{"report_id":"6441c8d6-80ad-4599-95a6-7f6ca490219f","version":6,"status":"done","tags":[],"date":"2026-05-15T03:43:27Z","url":{"schema":"http","addr":"mt0403.6868dc.com","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"mt0403.6868dc.com/#/","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"title":"MT Blockchain Mining Foundation","dom":{"size":79771,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (63685)","md5":"a70a23192b623bd07f5e8f89fc760c70","sha1":"fb23e476b360f8be9f95f662f2cc4c50d545a88f","sha256":"3f403ffca144c8b4b2542b7824443978cd4440647a5ba416199ae3e3f2ead4f0","sha512":"3c38704ee09a5c5f27ac469ab6896a0917d5ff7b459f8cc04130e848fff34099f828e53062dbbf5145cc83d7a33a8510206cd26c6def507c95fb0110f4370c71","ssdeep":"1536:R1hJo4+ITIIG8bV4G8kptQZR30nzAN0EQJJdOSNsFp0sGy6nOSpobtzEkXm0cAjp:bhJo4+ITIIlhP2Z0iUbnDNr2mJgzIoum","tlshash":"9e73bf70a951583f981799d0f8b0376d70eaf78ecc6a4824e6fc13d56febca0999d210","dom_hash":"domhashaf60a7f964b82729fb875bbfd7d895be","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"mt0403.6868dc.com","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-19T03:43:27Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.251.142.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-05-10T22:20:44.526759Z","alert_count":0,"request_count":2,"received_data":16195,"sent_data":982,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"mt0403.6868dc.com","ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2017-12-28","domain_rank":0,"first_seen":"2026-05-15T03:43:32.820546Z","last_seen":"2026-05-15T03:43:32.820547Z","alert_count":88,"request_count":44,"received_data":6670370,"sent_data":22334,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.251.143.131","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-05-10T22:17:57.86744Z","alert_count":0,"request_count":3,"received_data":26202,"sent_data":1619,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"mt0403.6868dc.com/assets/js/index.32b55a0f.js","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8079e5afb7a514c535505cf2f7a1f7e8","sha1":"bc83bfb996ec23e0d721fdd1577a022fde3415f2","sha256":"bdb65e549d7af160d9271b36e32f1bee25a0e077e8bdd8c0cdd6d2dc66d04cc6","sha512":"e5f5206a560294baf71918db04a5eb28d5528473b0dd51ab50ca5eb29b6bbe5ebd79071c8d2e96a3f44f6cad30d62cf209c7022825ccdf77e62d6b8fbb7aec87","ssdeep":"24576:UO68t90ZIx1LbCX1QLaa/J+vKJA0k8mLvYiKmLpAO:geaa/QvK7kxLN","tlshash":"ec258e76338a303507aa5286709f3111f3ba1d75b609a0f8f5e8895a25f0e1591bff3e","size":980502,"data":"","first_seen":"2026-04-29T03:18:06.611237Z","last_seen":"2026-05-15T03:45:02.896434Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/assets/js/3367.d70c3dc2.js","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7e47199ee62be6a6e882de901f1ec0c1","sha1":"941f1f72e392da53558573db218f91288142beab","sha256":"c23bc8930f14a2a25e59605be52d0d3d724da5c40d0fe0d3af56dbabe784ddc6","sha512":"902372d4dec6c16e01c4a1f4bd426e704bcc27296e5eb36cef5325c08ccb74d0f7a86045ceec751c1e5240da2939756c96cb299b995e6d58c4f6b78e6248b590","ssdeep":"","tlshash":"1ab09b5825867a7d333b71c154d51765746f2090351e50d76e711cf4d46754c06d01cd","size":122,"data":"","first_seen":"2026-01-28T10:32:55.213511Z","last_seen":"2026-05-15T03:45:02.924252Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/assets/js/2202.67d5586b.js","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9c1f6c06ac98576ffa6fa03d7b3cd82e","sha1":"3e8e661aa079cbb4177834ceeb6942b5bcfd6591","sha256":"801b69fc245809ce43027e2e496c6ff7a204c1737694ef520327ed480