDPu/0LaSk6:sWTHM5I69jNWphu/0LaSD","tlshash":"f712e9cdb682fc3a576352a1c2bf1102f31e18005e1d6914f2b6dc782656dae6239fb9","first_seen":"2026-03-23T15:44:44.502288Z","last_seen":"2026-03-26T08:43:48.724521Z","times_seen":5,"resource_available":true,"data":null}},"time_used":904,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":904,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/1419-a731b1653862e5f8.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.849Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/chunks/1419-a731b1653862e5f8.js HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"3540-19d0b6cc919\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lPnD%2BRykDSxhufOcQaFMkGIqrkEPwBs0hQvra4HfuSoZd%2FdRbmPNw33L74B4q0rAL5qB1WSufBaiTNDI4yAlvsuojXdS0QTsyvR419I%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e33e38ae49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13632,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (13632), with no line terminators","md5":"2e08ec9625c275818ae651494a5d1476","sha1":"40904fec8f5f8bd76b824e58520386650e7d7fec","sha256":"64cbfc21fb5ef7c155e3c62f94fb1915b3ffd9d4bf1934303570dd33cf123116","sha512":"1ee5c97740c596e6d3606508261cfcbaf8a3995d003f87da71d729543ab4ef7637c72988585b7c8604171ffc116e8cada133c0d4f771be5acd63cea5e8a2fe0b","ssdeep":"192:dja4Qg91/Z5rgNSHyFG0TfDybrcmRqVypDMa5MZPCTRhYGwdwwUbN7JIttoU0taL:FaM1/Z4rGWL2cRVypTreErIttzDL","tlshash":"3a52e8701ae17d8bb967ecd8e087c00f22c7915b602e1e1ed93de95915c2404bfe975e","first_seen":"2026-03-23T15:44:44.476997Z","last_seen":"2026-03-26T08:43:48.704987Z","times_seen":5,"resource_available":true,"data":null}},"time_used":895,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":895,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fimages%2Fui%2Fproviders%2Flogo%2Fvp.webp\u0026w=256\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:59.161Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fimages%2Fui%2Fproviders%2Flogo%2Fvp.webp\u0026w=256\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1794\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=60, must-revalidate\r\netag: tBbDh4uzfHdEknqEPyxHVjlLdrYZ6cdpA0MpbuxM13I\r\ncontent-disposition: attachment; filename=\"vp.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: STALE\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vr6VDT1563gVVYs8gyW%2F3DJz5%2BMrmMBKOng2F4sBcTdTQ1EgvF5viqpi9iTeGUc%2F7tHeWncVyBcCiLaOWsNit5GNgIMzUWGhX%2B4GSjE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e346b9cd49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1794,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"4ae31ee0fcdc048f8a32757af6df97db","sha1":"27a95bdb1e3c675205cd9ee99faea8a50a90e360","sha256":"b416c3878bb37c7744927a843f2c4756394b76b619e9c7690343296eec4cd772","sha512":"52ec3533ed22d6e53f71ab74edd2fbbbb7fa8c3e7b3a2f00a3108cf33ca2bc0e657af3e2a9e80cfbbaac84ce00c4c6d32b3955266fc27f96d9e35346af1dc3bc","ssdeep":"","tlshash":"50310b9da327e603b16dc7e5fbe146f541b28551bc3654c4e17e36b0e1193228e72690","first_seen":"2025-07-23T13:52:55.515961Z","last_seen":"2026-03-24T07:16:47.12768Z","times_seen":4,"resource_available":false,"data":null}},"time_used":257,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":255,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/favicon.ico","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:00.565Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T17:33:37.826371Z","times_seen":16391923,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure.livechatinc.com/customer/action/open_chat?license_id=17809494\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=b8f4f49c-d724-4914-a885-4e5a1e71f678\u0026use_parent_storage=1\u0026x-region=us-south1","fqdn":"secure.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"2.22.225.83","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:01.510Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /customer/action/open_chat?license_id=17809494\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=b8f4f49c-d724-4914-a885-4e5a1e71f678\u0026use_parent_storage=1\u0026x-region=us-south1 HTTP/1.1\r\nHost: secure.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/html; charset=utf-8\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\ncontent-length: 758\r\ndate: Tue, 24 Mar 2026 07:16:01 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1776,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (1776), with no line terminators","md5":"f8cc732a8204a4b03d274e16f23e8e12","sha1":"8a2219478f27623f539b5a89e0325225c026b2c6","sha256":"fd8d111297b1b658c8a6d8177208f2f5fec51b1538ec502a3688278345d93136","sha512":"44db6da16ce7945a0f2f76edd9517b20d76d9496978349f0f4b842dc94f44e5f5d52be0325ce9a141b3902a9c821717e1333bd8b1ef96ec94f83cb567fd390c1","ssdeep":"","tlshash":"a7314373a600c91d7174c221fd8bb08e895d534e8644acf2b19412fe0ad1ed58173e29","first_seen":"2026-03-20T13:10:16.680685Z","last_seen":"2026-03-24T07:16:47.200323Z","times_seen":223,"resource_available":false,"data":null}},"time_used":471,"timings":{"blocked":39,"dns":0,"connect":0,"send":0,"wait":432,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.files-text.com/api/accounts/avatars/b8f4f49c-d724-4914-a885-4e5a1e71f678/c951e33a-4ab5-49a1-b9f1-09e98a47a80f/df1fa257-6f00-4911-9a55-a0b51552fee7.jpeg","fqdn":"cdn.files-text.com","domain":"files-text.com","tld":"com"},"ip":{"addr":"2.22.225.83","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=17809494\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=b8f4f49c-d724-4914-a885-4e5a1e71f678\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2026-03-24T07:16:14.216Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /api/accounts/avatars/b8f4f49c-d724-4914-a885-4e5a1e71f678/c951e33a-4ab5-49a1-b9f1-09e98a47a80f/df1fa257-6f00-4911-9a55-a0b51552fee7.jpeg HTTP/1.1\r\nHost: cdn.files-text.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.livechatinc.