{"report_id":"571efce9-9eca-4d22-920f-b22094d98f68","version":6,"status":"done","tags":[],"date":"2026-02-13T18:09:44Z","url":{"schema":"https","addr":"114514meme.com/","fqdn":"114514meme.com","domain":"114514meme.com","tld":"com"},"ip":{"addr":"104.21.57.49","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"114514meme.com/","fqdn":"114514meme.com","domain":"114514meme.com","tld":"com"},"title":"114514 Coin Official","dom":{"size":31964,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (406)","md5":"2ebe02fac4e63cfbce1cfe8f075c9a70","sha1":"44bb3067b84b14ef802cb9ce8703468198c61c18","sha256":"d38e452c185d468e09c6a436046b033f96606a6ea4fcd5f964a7b856523e11b3","sha512":"a11894f7555769d952cfd92ea51a218f5207a65319a5c312c4ba1d9dff6d0d629ff3dbe50bf49609aa544500156dbee32d8b72929430593ac53d3546f6ef0fef","ssdeep":"768:rdy3JywDPoFpFW72PGD9fdgwL6L+m9DMhMShn6fXR7/rkKk8knkzGkn:ra0/g72P69fd/L6L+qDM4vJ","tlshash":"07e2a63461f0067f12e7d2f02298bb2aaea8da5bd91f454572bd06e11fcac96df13148","dom_hash":"domhashe376704986e34c1237e70d9592034d00","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"114514meme.com/","fqdn":"114514meme.com","domain":"114514meme.com","tld":"com"},"ip":{"addr":"104.21.57.49","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-20T18:09:44Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"114514meme.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"114514meme.com","ip":{"addr":"172.67.141.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-01-12","domain_rank":0,"first_seen":"2026-02-12T20:05:40.592177Z","last_seen":"2026-02-12T20:05:40.592177Z","alert_count":8,"request_count":8,"received_data":2147074,"sent_data":3672,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"114514meme.com/","fqdn":"114514meme.com","domain":"114514meme.com","tld":"com"},"ip":{"addr":"172.67.141.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"89385bce9daab0f90220aee18cebf3ee","sha1":"2b6b977cd105b9faf1d77311ecf4ed8499d37f88","sha256":"4e5c6a25808e067308fc3e21f1129034808ddf2f00909105de433f8b30e95570","sha512":"217043101027de6495882ab05f5ba323b8f1dd1ca62c653f671aa5c501bf8c90a08da712b3da1638854492fe923960d00691611e8732504b64eec168b1d769ae","ssdeep":"","tlshash":"44c0c0408070ce600c2c00a7607827d43050251d914a60c6c3bd9c87d54cfc04fc8000","size":186,"data":"","first_seen":"2026-01-20T03:01:09.599022Z","last_seen":"2026-04-03T18:19:24.773518Z","times_seen":48,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"114514meme.com/secureproxy?s=%2Fipfs%2F_qEVAUVavvzeiYiasp2KRw7531dfc2b686e4c47507eec9adb88115%3Ft%3D1771006162949","fqdn":"114514meme.com","domain":"114514meme.com","tld":"com"},"ip":{"addr":"172.67.141.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f2782276bfeb93da72103d052fde4da5","sha1":"676ae76a0dc7aa982b9af49290b37b7618f1519a","sha256":"7bd283d77c58ac4cb9cee958291054550a4a2931755e534827b27f932ee976f4","sha512":"a724041816e3d89b689ce6b206258f0e5967edb36b90625f6ec67b8df9e46fc6d3c1b958e2a88cc4866bf3c42ed62359b63ef2238b8ce315984a9e8eddb970a0","ssdeep":"6144:/ujB8gltIeTM5/S8g6zRh5gDvIHQHDk2tKM4aaFPjv8DjgYf0PfcfGfr7lFcuUkS:YhltVM/g61sQHH2tKBhv8ycKMf","tlshash":"17f43cceb78d1d7340a263e757b3d82eff880eaa854b595057c29c9122c4fa351e8d9c","size":727195,"data":"","first_seen":"2026-02-13T18:09:46.172464Z","last_seen":"2026-02-13T18:09:46.172464Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"114514meme.com/","fqdn":"114514meme.com","domain":"114514meme.com","tld":"com"},"ip":{"addr":"172.67.141.