c0632c7","sha512":"a6e23d0178b1e0c10ca141fdeb8484faa0bcae3b1021d042ec00fb35298d5c94523ccfa798c67185462749b2ae6511a4ac6646b040318c48ef9f8cb62331b494","ssdeep":"768:nRSygB9w1O/wqaPlJARYkIGbd5ZHtg3LaHzme/Hgbp0nhn:grqS2PGCaHzmohn","tlshash":"e3d21ce3b3da106ddbf83584556b2100b168aee5680ac96dbabc38e715ec401e479f7c","size":30296,"data":"","first_seen":"2026-04-29T03:18:06.594998Z","last_seen":"2026-05-15T03:45:02.916995Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/assets/js/247.6b2b1a77.js","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"18708000369eaeea9768539d404cbd7c","sha1":"15b3500a2d05a84a01ef5b010f5a686fd4254ed9","sha256":"b0d6bc3a45c4da6f5f559c6a4cb7f00aad3fbf1b01d884a97f21a3903d2153aa","sha512":"5ced38713b0d742e7f976797f03212311e879bfe8eff355eb107bdaed726d44e6e10ea6cff6926e9888f76d625b101c6ea0fa8ef1cbaa88ac4447217f80fe0c0","ssdeep":"49152:b/OAYyzJm7NHPRoXfJ2dGfMVmpOgANkEuPIiOgS4fSfh:b2RyzJUNHPcy","tlshash":"d2854b8073e5b076079b14d554771006f2399968340e406cf7acecebbfaa989963bf39","size":1705548,"data":"","first_seen":"2026-04-29T03:18:06.612497Z","last_seen":"2026-05-15T03:45:02.926218Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/assets/js/8156.7c090cf2.js","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ca21759ebcf1188e811fcbfd811782d5","sha1":"093f2a13bae7b6d78fa7b3d00bb878dde02bf420","sha256":"f9002271ffc431fb41ecabae2a12fe927d05c6f3d7a00660734234f89c62118d","sha512":"0889ff7ab7dd63e8548a6d786f6b19ca141e91981fe9ede6d32748b0870503b72be86828bfc57d8833d7c1810eaaed626cce1aaad63d9564a7d138b0c8da4586","ssdeep":"1536:MiSa0qa2IR30e4G8GzAopGFObPI5+95q6J5q6gqbcQH0EW:2LqwnRtRcqR1W","tlshash":"66636c11a893e17bdd7fa111510e3934f4763fe49420e08afa788cb469d9c64b71eaf8","size":72087,"data":"","first_seen":"2026-04-20T10:56:10.093847Z","last_seen":"2026-05-15T03:45:02.912614Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/assets/js/chunk-vendors.510c1d94.js","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5c9b5810e450dea73197b6f1e631f49c","sha1":"e700133dd570dd11bef0505c1725e2d20af952e9","sha256":"310b3f854af87c01f0af5d2ba248a26c0d9869fc920b872c0c828d0279f6919f","sha512":"657d60cd9778c10d48f6570725af1ff197ea178b2382be01d5430abe0d8900ae7c6a631cf478a0003801e9a1e69f4f918d64c8914c235bcee8cc493246afb5aa","ssdeep":"3072:5YFUeD8r4nfMdJ34Nape8sW+MW334mwXJoXOgtkqC1yHSuHFol9caYizi:S3DOWa24oyaHql97u","tlshash":"5354f6cdb291b0b207e760f5402f150bf23b6959a80e84a4f665e4e5acbd94e9137f3c","size":293070,"data":"","first_seen":"2026-01-16T19:41:07.399477Z","last_seen":"2026-05-15T03:45:02.923271Z","times_seen":61,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/assets/js/5911.fe7c027e.js","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"503df0c13b7c5e285486abd29a208585","sha1":"abfcc70397ed363e50983df7ca287a67fbf5b67e","sha256":"58b155704667bce30b11d1a819c47cb266b8fad7fed3b77cc7ac007aadba3cdc","sha512":"3233ff93556322bf8c90d1055f067f1f6fefa3daec8a72b4e6048a6f2d8c4f58f3ae4d5835b23c1a9a1ad420c49559df2d9bd7f39d8cba8da39a471421774ab7","ssdeep":"96:CHMUjrEVoOzwhD8D7ZUhnYBorLJBJmZdKtmYp:aDjwrz085BjZdKtmi","tlshash":"2e12a88521d2c2e0677ced536f9649a3ea3733799e4d34c0fd959a880bf2a4bd13206d","size":9177,"data":"","first_seen":"2026-04-29T03:18:06.575884Z","last_seen":"2026-05-15T03:45:02.909603Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/assets/js/3582.32090cd2.js","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"84b39df92152dbc1b3b2bedcbf8ff202","sha1":"406ca3d28d48221f5aa207e1b749d5db943bd3ce","sha256":"7bf7bf928010d94e3bb2