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 75129\r\ncontent-type: image/jpeg\r\ndate: Tue, 24 Mar 2026 07:16:14 GMT\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":75129,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 768x1024, components 3","md5":"565b0fc76dcb400f5b3f962c217704df","sha1":"bda68521d1da0fe4c7592254265e3cfba53e529f","sha256":"0e07013662c458df08355a831b1947fcb041b22f031b2054a25b9d84f257d8ae","sha512":"adeae12297959fb5cbcbd32a1547ad80b57fcabe66d8a2d2b341e2a7060f4298b333f904963085203b588f2e26834a1efdaec03b4068ada32e03302aaacad7f6","ssdeep":"1536:LZSfZlAD2V/JXg6Et8A7w6Y4qV7CuCz3yPTM3PVo6dA/X5/Wpp:NSbNV+V3TXg7Cb4Y/mL/J+v","tlshash":"e2730242e4250e1676f72d5de31ed0a20e03eab32f507aa41645e06d8f04e76b7de9c6","first_seen":"2026-03-23T15:44:44.485974Z","last_seen":"2026-03-26T08:43:48.706393Z","times_seen":5,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":18,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/531-1c355ace24eaed22.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.817Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/chunks/531-1c355ace24eaed22.js HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"40cc-19d0b6cc917\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lK5Talr0xycquk4KGwfYU5KXRAqHHWwSvkDSf%2BJOseQCKXAPBY8MaJk1OF9jmXBJWYUTll4%2BmGaTqMq13P2TGnsRqt3udn50463R%2BF8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e33e088a49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16588,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (16588), with no line terminators","md5":"583ae2704f651d4e3eb375bc8d227e2c","sha1":"fc3842f8ee5d1caef0b7b7405aedeeefa318eeea","sha256":"6857b35537b56f58c47514be3f92ccdff2485fc79bfb47fca2149e727b910316","sha512":"77cd5b125754d3e0c0c2e7647adc0fc0778dde7153993068cedba2c80722baa5f3dcd9b4e76035181e370428be8fa1bffd2087510d25ab58256809abed45c76b","ssdeep":"384:KTMMTptRCIMjJKq71/5w4fFtwXSKrNzQU7bcgkiTkToTH3Cs:8zTzyNYi1U7bcS62l","tlshash":"9072fac1b051b4f4dbf741d191ff400aa33a3e486d2e8218b1b9ac972a516ec7257fb6","first_seen":"2026-03-23T15:44:44.52676Z","last_seen":"2026-03-26T08:43:48.634215Z","times_seen":5,"resource_available":true,"data":null}},"time_used":875,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":875,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fimages%2Fui%2Fproviders%2Flogo%2Frtg.webp\u0026w=256\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:59.152Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fimages%2Fui%2Fproviders%2Flogo%2Frtg.webp\u0026w=256\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1510\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=60, must-revalidate\r\netag: X6ZKe1-aXiP8fDl2gae1SonPBFat-jsljrJnIWzqTbY\r\ncontent-disposition: attachment; filename=\"rtg.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: STALE\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2F5DbwTjQ8FKtdyjHAMZPV6V5d1SrYTMSRcREavSunKS78ek%2FnkAR%2FwKg0m1MCP3DfWhMdt2qsIzfv525kc6ebJBbCulgfSsabKEwby8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e346a9c349c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1510,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"b1cc92c84cb2327d5c073baaf388ea1e","sha1":"ccf9f58a53d8a3a7c86c2ea89df584ca40639418","sha256":"5fa64a7b5f9a5e23fc7c397681a7b54a89cf0456adfa3b258eb267216cea4db6","sha512":"7989f62ad6c309442d783f845f53ffb6d576054b0389996decd3e77758e27004c13aa7bb27fad2ac1121bfc9c6fbec27d768d94886f16741cb2c9fc94628585e","ssdeep":"","tlshash":"5531e97cd7e50e9791311677696e36c1f566478ec6c58e3b0aa84cfd07169ac4336c08","first_seen":"2026-03-23T16:13:32.344002Z","last_seen":"2026-03-24T07:16:47.137309Z","times_seen":3,"resource_available":false,"data":null}},"time_used":261,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":261,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2Fmga%2Fluckytwinswild.png\u0026w=640\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:01.138Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2Fmga%2Fluckytwinswild.png\u0026w=640\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:16:01 GMT\r\ncontent-type: image/webp\r\ncontent-length: 16494\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=1209600, must-revalidate\r\netag: ubuGEviUWuEMnwyQcPupUWTtEU8G0QGfOZrj5fe8s8w\r\ncontent-disposition: attachment; filename=\"luckytwinswild.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4eVQ8FBEomfiKHV%2FG317%2BrCgHQxj9O2vqD95DUQge3WRVYg%2FXXHOBW3RhmHQuVKobWCvLWxjnrDNq30bQriqREm29%2FUqqum91XT9d20%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e3530b4d49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16494,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 300x200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"605d7145df4bb6d45ca924cdd959d6ac","sha1":"2fd4fa667738d5f6d614bc5b4d139c5f7d6da570","sha256":"b9bb8612f8945ae10c9f0c9070fba95164ed114f06d1019f399ae3e5f7bcb3cc","sha512":"ebb8fd685203341cd479b57d01fcabc38f7a1ede6e6ed446d5e240d7f46773692072caa8eac8fa10c8eb8c4a317456c3c5564cf9ac76a2c7cec589d89b16d462","ssdeep":"384:rI5fHGMm0ho3eZBONKE26/IubjMznXw3gz:8fGMxhouZBOp26/IubjMznGO","tlshash":"0c72d02fa8002735a754e4420027bb695f265ecb346db16604b8d6c1ec7ceb8fa77187","first_seen":"2025-07-08T04:46:21.929659Z","last_seen":"2026-03-24T07:16:47.114562Z","times_seen":7,"resource_available":false,"data":null}},"time_used":399,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":398,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"core-1333692039.cos.ap-hongkong.myqcloud.com/newsa/e2cb18be/images/ui/logo/favicon-znti7pse.png","fqdn":"core-1333692039.cos.ap-hongkong.myqcloud.com","domain":"myqcloud.com","tld":"com"},"ip":{"addr":"43.132.105.206","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:02.223Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.cos.ap-hongkong.myqcloud.