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-13T18:09:22.322Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"114514meme.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 10:55:05 GMT","end":"Sun, 12 Apr 2026 11:52:46 GMT"},"fingerprint":{"sha1":"71:00:85:76:CC:18:83:8E:90:0B:5A:D6:9F:49:1C:3C:91:44:D4:DD","sha256":"DB:EE:29:34:26:64:43:E1:D8:D4:19:82:9A:C6:8B:3A:5C:03:0B:CA:52:B5:BE:C4:75:A6:C5:57:CB:BB:93:E0"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 114514meme.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 13 Feb 2026 18:09:22 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Tue, 13 Jan 2026 11:35:15 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BYGRw1YAPymmVeCs9bc%2FvNpItqfovqADQDhyN2ExAWzG9WuVzoxLmf940U7Mnx8gNue6DutAlNn0w1tts4Kvb15bRiiLbbC5d8YQksTq\"}]}\r\nage: 186014\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9cd646c2ec67f3c7-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":32109,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (406), with CRLF line terminators","md5":"f2139e6d579a40ce30b792911998a1f7","sha1":"f3c9748eca727d746868b15e0ab05de69e7b87d6","sha256":"db3b3c023558ceac1f086c1ff6a516525e55ea5e07ffc0cd2f1978500082ebfb","sha512":"ff251224a42994d0365e6b22371e9f9703cbaf6cc6bbc7c5bfbf7550a665d93a950f465d0b25a4eb9eac5be1a7d04ff5e4e6bf558a2be0d06d67309602a3a9cd","ssdeep":"768:KFDV/iPGFYFS6XUPD7QKUqG5o9s9VBn8NSErxUR0Vz5R4gsA:KFzi86XU77QKhG5o9UVB7O9","tlshash":"cce2853462c0163f52b7c2f056a8aba9faac865bda0f855572bd23d31ffac14de13140","first_seen":"2026-02-12T20:05:44.791668Z","last_seen":"2026-02-13T18:09:46.159281Z","times_seen":2,"resource_available":false,"data":null}},"time_used":145,"timings":{"blocked":56,"dns":26,"connect":8,"send":0,"wait":26,"receive":0,"ssl":25},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"114514meme.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"114514meme.com/41cb9d945c1b556b.css","fqdn":"114514meme.com","domain":"114514meme.com","tld":"com"},"ip":{"addr":"172.67.141.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://114514meme.com/","date":"2026-02-13T18:09:22.660Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"114514meme.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 10:55:05 GMT","end":"Sun, 12 Apr 2026 11:52:46 GMT"},"fingerprint":{"sha1":"71:00:85:76:CC:18:83:8E:90:0B:5A:D6:9F:49:1C:3C:91:44:D4:DD","sha256":"DB:EE:29:34:26:64:43:E1:D8:D4:19:82:9A:C6:8B:3A:5C:03:0B:CA:52:B5:BE:C4:75:A6:C5:57:CB:BB:93:E0"}}},"request":{"raw":"GET /41cb9d945c1b556b.css HTTP/1.1\r\nHost: 114514meme.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://114514meme.