fb277438ca5eb1cab4fee3ae9d8437b5f8c1989b8cd1","sha512":"6abe7d39d2d7886f619bfb1acc8474ec7d9ca6767861085523d5b8609c80a7546efe8355caabc41a01630b0790214488f3d201b38ca9227c7064bd86958692b7","ssdeep":"1536:xHa0LAx37TK4GTgiaq6NUsLIou868l845Xm0cAj6:x6iAxS4FAMIou8Vl84VmJl","tlshash":"78537c15a18be4ffec2d6061a10e2a30f4693ff48161e48af63ccd6595d8d64370ebac","size":62078,"data":"","first_seen":"2026-04-20T10:56:10.058492Z","last_seen":"2026-05-15T03:45:02.88061Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/assets/js/4805.2b12a0e8.js","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9a7770803bd2379ca8f544a7773fff5b","sha1":"fa24d37a06881956b74ee18ac1a15f6b16a6fcd2","sha256":"18a890a3e394ca4c0c21f43d57391bff1953d753669f1eed0a2e283cfc7a6573","sha512":"1d139575755c716ef3ee52d950d8d8846179e921059c6981edfefff13d9d00131051f3da27cd0e5228eca631289065d9cd419afe3f8b2bcd6a06107559d88dbc","ssdeep":"1536:+xCeKWC2jOlvecokNPr42Qj9LNITPn0oIoZRBoEAELhgJciHuaQZr2nQIftHcCbB:9eDBjKv5419NIfIo1gEDiHuaQZr2fL","tlshash":"90934c9032b0f03157ea50eb70766203e330691db44d847cb6addcebad69a5d6326f39","size":96401,"data":"","first_seen":"2026-04-29T03:18:06.606482Z","last_seen":"2026-05-15T03:45:02.882162Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/assets/js/3860.aff8fb07.js","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"26eea29b60e4a2302d5902faae05a760","sha1":"aba3d480a9c59d670bb0b21ddbdc223f0d3008db","sha256":"bbc6b03b2feb11a84e36a88cde941ea68c397808ffe8136e3a658ec87ddba086","sha512":"d2b8cdb4f6765b18ec98d73d5841f5cbc6f62b5538fce73787e947d3e8d6eb183d046078998d95bd74214a10db52e4cfd5745fa2e577be33e1695780385df503","ssdeep":"6144:ZpQQ82ol7YDyomKCYzLrM+xt2BaN17Cf2/slpXaFO+u:LQQ82o5Y2ok2marCO/cp0OH","tlshash":"ffb419dcb291b425439721b0447f150fe33a694da80a85a8f669f4da7cbc44e623bf7c","size":498323,"data":"","first_seen":"2026-01-16T19:41:07.354241Z","last_seen":"2026-05-15T03:45:02.877599Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"c31e7584b07711c8e56839ede034f858","sha1":"db61145a15eb1d6db06bd7d59e84b5aaf0c1ee26","sha256":"a8da70d4a710074d98ea60a86e66e94085bb1712ff4322e6a8fe36aeb395caea","sha512":"907b9030800e9568be4ed568bb02a97d2c57c92c5390329fa142382fa86aefdf5e012af1460b5ca56402cb5f71a1abf0f8d96a8da9a7f39b3b4f6b9e1d8ff0cb","ssdeep":"","tlshash":"f9f0ab9f2c43a02633e92239c727a66b2762070128c2d919ba0dc8142fe0896189299e","size":438,"data":"","first_seen":"2025-07-05T03:06:36.36666Z","last_seen":"2026-05-15T03:45:02.927889Z","times_seen":89,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/js/web3.min.js","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ce5bd54ade787e3757d0d32ff267280a","sha1":"33daa933561e55f9988e2be25448078f97ef0db2","sha256":"f03340295d792adb763c777eaa96039aa831c2402bd7cbc970db44931fa736b8","sha512":"11ca21748cd36a3ee4bcfd3298cdd188ac5a9ef7f01af8ecae6a2e15139e2dbb485cd5e04010d479eeb0adfecbe1b8304a25c66512e2d8094390e4385ab08a62","ssdeep":"6144:iNajiG1YOdqCibdPB8c118X1Unf9F9CvU9sT6Q479FwwQPvi6naRq3A7Hpa:ic+skHYW79FlDpa","tlshash":"98d44b847690f0a10bdb50e554b70002f334b965701d94a8b7b99cebbea9ecda137f39","size":642428,"data":"","first_seen":"2024-12-04T22:03:33.643534Z","last_seen":"2026-05-15T03:45:02.916098Z","times_seen":2082,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Poppins:wght@300;400;600;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.142.