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"GlobalSign Atlas R3 OV TLS CA 2026 Q1","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Mar 2026 07:35:01 GMT","end":"Fri, 02 Apr 2027 07:35:01 GMT"},"fingerprint":{"sha1":"F3:D7:6E:13:68:23:65:72:46:DD:C3:C6:C6:97:CA:F3:1A:2A:BF:E0","sha256":"D3:73:DE:50:36:F6:35:C0:3E:DB:5A:B2:24:6D:88:10:98:AE:18:B5:11:83:30:89:69:94:CA:15:66:04:56:39"}}},"request":{"raw":"GET /newsa/e2cb18be/images/ui/logo/favicon-znti7pse.png HTTP/1.1\r\nHost: core-1333692039.cos.ap-hongkong.myqcloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/png\r\nContent-Length: 272769\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nContent-Disposition: attachment\r\nDate: Tue, 24 Mar 2026 07:16:02 GMT\r\nETag: \"95e45444dbd349f2798312e0075dba7e\"\r\nLast-Modified: Tue, 25 Nov 2025 10:26:34 GMT\r\nServer: tencent-cos\r\nVary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method\r\nx-cos-force-download: true\r\nx-cos-hash-crc64ecma: 10267694515464679544\r\nx-cos-request-id: NjljMjNhMzJfZjAzNDUxMGJfZjg1MV84YjA1ZWY5\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDQ5ODAwMDczMTUwODg4MzA\r\nx-cosindex-replication-status: Complete\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":272769,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 600 x 600, 8-bit/color RGBA, non-interlaced","md5":"95e45444dbd349f2798312e0075dba7e","sha1":"159114a1862c90e6f4038dfa7584401732b271a1","sha256":"f052861e8a7ac853a37f4f4317e0d15f890f8ec628f5bfc7f9132b5fd2856f1d","sha512":"eb74aaa87ef7d3fe7810108ed20ad30d3b524ee1b951c87832a24e0b45f7c47a46018392b8472cca330dbc8f45a5674e3ce741cc8010f8bf03c4bcb86d2f5490","ssdeep":"6144:2f6nPCc6P0tAZaLN2FaZIB8gkTqiXSF56ZhlkCTUjFgqZ+aHy:A6P/LNMB8gkTE5YlkCAKqZJS","tlshash":"6f44233e644294097aeb81ae7266f7c4adc32dd858c49d23b90ddd313b9185f70b1f82","first_seen":"2026-03-23T15:44:44.413611Z","last_seen":"2026-03-26T08:43:48.689937Z","times_seen":5,"resource_available":false,"data":null}},"time_used":620,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":322,"receive":298,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/6650-b0d7d93c3e72564d.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.838Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/chunks/6650-b0d7d93c3e72564d.js HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"1651-19d0b6cc919\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=40mnkvyAK%2FDQiJRT%2FONLDX27oikM%2B5p0Jh8fgEZ01F3jwIYDhUk0t3%2FBifN7Z8c2zsOX7tjejlYObBRDh2yEiBTe6fKBzd7Xq7f8gD0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e33e289f49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5713,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5713), with no line terminators","md5":"26024a4d3d0763c0396794c322778747","sha1":"7a19fffdf7f4aeed016566d4590ea6b8efbda1db","sha256":"387127cf5b423ca964e579ca4c2c0701b10fdc67061318884c2ad20600e5b47d","sha512":"5125e921fe6848457729b2031926886686b67750a7b376d7ff7cf9ef981d45b50a78e29f594d00c1a5b5a01a0e19af1ea7882bbe988a8a5fe365d7055f97dfa1","ssdeep":"96:NUpBA4lErV/Xh2WHhQZezubBHonrmzTAQ46aAfXptW7LGxLvJgU2B2fMy5CZwspV:NTV/1KZezYBHZzTAcaAR2GxLvJgfy5CH","tlshash":"e6c1d887e966a49bcf4d2c3d803b4f23e0a62a251d4ec49062f0d467167fe4d7560d79","first_seen":"2026-03-23T15:44:44.423661Z","last_seen":"2026-03-26T08:43:48.718821Z","times_seen":5,"resource_available":true,"data":null}},"time_used":969,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":969,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:01.068Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"POST / HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/x-component\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dewanusa.rest/\r\nnext-action: 002f3be31f2cc81e60598252d217798b8b82c44967\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 2\r\nOrigin: https://dewanusa.rest\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2,"data":"[]"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:16:01 GMT\r\ncontent-type: text/x-component\r\nserver: cloudflare\r\nx-current-path: /\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\nx-action-revalidated: [[],0,0]\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Mbefn4tgB5dzQmKZCGkXXvN1u2d%2B%2FufKjVm0cyybYIT3MA0%2FcF3te8RHBYgLvQB%2B7%2FpVuhE1RUUGiPEvcKGh5bfrgGi3hAaXqaljhAY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e352ab3a49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":81,"size_decoded":0,"mime_type":"text/x-component","magic":"ASCII text","md5":"a156a084c0f9d33ff4db238bf8b497bf","sha1":"2c7e4be80aa08c192df83376a0e30dbb504b08fd","sha256":"cfacd4e93b1e3b8ab64180bfd62539aec0a4527a34bfd611353d61e6d8e45c29","sha512":"ffbb78eb28b71f543e3939bdee1c1cfb1d14697d6f1bebe8de2711d60a06c534469d5ee5b9cae57703cd053cd3cc17bd3c9851a474a3726d48b709f78c1202b8","ssdeep":"","tlshash":"35a012014c5445d5c807a040209406040cdcf119e0c92014e889e400983d91432624b7","first_seen":"2026-03-23T15:44:44.412736Z","last_seen":"2026-03-26T08:43:48.647328Z","times_seen":5,"resource_available":false,"data":null}},"time_used":464,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":464,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.files-text.com/us-south1/api/lc/main/17809494/0/logo/07f36bdabe028edc371de15d56c89bd0.png","fqdn":"cdn.files-text.com","domain":"files-text.com","tld":"com"},"ip":{"addr":"2.22.225.83","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=17809494\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=b8f4f49c-d724-4914-a885-4e5a1e71f678\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2026-03-24T07:16:14.212Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /us-south1/api/lc/main/17809494/0/logo/07f36bdabe028edc371de15d56c89bd0.png HTTP/1.1\r\nHost: cdn.files-text.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.livechatinc.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 4359\r\ncontent-type: image/png\r\ndate: Tue, 24 Mar 2026 07:16:14 GMT\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4359,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 43, 8-bit colormap, non-interlaced","md5":"7eb5330701bb2a4c296052c79fb09004","sha1":"c0dd224f3aa411b5b06f1dfb7453c0b5d42e256e","sha256":"fe0850007ce1782b47ea7bff934d26d9a15f0e106e74ecdee6037a8e949ce51b","sha512":"763266f72d08f1d341c37f8af752d463634fa51826ddd28a005410c98dc5547b7657c4fcd9d95df466024280380d6b81f08bdd702b6d57028e023eba905f5704","ssdeep":"96:9n4XAqlBN5xS4JMNfMfuU3Oul/+D4uFpP+F9VQsB8r61LqxD4WoyB:xUAANXS4J2Q3Oud+Z3+Sfr61+xjoq","tlshash":"8b918d20bcae1521fad854ef49dd0612b56baff9a8de79202ec0b57a77b32d40d304d1","first_seen":"2026-03-23T15:44:44.500865Z","last_seen":"2026-03-26T08:43:48.689281Z","times_seen":5,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":16,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2Fmga%2Fluckytwinslinkwin.png\u0026w=640\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:01.183Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2Fmga%2Fluckytwinslinkwin.png\u0026w=640\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:16:01 GMT\r\ncontent-type: image/webp\r\ncontent-length: 14796\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=1209600, must-revalidate\r\netag: nrEAKa6v8lcb0Hm8C9WGYm9X4itRgM_0bj2sQ4k3OYU\r\ncontent-disposition: attachment; filename=\"luckytwinslinkwin.