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 13 Feb 2026 18:09:22 GMT\r\ncontent-type: text/css\r\ncast-mode: default\r\nlast-modified: Tue, 13 Jan 2026 11:35:15 GMT\r\netag: W/\"69662df3-dfef\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3t8FtRabAfoeWSjLNTHr%2ByIR%2By9O7J9Y4NUwKfz4%2BgYY55HJR8YuUjSn6u%2BNnSVw7AwLN1dQgkEnJuS0syJ4tMmI0GG2LVkM28SffohK\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9cd646c4abf09ade-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":57327,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (55178)","md5":"54684ec038a42ea24a5e3829032a6679","sha1":"b56910f47148fa35ee7fb37f251d8c1512f6d9fe","sha256":"ba0f9954e2e82b4091a3dc17f4e81916c9ec00145099e85f90f91540aa00f546","sha512":"279d7b018b1b9210ad5d3e4fffb4ec3a94eb6edd3c2adb1ef256ea490060d09f36b80dd0f49c1e775c3108f23a509dc29b0df9a139f3158d9a6d308f95dd2b7d","ssdeep":"768:SwM8ubjtnTs2MG2m0FIe+77bYjWfmT6AAwST4:SwM8sh0kfPT4","tlshash":"f243a524e324da7bbd37b5a8a6bce41d730971a5daf907dce9617201afc77f10809620","first_seen":"2026-02-12T20:05:44.796074Z","last_seen":"2026-02-13T18:09:46.160424Z","times_seen":2,"resource_available":false,"data":null}},"time_used":273,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":272,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"114514meme.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"114514meme.com/favicon.ico","fqdn":"114514meme.com","domain":"114514meme.com","tld":"com"},"ip":{"addr":"172.67.141.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://114514meme.com/","date":"2026-02-13T18:09:23.168Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"114514meme.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 10:55:05 GMT","end":"Sun, 12 Apr 2026 11:52:46 GMT"},"fingerprint":{"sha1":"71:00:85:76:CC:18:83:8E:90:0B:5A:D6:9F:49:1C:3C:91:44:D4:DD","sha256":"DB:EE:29:34:26:64:43:E1:D8:D4:19:82:9A:C6:8B:3A:5C:03:0B:CA:52:B5:BE:C4:75:A6:C5:57:CB:BB:93:E0"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 114514meme.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://114514meme.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 13 Feb 2026 18:09:23 GMT\r\ncontent-type: image/x-icon\r\npriority: u=6,i=?0\r\ncast-mode: default\r\nlast-modified: Tue, 13 Jan 2026 11:35:15 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69662df3-9bfa7\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ORbV9vebAkF4PTj2IOBXHQ9gUCIPko4nvdm0kPuvVEj47hrXc0XonqiaU38KXYhrrn2WiDz0FaFTD5c8VCTNyVx33gr9YZZmwMzuSFM%2F\"}]}\r\ncf-ray: 9cd646c7dd399ade-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":638887,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 650 x 649, 8-bit/color RGBA, non-interlaced","md5":"eafabc4011d386b4c72c623ca9cc4d12","sha1":"5f6a40bb0405ed2bf4db3a9b97bf147dbbf27791","sha256":"39ad981667eb9810115c5b26cd3b235a127e215cd0b8effa9ca7e4af9f16ac1e","sha512":"e68579a746848abec1afa658c0ce10bdbe43eca30ce177aa36f469e30cbf9fa2b41d147c05b912b236ad13e0f9eea4c282def8b4ffd3f65d264789c281852d8e","ssdeep":"12288:QvWoRbdHzrz33duU1Iat1Rm1HgQgQZ4gEmB8LF/E3tU8qTbUMbK:QvTb9zn3o6t1Rm6bQD06U8qTbUsK","tlshash":"4fd4232a86cf1703b9f79ad70d4615ccb1d2f91617e1b0e76309b2c193099a6c0e6ee5","first_seen":"2026-01-14T14:26:41.295326Z","last_seen":"2026-02-13T18:09:46.161284Z","times_seen":3,"resource_available":false,"data":null}},"time_used":318,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":166,"receive":152,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"114514meme.