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:08.797Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 08:36:34 GMT","end":"Mon, 13 Jul 2026 08:36:33 GMT"},"fingerprint":{"sha1":"25:C3:78:A0:E1:97:BA:8A:CE:43:FA:9C:BF:89:EF:DD:A3:CD:9C:40","sha256":"C1:18:7F:C1:92:8E:D0:83:CA:E8:62:DB:BE:FE:89:B2:84:13:70:FA:0E:40:65:D2:B6:8C:09:37:73:46:4D:4B"}}},"request":{"raw":"GET /css2?family=Poppins:wght@300;400;600;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Fri, 15 May 2026 03:43:08 GMT\r\ndate: Fri, 15 May 2026 03:43:08 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4792,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"04bbe03bab4d95eb132eb967c4aa89f9","sha1":"e82318720b95b16b2228a5ebc6a9164e9027d7a7","sha256":"fad5e5a7350f92d0c278508e0f7057d993e8db7d552ebd25336dac7fadce6047","sha512":"cda84549edda5cf738349eb46318b0dd90848e07047b5a6bc54338aebee1b858e26ea07e8253efb8949cb1a2b4a5ad165f19489c61e8711ea2f5233a9a49e1f8","ssdeep":"96:SO1arO1aTJc+ukO1aaN3OEanOEaCJc+ukOEauN3OxMacOxMaUJc+ukOxMarN3OpQ:4hHdPgKQFVwa3RzJZ","tlshash":"0fa1aed1087be114ab831cc123ce7d37ee1e9255b810e5786bfd0c98adabc654362b2d","first_seen":"2025-09-19T04:24:17.708991Z","last_seen":"2026-05-15T03:45:02.911582Z","times_seen":945,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/api/plan/planOPtionsList","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:10.256Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"POST /api/plan/planOPtionsList HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US\r\nAccept-Encoding: gzip, deflate, br\r\nlang: en-US\r\nContent-Type: application/json\r\nContent-Length: 56\r\nOrigin: https://mt0403.6868dc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nCookie: JSESSIONID=836A8D6F4DB7413F2461D8FF3861926C\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":56,"data":"{\"id\":\"5\",\"m\":null,\"reffer\":\"https://mt0403.6868dc.com\"}"}},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:10 GMT\r\ncontent-type: application/json;charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2B2QcAULg9bLM3odn5Y1r0Z%2BeouCCuti69KdAwI078k%2FELq5bpXY9nGD4rpNKqWmN%2FanEBD5FqnYTmo1QhxyJAnj7gAK5xAoEnzc5n9DWUn%2FYyAJDTksCovYnRYn%2Fqyg70w2EEg%3D%3D\"}]}\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9fbf23091da04e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":520,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"6d8bc7ee4045bfe501c5decd535db303","sha1":"b44fdd712dd55989178d5fe67818e421e698e327","sha256":"2084751cdef03cb748a264459e3314f37983e8815ca390e800f9ca39c0d715a1","sha512":"356a650f09194a78248e888b4a2d0dfb07291f5366ed0073a46c475c185bc16c9a537e4f0db70a7fd862b63e67817d9884589a354ce9b8d03f100fcce732778c","ssdeep":"","tlshash":"07f059c649b8583c8f0c92e655ba3026afc38a8f654ad45fccc7ba5489734270b37b45","first_seen":"2026-02-09T13:47:06.935543Z","last_seen":"2026-05-15T03:45:02.883791Z","times_seen":5,"resource_available":false,"data":null}},"time_used":556,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":556,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/assets/css/chunk-vendors.8a8f331d.css","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:05.367Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"GET /assets/css/chunk-vendors.8a8f331d.css HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:05 GMT\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\nlast-modified: Tue, 21 Apr 2026 07:31:01 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"69e727b5-12845\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DYgTiUYnRi2vH6zq78COYabLea%2BFCUtbNzHeLWA4LwMgsuAxH41qebIBI2Azx0JtxPCJq4xs2m30uDvqOXO%2Fj5GyPMb3eux85GjbdvVZa4PRcu%2FOxisy1UPehVXo1uN3PgXh3Q%3D%3D\"}]}\r\ncf-ray: 