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=n0HNbuK7B2J5vuHBCVtXEen%2Fb%2FXDTBBHrye6kUeMjTjOkn7V1YM9b1eKGX9q%2FegXIu2m84NqXP1hsN58SkPilPvZER2UYwYr7vizWio%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e3534b5a49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14796,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 300x200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"8c7a142922bb695958303f053a5d0daa","sha1":"1b8969233d4c1a03fd8535a8a99e1420423e0341","sha256":"9eb10029aeaff2571bd079bc0bd586626f57e22b5180cff46e3dac4389373985","sha512":"9e38befd8bf1b5327281b3c38a756f4198a94c8afa14437b6a951eb52a99eafd1d85363fca4ced2680baa433c6fd5a0abf08092f1a1a7b4b02d6e3e0d3074f59","ssdeep":"384:MUXTtMRN9Ieqyrbt5tb07qR/crJtY/pOx2jem8/+UUGW:pjm7/Nbtv5rNema+U3W","tlshash":"6e62c0cfec5f596b00bb332ae759039232029580650df700587e7e85e61c299ad7293e","first_seen":"2025-07-08T04:46:21.94933Z","last_seen":"2026-03-24T07:16:47.200997Z","times_seen":7,"resource_available":false,"data":null}},"time_used":805,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":591,"receive":214,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.livechatinc.com/v3.6/customer/action/get_configuration?organization_id=b8f4f49c-d724-4914-a885-4e5a1e71f678\u0026version=714.0.1.38.141.37.1.1.3.1.3.17.2\u0026x-region=us-south1\u0026group_id=0\u0026jsonp=__lc_static_config","fqdn":"api.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"2.22.225.83","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:01.210Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /v3.6/customer/action/get_configuration?organization_id=b8f4f49c-d724-4914-a885-4e5a1e71f678\u0026version=714.0.1.38.141.37.1.1.3.1.3.17.2\u0026x-region=us-south1\u0026group_id=0\u0026jsonp=__lc_static_config HTTP/1.1\r\nHost: api.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\ncontent-length: 1779\r\ncache-control: public, max-age=600\r\nexpires: Tue, 24 Mar 2026 07:26:01 GMT\r\ndate: Tue, 24 Mar 2026 07:16:01 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5843,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (5843), with no line terminators","md5":"8be3793c8f1eb3282224f5881301fee9","sha1":"2fc7e4c413c9547557ad1087e574b0d597db9fc2","sha256":"a9bd4e24b9909d7305b23404a6e84c16fcaaa18b278fce5b8f77c0abb8dcf9f6","sha512":"5cff2a4502bd0f45a8fc868b0a4521ab432984241b210d36931d802c878c8670354d1b1b7ad982c7f48bec934037328686505f70f147468bd4df53f2f495c15f","ssdeep":"96:uQhUwhUmhUsXhUAdLlK/muZXyWfy9qePJDO/mmfZzyAU69nMcem/3PJvzLq:PGwGmGsXGAdeGt9qCUKK9nMcewxb2","tlshash":"a0c1312a835fc9bbb377d14e62dbbb0e3408517961f8593fe464c63061862c7d311eaa","first_seen":"2026-03-23T15:44:44.483818Z","last_seen":"2026-03-26T08:43:48.759943Z","times_seen":5,"resource_available":true,"data":null}},"time_used":281,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":280,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/3.DazHfinG.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=17809494\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=b8f4f49c-d724-4914-a885-4e5a1e71f678\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2026-03-24T07:16:02.092Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/3.DazHfinG.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AGQBYWxGr0FxCf0m4amwRLK06AvFOq7yq9s5A2fcf-8A8leb2XlENq6icXUzSZnxudDqPebIzcUrkPY\r\nlast-modified: Fri, 20 Mar 2026 11:49:45 GMT\r\netag: \"2d77a6aa353e00f553a63318304ed405\"\r\nx-goog-generation: 1774007385319142\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 546\r\nx-goog-hash: crc32c=k77Z4w==, md5=LXemqjU+APVTpjMYME7UBQ==\r\nx-goog-storage-class: STANDARD\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=31536000\r\nexpires: Wed, 24 Mar 2027 07:16:02 GMT\r\ndate: Tue, 24 Mar 2026 07:16:02 GMT\r\ncontent-length: 546\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":546,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (545)","md5":"2d77a6aa353e00f553a63318304ed405","sha1":"79829fe224284805c193a91d2fd444f246271fe0","sha256":"f068996cda742dd6fdb0e857c16b010966bf690480381465595e2b22935de2cb","sha512":"8a7fdf55c616c0d7f3f6d03d2196d7c4d82cb385c2dc73ba36ab9a08ac2f43cbee752de0e10302fda3277fa54813cad993b838b0ae98ac1f17e3d5001a67a228","ssdeep":"","tlshash":"fcf08bc53592f5ea02ab59c548379003f3298818b4baf580e614c5f12493057471ab27","first_seen":"2026-03-18T09:33:42.028688Z","last_seen":"2026-04-07T10:47:46.077135Z","times_seen":1372,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/media/55c20a7790588da9-s.p.woff2","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.796Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/media/55c20a7790588da9-s.p.woff2 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dewanusa.rest/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 13284\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"33e4-19d0b6cc914\"\r\ncontent-security-policy: frame-ancestors *;\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AW21ANpl%2FMGHIKWshl8x%2FsAsounsSlUO702ed4E0lArNQGRs8MvLFI7vAEiWJ9WDk9E0cjQuHpMIUNG62li%2F2HgRWqcStFfbryXPt84%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9e13e33de87a49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13284,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 13284, version 1.0","md5":"816d95a45d019ad06908231c9584ec03","sha1":"abf33faaf22fe33f64691f765896e18ea16c36dd","sha256":"5010c0df836d8c80e36d7fd2ef00de4d7b5b34d359c330489d8b1a695665a719","sha512":"139d5e429ee1e440897a5f549e9313c169a393b030eff8f92510f714f8ccbc478f064af38dd5a4bf5a30ed4ba5e0863553ddc793b28c59d0ae354771359582c6","ssdeep":"384:eXhuCRRKwUTGPMThd+ksSEgOU0fVoKrX8UsUeus:EhxRKwUTG0TVMgJ0fVLRqp","tlshash":"5752cf4078199138e6129c3259deeb5dfb1c8812f578a9c8e5235b74ec490c356ab29f","first_seen":"2023-06-16T12:59:25Z","last_seen":"2026-06-13T06:49:14.649384Z","times_seen":900,"resource_available":false,"data":null}},"time_used":1091,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":885,"receive":206,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/831-60bf24560e714f89.