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"114514meme.com/favicon.ico","fqdn":"114514meme.com","domain":"114514meme.com","tld":"com"},"ip":{"addr":"172.67.141.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://114514meme.com/","date":"2026-02-13T18:09:23.170Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"114514meme.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 10:55:05 GMT","end":"Sun, 12 Apr 2026 11:52:46 GMT"},"fingerprint":{"sha1":"71:00:85:76:CC:18:83:8E:90:0B:5A:D6:9F:49:1C:3C:91:44:D4:DD","sha256":"DB:EE:29:34:26:64:43:E1:D8:D4:19:82:9A:C6:8B:3A:5C:03:0B:CA:52:B5:BE:C4:75:A6:C5:57:CB:BB:93:E0"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 114514meme.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://114514meme.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 13 Feb 2026 18:09:23 GMT\r\ncontent-type: image/x-icon\r\npriority: u=6,i=?0\r\ncast-mode: default\r\nlast-modified: Tue, 13 Jan 2026 11:35:15 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\nage: 0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\netag: W/\"69662df3-9bfa7\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=I85C3ccRcuqumYEF%2FUt7jRq9tW5oGtJzWYj5deESQJnRtn6LJZelVJiduWJn0%2BmVS87yM4rlpeiKrJKZuCvn6bKLu2swqSBaUY1hWTGv\"}]}\r\ncf-ray: 9cd646c7dd3a9ade-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":638887,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 650 x 649, 8-bit/color RGBA, non-interlaced","md5":"eafabc4011d386b4c72c623ca9cc4d12","sha1":"5f6a40bb0405ed2bf4db3a9b97bf147dbbf27791","sha256":"39ad981667eb9810115c5b26cd3b235a127e215cd0b8effa9ca7e4af9f16ac1e","sha512":"e68579a746848abec1afa658c0ce10bdbe43eca30ce177aa36f469e30cbf9fa2b41d147c05b912b236ad13e0f9eea4c282def8b4ffd3f65d264789c281852d8e","ssdeep":"12288:QvWoRbdHzrz33duU1Iat1Rm1HgQgQZ4gEmB8LF/E3tU8qTbUMbK:QvTb9zn3o6t1Rm6bQD06U8qTbUsK","tlshash":"4fd4232a86cf1703b9f79ad70d4615ccb1d2f91617e1b0e76309b2c193099a6c0e6ee5","first_seen":"2026-01-14T14:26:41.295326Z","last_seen":"2026-02-13T18:09:46.161284Z","times_seen":3,"resource_available":false,"data":null}},"time_used":316,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":166,"receive":150,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"114514meme.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"114514meme.com/secureproxy?s=%2Fjmpd%2F","fqdn":"114514meme.com","domain":"114514meme.com","tld":"com"},"ip":{"addr":"172.67.141.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://114514meme.com/","date":"2026-02-13T18:09:24.749Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"114514meme.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 10:55:05 GMT","end":"Sun, 12 Apr 2026 11:52:46 GMT"},"fingerprint":{"sha1":"71:00:85:76:CC:18:83:8E:90:0B:5A:D6:9F:49:1C:3C:91:44:D4:DD","sha256":"DB:EE:29:34:26:64:43:E1:D8:D4:19:82:9A:C6:8B:3A:5C:03:0B:CA:52:B5:BE:C4:75:A6:C5:57:CB:BB:93:E0"}}},"request":{"raw":"POST /secureproxy?s=%2Fjmpd%2F HTTP/1.1\r\nHost: 114514meme.