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.848Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/chunks/831-60bf24560e714f89.js HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"16781-19d0b6cc91a\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wdIL4NMx9FsA3tjg4X1BZaOYi1pDbTDT1s%2BeoArfm9zpB4hIvtztywBAN5VwcZZBGceYzZ5LbF%2BxUfR8aocsWM4e8rNsq%2FTJedTTaI8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e33e28a849c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":92033,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"9d6e46ba43b7611fa2ae52a5e87f88b1","sha1":"eeefa7168c12253e4884c2d8828b4bb9749b2147","sha256":"79a6c745e7e326c82901e3469a2a81abcfd7b00564b7bf2353810a51f910dd00","sha512":"b82c554ca414467316f85e46313a42a00cfd3a4cda145e79f969093b0ed7b9dfe42633e64334ff275a2e736fdb6e73fd62bef5a5efd895a0cf47db45ce49b9ff","ssdeep":"1536:krfAB8lnYhJRaKF+FsktCECSAgstHurzQTzl1rBuyfOabKAzG6O/bBcCl9gZDWIi:kbeDS3stYUTzlt6A4zBcClmJXSlh6B3y","tlshash":"2d932ad9b692f87597ab83c8c46f0545f22d0528251e486cf2eacce21459ec8e473fbd","first_seen":"2026-03-23T15:44:44.420145Z","last_seen":"2026-03-26T08:43:48.772134Z","times_seen":5,"resource_available":true,"data":null}},"time_used":1076,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":872,"receive":204,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fimages%2Fui%2Fproviders%2Flogo%2Fnlca.webp\u0026w=256\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:59.130Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fimages%2Fui%2Fproviders%2Flogo%2Fnlca.webp\u0026w=256\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1450\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=60, must-revalidate\r\netag: 3ARDJT4FD50BzaaKTgBwziGwylh_KJxYEgirGQPG5bU\r\ncontent-disposition: attachment; filename=\"nlca.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: STALE\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=O2kvLH8h0EsyLo5DDXaSszs%2BxdI95z3mCl4JBtDlwuwG%2F1Gq8c7sx6WI8boqdNz2ITUaWtYa5bHAfZh3tQGkY5x9NEXYePf4xm1yOkY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e34669ba49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1450,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"14827c6e1494c4f44a24522e4c5861ff","sha1":"d22189329d8dcc297bc80ad9b7029040ec620f13","sha256":"dc0443253e050f9d01cda68a4e0070ce21b0ca587f289c581208ab1903c6e5b5","sha512":"752a5c217ccad2cee134d5195551a4d59d09b1db4cda0626ffff585f86953ef11dfa04e344318861517cbf2085fbcec0b11a6056419a349983edbace23b68cc2","ssdeep":"","tlshash":"5431c775cd9758b8c81b8f213f73326bb316a18d9e0d05a1eb45a4c78986c686c23470","first_seen":"2025-07-23T13:52:55.542202Z","last_seen":"2026-03-26T08:43:48.676609Z","times_seen":6,"resource_available":false,"data":null}},"time_used":250,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":249,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fimages%2Fui%2Fproviders%2Flogo%2Fbtga.webp\u0026w=256\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:59.133Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fimages%2Fui%2Fproviders%2Flogo%2Fbtga.webp\u0026w=256\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1450\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=60, must-revalidate\r\netag: 7V07w26PpOzywgMpWJZgR9B_8Ybbpjky4URca1qWbmI\r\ncontent-disposition: attachment; filename=\"btga.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: STALE\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4y6CvoW6cOiud2es1XgJK29E1xyWBthdwuzAajJMyS1L7aM3dBJBdlFAmI3xC2PDulDsd87PmBGTY9xpAMihpjhinK2nEjhg2KwR4W4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e34669bc49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1450,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"12434d0c6689fbfd382cdbdcc92402c5","sha1":"cdaa90c0fff27b77dc3d0049c1d8f365c93fe83b","sha256":"ed5d3bc36e8fa4ecf2c2032958966047d07ff186dba63932e1445c6b5a966e62","sha512":"37d4e406adf8b694855c30c78b65fddd026ea2e61af772ae55e712049e5993df2c275f6bc433ae19e52416a76f54149ee8033d2a9ae1e5ffec3c87fa48147830","ssdeep":"","tlshash":"e931e9a806b4084ef42fd773a2ccf79296636305445471a8d105ad690757e046ba3431","first_seen":"2025-07-23T13:52:55.475037Z","last_seen":"2026-03-26T08:43:48.673708Z","times_seen":6,"resource_available":false,"data":null}},"time_used":423,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":423,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fimages%2Fui%2Fproviders%2Flogo%2Fbelatra.webp\u0026w=256\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:59.160Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcore-1333692039.cos.ap-hongkong.myqcloud.com%2Fimages%2Fui%2Fproviders%2Flogo%2Fbelatra.webp\u0026w=256\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 4752\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=60, must-revalidate\r\netag: 7Ahl23aNA_5cv30Fne2G_FPpjFJL-Z5HtJCm0AVVRvM\r\ncontent-disposition: attachment; filename=\"belatra.