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://114514meme.com/\r\ncontent-type: application/json\r\nContent-Length: 1428\r\nOrigin: https://114514meme.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1428,"data":"{\"route\":\"n9POyFeFG1tUtiSU-z9JOx3n\",\"payload\":\"0hqM-6_N52QBrgIKAxoAEwDgAtICJAAdAyoAAgABNwMAAO8nhn2XtsKCAUdzk_vnBBi27sPrUWUCAACCR08SuqDGVHuO1WQPgyCXuubcwD1bQUDFokcVws1IwX9MUc74gVks81AtVzxw_m939L-rA85vQxPL5kzxl74bPneaMfO3XeGcXmOkfEag54ozQ1RzWDt9NdOGEBOAKeXtkCKGkrt1I2PkqscUeCgFrqDbRTYJKVnAZLycP7nHChl0dfU-7NThzk5bK5rUMkfIlp6aJuPEeNJPxKk9wpj5Fv1koOJ1fjv61dMb29xp5Kc6-DKwwRwXkengEc8RbDLcBK5H2_aqeZBM35kJgVdTw_wazw2Kjkqu0Z6l3qc8ONWAmGF7epNhzvsF4W8UasX5C6cDmJZP8Am9QZnXkuGhVFdvtwhIiOzPLz1keAsYk5QtkXd6gWN6AvmpYr_QfRmLLddh8Fat2bldCO8IeVVHtgejq_UjXWgs2QinXPZbn8XAZpVPi9RHOnUd6-1DlhQnyockpsdup6P8GbeNgf8qRucrx5cwieDcnmdGPNakevg7L5CC9HuXK1PATffDRJrnShoJr7nTVgRtIiwMennJvkRlkhMOwKDfCvsa5GjJpKxVVXvPSUrgBj88zz8RSh0VAo8RsOaa4LQt2_lxYW23-asDeZIOnTrLhEOT5vTStIK3RFPeOLOevutsoovZwM3hYafvAJVlOElO4qQteb2gF7WSn6g4fwGYXE9bX34-c07h_gbd2Pob4eRC9Y9Jhd1GCIzhOzesJND1G3EmNbgGBRMeK4ZG9qu2mLazzaYUsNCM5yXKfSsceRLXTX2-V6VFXC9QZ1rtJCpwlfN036UVe9fId8vGfqAYcprLGPmQrxLA1NrImYurU-KSCDliD5qQYE5mjQp9HyJNv0-FWk-MYRxkLraqLNdpllM2giYbwAEcPYcKwLD_nP7JfFowvLx8O-4umwbcIcNe-WAyARgcFpU7SOl4HC9O4w4-WJElnfrK5Kup8rUtnmkDgzw_yCevkKT-sgPBAJMIrR_Wu0XmqQP4ZVs_jyH1SfYpt8OMp1WDwr1wdK0wM143uBbuh2H_WaVmemZe0MH1DJmBrkUbhlMh_Az2rkGxv0qOC5it9pBU8g4_C1ZghJX04kSqz6DHZfLbzakRMdk3MCOyIwGmnGZJ1oXA1g7BsoyejzoQ\",\"challenge\":\"eyJpZCI6ImN2VWJhT3J4cVFNUlJVMFdhSVBrRVEiLCJub25jZSI6NTIsImhhc2giOiIwMDQwNzEwMWI5NGYyYzUyYjJkZGYzZmVlNWQ2Mjk1OTlmN2ZiODIyYzJhZDQ1MzY0ZGFhZmM4ZGM1OGE1YzMwIn0=\"}"}},"response":{"raw":"HTTP/3 204 No Content\r\nserver: cloudflare\r\ndate: Fri, 13 Feb 2026 18:09:25 GMT\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\ncdn-pullzone: 4623665\r\ncdn-requestcountrycode: NL\r\ncache-control: no-cache\r\netag: W/\"a-bAsFyilMr4Ra1hIU5PyoyFRunpI\"\r\nx-ratelimit-limit: 10000\r\nx-ratelimit-remaining: 9999\r\nx-ratelimit-reset: 1771006225021\r\ncdn-proxyver: 1.43\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 204\r\ncdn-cachedat: 02/13/2026 18:09:25\r\ncdn-edgestorageid: 879\r\ncdn-requestid: 3a39d7c8d32868375d95c572372c484d\r\ncdn-requesttime: 0\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Yr2a7aYZE3Olv9bQe6dloXOsyg9Xt7EWFpXikwib0xvfmiOdgddshN7U8xDUxILctsJW2zRy4rmH2bvByk8LUHSEGU0ZN4p37e9vpMR%2B\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9cd646d1bf6a9ade-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T21:16:18.866443Z","times_seen":16250262,"resource_available":true,"data":null}},"time_used":985,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":985,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"114514meme.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"114514meme.com/coin-mini.webp","fqdn":"114514meme.com","domain":"114514meme.com","tld":"com"},"ip":{"addr":"172.67.141.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://114514meme.com/","date":"2026-02-13T18:09:22.662Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"114514meme.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 10:55:05 GMT","end":"Sun, 12 Apr 2026 11:52:46 GMT"},"fingerprint":{"sha1":"71:00:85:76:CC:18:83:8E:90:0B:5A:D6:9F:49:1C:3C:91:44:D4:DD","sha256":"DB:EE:29:34:26:64:43:E1:D8:D4:19:82:9A:C6:8B:3A:5C:03:0B:CA:52:B5:BE:C4:75:A6:C5:57:CB:BB:93:E0"}}},"request":{"raw":"GET /coin-mini.webp HTTP/1.1\r\nHost: 114514meme.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://114514meme.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 13 Feb 2026 18:09:22 GMT\r\ncontent-type: image/webp\r\ncast-mode: default\r\nlast-modified: Tue, 13 Jan 2026 11:35:15 GMT\r\netag: W/\"69662df3-cc2\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NgZI8kJEGp%2BH62JJs1HfHsYIkcdQtV0l3q94GTrN0nJg%2FETzAK%2B9xuqVx%2Ftd95N7QqxcQ%2BvTiMANQHlPXuf9IWvBBzl6kO1rUndLrzVo\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9cd646c4abf29ade-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3266,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a5519d0a27a8176ad5adf58539b68bc2","sha1":"3af0611ede64d24f3b980266ea77cc08ccc5c618","sha256":"679352bcdddec3b3070bd78aa34dded29684d6e4acd99a831d49bef4fa2a1938","sha512":"a73778965736d72a752539fb7938af9b6f8189d75c1aa33f950f30808d5f8d9f95f7f8834c681bca798319a63a56d705b81d4fa4108f56e59009811f4ab1659f","ssdeep":"","tlshash":"8c616c50f526c5117c8e3150c6fb11a1ca1a665b8b2c93ef21e265f22ab4c61e8f2b38","first_seen":"2026-01-14T14:26:41.3041Z","last_seen":"2026-02-13T18:09:46.168952Z","times_seen":3,"resource_available":false,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":215,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"114514meme.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"114514meme.com/coin.webp","fqdn":"114514meme.com","domain":"114514meme.com","tld":"com"},"ip":{"addr":"172.67.141.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://114514meme.com/","date":"2026-02-13T18:09:22.663Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"114514meme.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 10:55:05 GMT","end":"Sun, 12 Apr 2026 11:52:46 GMT"},"fingerprint":{"sha1":"71:00:85:76:CC:18:83:8E:90:0B:5A:D6:9F:49:1C:3C:91:44:D4:DD","sha256":"DB:EE:29:34:26:64:43:E1:D8:D4:19:82:9A:C6:8B:3A:5C:03:0B:CA:52:B5:BE:C4:75:A6:C5:57:CB:BB:93:E0"}}},"request":{"raw":"GET /coin.webp HTTP/1.1\r\nHost: 114514meme.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://114514meme.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 13 Feb 2026 18:09:22 GMT\r\ncontent-type: image/webp\r\ncast-mode: default\r\nlast-modified: Tue, 13 Jan 2026 11:35:15 GMT\r\netag: W/\"69662df3-a09e\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 79444\r\npriority: u=4,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SX92lXeI0%2FrykNZNeMp2kmgbn3QCziGCWccvvmvb%2Bwj%2BhxzuqDg7mw4Ynd809ioH1YCv22ZnUrvtRx7S5vXt5rs8BBXyMutDSgcE%2FJ9M\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9cd646c4abf39ade-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":41118,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a0b754b2d4883adfcd6be2d5b7e8fee3","sha1":"f121b59657c97ee261b08875f0b982ca056a458d","sha256":"f6e6ca67a48cce68863e508504251c796e61a3d24ba1ff51cbf1db9a35865ef4","sha512":"a2316a5a824de62d0461ebc304dc45d970a0bb3980b3bc5195ba81c1337c3970aeff252f0b4e9960b732f32a6d069a1f39872a95e7c292c93a5fd02449cf28de","ssdeep":"768:8gUJZRnkoowNF6Fz8WcQqBr6/q39fl0li7t4H8h4E20DXdT/ldy608q6FIuk:yJfkgNF6FOQqBr6/6fH7KcWOdT/lYhfj","tlshash":"2a03f1c6503f7f10ea45dabeb059cb8419fe8733015aba77ab063183ba14981f314cda","first_seen":"2026-01-14T14:26:41.290693Z","last_seen":"2026-02-13T18:09:46.171421Z","times_seen":3,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"114514meme.