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: STALE\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PulO6Isze%2FzmqTO1Lo87Ux%2BY%2Bj9LiQfbjIwwjfy%2FnRP3w98VHm1JkhFgBG30CgcrVQMcfdXwi1lG5bPQfn3lO00mhyDhVx46CBT3uD4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e346b9cc49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4752,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"c49829bf90b6c9f9c5b2cd97f1ddb47d","sha1":"0af1f87a697a1eb3a70ad54aaee1f51ed43b233e","sha256":"ec0865db768d03fe5cbf7d059ded86fc53e98c524bf99e47b490a6d0055546f3","sha512":"8a5c4d12d2934c4624a9c58dd381f5cb07962c4bfcac60734b79cc05f9eb83f90fa1286dfdbbfde3b6e340fae70315d894cd5d1e72b195b30a047f99d243b400","ssdeep":"96:fTQim5lghAhFdkW2DGoWkP7OIsVW/E1ThuQMt83UIKym:LXm5lghAh7WDQZIsUE1TbMyhK","tlshash":"e2a15c474a06c36e59bf3ef20853e8252d1b76de21474468e912de0357445e98f8f85d","first_seen":"2025-07-23T13:52:55.32063Z","last_seen":"2026-03-24T07:16:47.251095Z","times_seen":4,"resource_available":false,"data":null}},"time_used":418,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":340,"receive":78,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/api/mastergame/filter","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:01.065Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"POST /api/mastergame/filter HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dewanusa.rest/\r\nContent-Type: application/json\r\nx-client-ipx: 0.0.0.0\r\nContent-Length: 2\r\nOrigin: https://dewanusa.rest\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2,"data":"{}"}},"response":{"raw":"HTTP/3 201 Created\r\ndate: Tue, 24 Mar 2026 07:16:02 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nx-powered-by: Express\r\naccess-control-allow-origin: https://dewanusa.rest\r\nvary: Origin, Accept-Encoding\r\netag: W/\"e4933-e7gz2MrDlRFhB/PTFP/b+0J5pV0\"\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=F4xrprvOghuP5fukF%2B3QDHe2%2FXHD%2B8RrYZMK%2BZPLCOygnGhEQVkgN7BffTPTvKK8ditPtALl4zLW1sjbkMeY70KHHJGjZzlpa32jmII%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e3529b3849c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"201","status_text":"Created","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":936243,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"5f7f3af8d3b6d2aa9729ad0786ce03e8","sha1":"a7c7ff57c23f13fa629e664ec7b15363a6fbabb5","sha256":"c767fa389a206544d574ac29b4aea9e42a9ecd2f776a47ebd24101bfc3732d6e","sha512":"8d6972176ae80a59e6ec7318317d1c76f140d60f9d43974593b6e46594685506595c56bd7c0d037f9227851ed9e1c4729fcdd7a022218021a2e464483a1e963d","ssdeep":"6144:pde0bKPHbqwuyqm7ixnxJ3SuwNIgYnntDAJUDSywn1qrouRbPIyJx4S/nWbw+QN0:d27xfYez","tlshash":"4415367a9d18bfaec75908532c9f3e53e1ac91471d880d74e39a4f2581fff790a26209","first_seen":"2026-03-23T15:44:44.489384Z","last_seen":"2026-03-24T07:16:35.235727Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1134,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1131,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2Fmga%2Falmightyzeusempire.png\u0026w=640\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:01.173Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2Fmga%2Falmightyzeusempire.png\u0026w=640\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:16:01 GMT\r\ncontent-type: image/webp\r\ncontent-length: 14050\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=1209600, must-revalidate\r\netag: OHqJ2PkYUdE6uwn5Tj4CZYotyhT_Sf07xeIzaDLaSDQ\r\ncontent-disposition: attachment; filename=\"almightyzeusempire.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ybpadAISTrWvYTwkRV%2F9f31x1pud7UZHcSu0%2BSEvxACNEDyWAjv4pdv2HKcnpycip0sEhO6aPIVHMIEUDjLSoHB68rF6odIiZYGex%2Fo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e3533b5549c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14050,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 300x200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"87a16bb36a8ed7e6db00611c761a65a4","sha1":"48790657f3754a9d3a512c4d9e8e27c248bb6a6f","sha256":"387a89d8f91851d13abb09f94e3e02658a2dca14ff49fd3bc5e2336832da4834","sha512":"1c4a505cbfa82f544d45e8c16867fcc8c9498eb83989c6a2b5663cfa78ba78cdeef4eded22141596d07fe4e5eeb7d251c245d18364abd195d69957a4729a1dbe","ssdeep":"384:5ZbSAjfRopG7WiCQUuzqlqCr8FfBCINuLf/4jhB:jbSAjpeGK3lq15CPwFB","tlshash":"9c52cf280aa7ee755ecfe9c3d68c4653f96686dc182dc7bf0419442611b41117aa7b13","first_seen":"2025-07-08T04:46:21.901628Z","last_seen":"2026-03-24T07:16:47.196093Z","times_seen":7,"resource_available":false,"data":null}},"time_used":813,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":598,"receive":215,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2Fmga%2Fgoldblitz.png\u0026w=640\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:01.179Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2Fmga%2Fgoldblitz.png\u0026w=640\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:16:01 GMT\r\ncontent-type: image/webp\r\ncontent-length: 13398\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=1209600, must-revalidate\r\netag: CDVTSZ5mkwnvSLeZybHgHNbpkAGlmRIb14tVDdYATgo\r\ncontent-disposition: attachment; filename=\"goldblitz.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2jMGIqshWumrL4Ngzy3AWyc4%2FS1IaLVp6pmSrWlvA4P8bhIx8b9jqUXfhBWGG1K%2FrdN5bA8M76oWj9pBkaxnIgbQl44GEth5Du1w0AU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e3533b5949c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13398,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 300x200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"d71da152f1401f31b3003849fec742fd","sha1":"0b9f1183eb5cf9c904b467a45533d2e7ef2b2d04","sha256":"083553499e669309ef48b799c9b1e01cd6e99001a599121bd78b550dd6004e0a","sha512":"ca91fe1587d5cefc1bdb8e1bba6818cd9ff09a3e1a14db3d386b5c5ce7c575794cdb8503837864743777076f93abd408c181e377b978f74e896d764a8a4019a0","ssdeep":"384:scSIeHr9VyAtWlbY6hM5DArqOHjH7wK+iqDZicKL/:vyZMAWlPJrZHjH73+tD43T","tlshash":"8952c079c754099be4847b1974f68ce08e884daf567c26dcf3f7a635e121c0ca9c026c","first_seen":"2025-07-08T04:46:21.959957Z","last_seen":"2026-03-24T07:16:47.214659Z","times_seen":7,"resource_available":false,"data":null}},"time_used":1028,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":594,"receive":434,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/static/chunks/7578-4507425450582a27.js","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:15:57.839Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/static/chunks/7578-4507425450582a27.js HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:15:58 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Fri, 20 Mar 2026 13:26:11 GMT\r\netag: W/\"1c89-19d0b6cc919\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UalDGkcwEuZCzXPEa4dIPbQ8swjvTjn%2BQKy9F1FFvW9fzUKPcqvOTXts%2BVJJMXoQGI%2BwGT8Otwd64DcdW%2FyPzpwmrkocr0PueRvzGZE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e33e28a049c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7305,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (7305), with no line