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"114514meme.com/secureproxy?s=%2Fipfs%2F_qEVAUVavvzeiYiasp2KRw7531dfc2b686e4c47507eec9adb88115%3Ft%3D1771006162949","fqdn":"114514meme.com","domain":"114514meme.com","tld":"com"},"ip":{"addr":"172.67.141.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://114514meme.com/","date":"2026-02-13T18:09:22.952Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"114514meme.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 10:55:05 GMT","end":"Sun, 12 Apr 2026 11:52:46 GMT"},"fingerprint":{"sha1":"71:00:85:76:CC:18:83:8E:90:0B:5A:D6:9F:49:1C:3C:91:44:D4:DD","sha256":"DB:EE:29:34:26:64:43:E1:D8:D4:19:82:9A:C6:8B:3A:5C:03:0B:CA:52:B5:BE:C4:75:A6:C5:57:CB:BB:93:E0"}}},"request":{"raw":"GET /secureproxy?s=%2Fipfs%2F_qEVAUVavvzeiYiasp2KRw7531dfc2b686e4c47507eec9adb88115%3Ft%3D1771006162949 HTTP/1.1\r\nHost: 114514meme.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://114514meme.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 13 Feb 2026 18:09:23 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\ncdn-pullzone: 4623665\r\ncdn-requestcountrycode: NL\r\ncache-control: max-age=2592000\r\netag: W/\"b189b-Z2rnag3HqpgrmvSSkLN7dhjxUZo\"\r\nexpires: 0\r\npragma: no-cache\r\ncontent-disposition: attachment; filename=3Xs4_XY1Rf15TzLGVvL7_Q.js\r\ncdn-proxyver: 1.43\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 02/13/2026 18:09:23\r\ncdn-edgestorageid: 883\r\ncdn-requestid: 011ea7d357d8266646f306f3b1b88db5\r\ncdn-cache: MISS\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8NTcQs2BvgtFvNSz5LWOtro5s73wW8pqlrKRrsPUyjPhaiNXeJOtFzus9jIzIJ9%2B2qufI5cS3f0tC68f4rC2e8sP%2Fv7aOzRPf%2F1Kpi3g\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9cd646c67c739ade-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":727195,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"f2782276bfeb93da72103d052fde4da5","sha1":"676ae76a0dc7aa982b9af49290b37b7618f1519a","sha256":"7bd283d77c58ac4cb9cee958291054550a4a2931755e534827b27f932ee976f4","sha512":"a724041816e3d89b689ce6b206258f0e5967edb36b90625f6ec67b8df9e46fc6d3c1b958e2a88cc4866bf3c42ed62359b63ef2238b8ce315984a9e8eddb970a0","ssdeep":"6144:/ujB8gltIeTM5/S8g6zRh5gDvIHQHDk2tKM4aaFPjv8DjgYf0PfcfGfr7lFcuUkS:YhltVM/g61sQHH2tKBhv8ycKMf","tlshash":"17f43cceb78d1d7340a263e757b3d82eff880eaa854b595057c29c9122c4fa351e8d9c","first_seen":"2026-02-13T18:09:46.172464Z","last_seen":"2026-02-13T18:09:46.172464Z","times_seen":1,"resource_available":true,"data":null}},"time_used":847,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":721,"receive":126,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"114514meme.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}