terminators","md5":"eeab93b4025d2abd1d49ef6a95b5541b","sha1":"06e264903c38d96e19791ef54e9011092fe1b743","sha256":"a5aafda15423d305b79593bc0399fd6b72041fa3040fa127467b96826d97421b","sha512":"10b3614ff6fb68aae381a3327b3356415dc8ec70a75779c137a55a9c6436667df2338de0facd07232e7f6cd81ffb1741d6fe9c7dafc251a801ace98aed1be4e2","ssdeep":"192:TjJWjEQ8vRTrNvjJpSArUTSf5JAtpueT3bS4c:/JQ8p5vbrUAMtIe3K","tlshash":"03e1d7b9b5d8f68475e74dec24fb840ca15e092cc03a1a2dfbd564661296dd03827bec","first_seen":"2026-03-23T15:44:44.411706Z","last_seen":"2026-03-26T08:43:48.704247Z","times_seen":5,"resource_available":true,"data":null}},"time_used":924,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":923,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:01.540Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"POST / HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/x-component\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dewanusa.rest/\r\nnext-action: 002f3be31f2cc81e60598252d217798b8b82c44967\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 2\r\nOrigin: https://dewanusa.rest\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2,"data":"[]"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:16:02 GMT\r\ncontent-type: text/x-component\r\nserver: cloudflare\r\nx-current-path: /\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\nx-action-revalidated: [[],0,0]\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EXn2NUQkHciFMocEF%2B1VF1V9s0SCiKWBLLpdcs7KR0PLra6uk9HayNXcDcuiOmaofxvo8xrAiG5zmXpp9vPEykhxF4JuK4aBAHrXAzk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e355abab49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":81,"size_decoded":0,"mime_type":"text/x-component","magic":"ASCII text","md5":"a156a084c0f9d33ff4db238bf8b497bf","sha1":"2c7e4be80aa08c192df83376a0e30dbb504b08fd","sha256":"cfacd4e93b1e3b8ab64180bfd62539aec0a4527a34bfd611353d61e6d8e45c29","sha512":"ffbb78eb28b71f543e3939bdee1c1cfb1d14697d6f1bebe8de2711d60a06c534469d5ee5b9cae57703cd053cd3cc17bd3c9851a474a3726d48b709f78c1202b8","ssdeep":"","tlshash":"35a012014c5445d5c807a040209406040cdcf119e0c92014e889e400983d91432624b7","first_seen":"2026-03-23T15:44:44.412736Z","last_seen":"2026-03-26T08:43:48.647328Z","times_seen":5,"resource_available":false,"data":null}},"time_used":647,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":647,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2Fmga%2Ficepopparty.png\u0026w=640\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:01.196Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2Fmga%2Ficepopparty.png\u0026w=640\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:16:01 GMT\r\ncontent-type: image/webp\r\ncontent-length: 9392\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=1209600, must-revalidate\r\netag: tU95MGcaNEpzqmo3Di7Pj6b7f8J7LxoWmsA29NJmfr8\r\ncontent-disposition: attachment; filename=\"icepopparty.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=caj0Zp5RSe%2B7Jzcfz1nGbyrVv3NjjwUV14edmuaSdRL%2FvQngBZbPFlaCxL7i7dAyvhNZh2yVSoxM1sJMpY3TVOLVRhX3GkCyREny6Fg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e3535b6249c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9392,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 300x200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"35a249350ef485dbdedd683ceea486d8","sha1":"db228367d9686f4a3cc2401ce3563acd21436da0","sha256":"b54f7930671a344a73aa6a370e2ecf8fa6fb7fc27b2f1a169ac036f4d2667ebf","sha512":"f9df5b7f5b79d416fc42498950b4f6534020eb447199faea361b30e10fc023b57d1161f0d56ff7abed9dc5b71f94da5859ed392f994ed43a2a06ba721c4b37d1","ssdeep":"192:nGrBK9AAwWHI3skyUtXN1LvNYiVScD0JNLGep3+k:nKBKa0HbWXvTCiVSg0JNak3x","tlshash":"f112afb3ba40a2fdbc5fb5228583a1ca9dc947b58a5cd2033424e44ce50fcc6a353497","first_seen":"2025-07-08T04:46:21.925372Z","last_seen":"2026-03-24T07:16:47.197775Z","times_seen":7,"resource_available":false,"data":null}},"time_used":1015,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":575,"receive":440,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.livechatinc.com/widget/static/js/10.al-9NYxR.chunk.js","fqdn":"cdn.livechatinc.com","domain":"livechatinc.com","tld":"com"},"ip":{"addr":"23.36.77.241","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.livechatinc.com/customer/action/open_chat?license_id=17809494\u0026group=0\u0026embedded=1\u0026widget_version=3\u0026unique_groups=0\u0026organization_id=b8f4f49c-d724-4914-a885-4e5a1e71f678\u0026use_parent_storage=1\u0026x-region=us-south1","date":"2026-03-24T07:16:02.121Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"livechat.com","organization":"LIVECHAT, INC."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 11 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"66:A3:6F:A0:92:9E:A2:01:91:16:68:AA:27:A9:41:28:FC:25:27:68","sha256":"03:FC:5A:F6:F7:06:15:5B:0F:31:DB:6C:4E:D7:E4:1B:69:80:1F:C3:5A:E3:85:5A:FF:8D:22:81:92:ED:25:2F"}}},"request":{"raw":"GET /widget/static/js/10.al-9NYxR.chunk.js HTTP/1.1\r\nHost: cdn.livechatinc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.livechatinc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.livechatinc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AGQBYWxAkOaMX5pFawYqyP-fWPh4eC_7OiatlvJUNxUSPwE5Bl-LfAPPCr27PyO0FDEBummFjpCBcOL-hF7U9g\r\nlast-modified: Fri, 20 Mar 2026 11:49:45 GMT\r\netag: \"4a073c5805819d74eabd3e843372d502\"\r\nx-goog-generation: 1774007385360759\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 236\r\nx-goog-hash: crc32c=6eM7Vg==, md5=Sgc8WAWBnXTqvT6EM3LVAg==\r\nx-goog-storage-class: STANDARD\r\naccess-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=31536000\r\nexpires: Wed, 24 Mar 2027 07:16:02 GMT\r\ndate: Tue, 24 Mar 2026 07:16:02 GMT\r\ncontent-length: 236\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":236,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"4a073c5805819d74eabd3e843372d502","sha1":"cb12e953dbee2d3ea08d35d86bcd2476a490bda9","sha256":"0cb3247cac5de8fcdfb226ebe2dc4960b6ed473966359f73ca13ca286309122b","sha512":"036da8fb3959ebbef26b546019535a9edb7a99227a28252878247a756d3a7ea693f48e9ffdaf5886faa7fb2cbe56292bbf9552db5dd1d26e6574d8034ee183ba","ssdeep":"","tlshash":"ebd0a78cb643b0b16276b138853f801fb035e984a44404f0d13ad9c03d7c1a97597c5d","first_seen":"2025-11-04T08:39:27.95245Z","last_seen":"2026-06-13T16:26:54.612847Z","times_seen":16307,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:02.621Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"POST / HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/x-component\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dewanusa.rest/\r\nnext-action: 0055791b669a415f6c07eb35e0044b31043ccbb6bd\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 2\r\nOrigin: https://dewanusa.rest\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2,"data":"[]"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:16:02 GMT\r\ncontent-type: text/x-component\r\nserver: cloudflare\r\nx-current-path: /\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\nx-action-revalidated: [[],0,0]\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors *;\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=B1Vv50BmhMZDVFhiaNtVNRTHr%2BSbzlnUr2%2F8qlfgrX9E3OGhaltHQSjReMma9hoQfgGCtoAXA1Jbxas%2Bb0TlP7Z5dizITGMjtG6N41Q%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e13e35c6c9649c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":89,"size_decoded":0,"mime_type":"text/x-component","magic":"ASCII text","md5":"ba63380d0f6fa005c5ecd5092df10085","sha1":"6a5e7c0e1cb315a42aaaa2bf19fae1314eb313ac","sha256":"ff0433912b2fd34bf0770d123312689409abc625bab0ae1b10f6f1f1f2e533ca","sha512":"ede1cbe0e4fe88f0381f34440d214f11f72c79c3a658f59e802c374af6a312e5184b4db0063c5e2fd8825be28f18c2d7cba4d7cd05a4fe4c4597bebd867c00cd","ssdeep":"","tlshash":"c2b01210dd495bf488170640248001040ecef015b0cf3c109582d920107fe14a1259a7","first_seen":"2026-03-24T07:16:35.242388Z","last_seen":"2026-03-24T07:16:47.255927Z","times_seen":2,"resource_available":false,"data":null}},"time_used":251,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":251,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2FPP%2Fmahjongwinssuperscatter.png\u0026w=640\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:02.655Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2FPP%2Fmahjongwinssuperscatter.png\u0026w=640\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:16:02 GMT\r\ncontent-type: image/webp\r\ncontent-length: 14648\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=1209600, must-revalidate\r\netag: PvLaT4ztwtrcTzzE7L3iU_2goUU5nFxDkKGO80AOObY\r\ncontent-disposition: attachment; filename=\"mahjongwinssuperscatter.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oOAdE3yb5fVN0QPH7LUmSgfOQADbuyJyuh28YCOUIEKBi4Kk9eM9F6Dh9qSrFUPeSzplA1pl8TqF0l%2FzqbQB58ff21dNEjnxvEb4bc4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e35c9c9d49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14648,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 300x200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"744a991c933f674d3604d40b6144f308","sha1":"c7a53bf68ff030f85c9c2efad5364e85e38e6be3","sha256":"3ef2da4f8cedc2dadc4f3cc4ecbde253fda0a145399c5c4390a18ef3400e39b6","sha512":"5e1af337e0f4d0ca9f42362e369c7776ba2a3a64a9c18f92ad893de6434a5777af3035ea18d4fd556854d0643ebb9f23fb212a5b420807bca7f686aa6fcf9821","ssdeep":"384:YGZk/RIu5XzGk9PqCs5yXKW2bL/DdzUManFhgYeUvVKdtFT520:gd5ap5xvDdzUManL7sHbv","tlshash":"c962cfc34830e9a4cd758f0f3028b449274dc950c91dcb398e0939f7de6a6e4acb9206","first_seen":"2025-08-27T21:04:42.499403Z","last_seen":"2026-03-24T07:16:47.222452Z","times_seen":4,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":236,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dewanusa.rest/_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2FPGsoft%2Fmahjongways2.png\u0026w=640\u0026q=75","fqdn":"dewanusa.rest","domain":"dewanusa.rest","tld":"rest"},"ip":{"addr":"104.21.13.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://dewanusa.rest/","date":"2026-03-24T07:16:02.656Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dewanusa.rest","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 09:44:28 GMT","end":"Mon, 25 May 2026 09:44:27 GMT"},"fingerprint":{"sha1":"DA:62:54:50:3C:61:4C:7E:FE:E1:9B:75:5E:66:D0:8F:C6:49:C0:02","sha256":"F0:32:98:FC:92:67:0C:0D:20:36:31:F7:2F:38:4F:5A:DD:DD:FF:8E:B9:8D:64:3E:39:39:EA:9C:5E:FA:FA:2F"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fimg.dyn123.com%2Fimages%2Fslot-images%2FPGsoft%2Fmahjongways2.png\u0026w=640\u0026q=75 HTTP/1.1\r\nHost: dewanusa.rest\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dewanusa.rest/\r\nCookie: _ga_B9DLSJH0MC=GS2.1.s1774336558$o1$g0$t1774336558$j60$l0$h0; _ga=GA1.1.438902505.1774336559\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 07:16:02 GMT\r\ncontent-type: image/webp\r\ncontent-length: 15174\r\nserver: cloudflare\r\nvary: Accept\r\ncache-control: public, max-age=1209600, must-revalidate\r\netag: It-tEL2nguJdgrRdLM-xZwdPQKXMUSCLqcvhIXXuyYQ\r\ncontent-disposition: attachment; filename=\"mahjongways2.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors *;\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Yn6NgneHsYf3Rqg66NbuLb70arZ9oLOmM%2BZhJd0K56sNwUmOIkZwEbwsKnvCUxgVnltD%2FGNnsiLDraxMwZpS6xBF6%2FpNQ6x0t98Ycc8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e13e35c9c9e49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15174,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 300x200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"3104010310a90eb72d74f44f0afa2a5d","sha1":"1a6d31ba2671a69f3fcb6379b77b28f42407b63e","sha256":"22dfad10bda782e25d82b45d2ccfb167074f40a5cc51208ba9cbe12175eec984","sha512":"e4f9e57da3616bc334fcd7dd061135d0ad92d66057d9dfc107ec0529c897d0cbd4b639358233196a2ed499b01df7e69c368fd94c7197fa3de1b419c9e8da1e90","ssdeep":"384:bXxk8ETzvHortC3SxT7EzQghdVhyoqkjSGln8Cfn6zT2Kll5x:NzEz/oDvERhyoLjZOWCl5x","tlshash":"ad62d0ae73aa43aa393bda691867d019888fb03d4c5935e1a770e51a015fafcc3445a8","first_seen":"2025-07-08T04:46:21.88461Z","last_seen":"2026-03-24T07:16:47.172852Z","times_seen":7,"resource_available":false,"data":null}},"time_used":238,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":237,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"dewanusa.rest","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}