9fbf22ea7ce24e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":75845,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"308ae22f281248e9484c5fd850b7920f","sha1":"8f2c94b913364e7e30ecaff9ec2f1bf004918419","sha256":"a085c38ed450e695a4de242b664303261544306b41881b95d82db9c45aa8859d","sha512":"acae075ec8d49495750c2a89b8712a4cc25c5c432bb75f741eb40f378fcd03a9b41e5c02ea0af9248c1d5be26fb0c9c0c8ce43c211506128fd779f1819500c68","ssdeep":"1536:VfQbFNJ+jqkiHc4rx3WqyrtpqoSWEDZQU1k1fM:VSrxmNH9yDdgfM","tlshash":"1673f8b699c412dc732bc912cfc0f6e8d259e222d9810de5f206661e4fd7b8511a6f3e","first_seen":"2025-07-27T10:11:44.193341Z","last_seen":"2026-05-15T03:45:02.874764Z","times_seen":136,"resource_available":false,"data":null}},"time_used":698,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":424,"receive":274,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/favicon.ico","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:07.916Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:08 GMT\r\ncontent-type: text/html\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FohyRGusjLas2qz%2B3ZyrTauakAumiAGofMrdJazmPE2Q%2F%2BaLWbYxd7vWUNK34MJ9UcDADr81W9myAlKXd8Nvmq9R17VgFHkQ%2BaGxaXjADcf8yXhylZXxOP33r%2B1opimriL7xKQ%3D%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\ncf-ray: 9fbf22fa7d584e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":153,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8259bd2dc96b69fffb7c7e1f3411275e","sha1":"e945be7ea901f4a7cf170e184711c81bcd3527e6","sha256":"c375e42b6328de1880de1424a93267d573a1afa2ed37f72a35d8218f6880dd58","sha512":"b6c638e4421bf99ca1c8156247c5af6233e696f956f72cfccc88ac1521bc3d9c4ec6d2fc33e9ad78dd7eb95735543d9eea96dd5caa27878b8bc5c6a5a7dcb8c9","ssdeep":"","tlshash":"48c02b2d35137c4cc5a3317432c37080c0da833764ba41128440800331cf2a98ac7397","first_seen":"2025-05-03T23:55:22.499243Z","last_seen":"2026-05-15T06:56:49.277556Z","times_seen":17598,"resource_available":true,"data":null}},"time_used":437,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":437,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/assets/js/2202.67d5586b.js","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:08.243Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"GET /assets/js/2202.67d5586b.js HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nCookie: JSESSIONID=836A8D6F4DB7413F2461D8FF3861926C\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:08 GMT\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 21 Apr 2026 07:31:49 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"69e727e5-7658\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jHGaMvOH%2BxIQ%2FeB07n3I4KlAMsQ%2BX6IqlxyChbShqfsGzCJmTfpkHhm7gLZ%2F2JYL3ZLgfy8hgeh05ha%2BEu8REJpQfXk3KZn%2Fj8b3aA0EXuUNN3CR3xX0Oz6MnucCFQKsSMy0ww%3D%3D\"}]}\r\ncf-ray: 9fbf22fc7d644e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":30296,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (30276), with no line terminators","md5":"9c1f6c06ac98576ffa6fa03d7b3cd82e","sha1":"3e8e661aa079cbb4177834ceeb6942b5bcfd6591","sha256":"801b69fc245809ce43027e2e496c6ff7a204c1737694ef520327ed480c0632c7","sha512":"a6e23d0178b1e0c10ca141fdeb8484faa0bcae3b1021d042ec00fb35298d5c94523ccfa798c67185462749b2ae6511a4ac6646b040318c48ef9f8cb62331b494","ssdeep":"768:nRSygB9w1O/wqaPlJARYkIGbd5ZHtg3LaHzme/Hgbp0nhn:grqS2PGCaHzmohn","tlshash":"e3d21ce3b3da106ddbf83584556b2100b168aee5680ac96dbabc38e715ec401e479f7c","first_seen":"2026-04-29T03:18:06.594998Z","last_seen":"2026-05-15T03:45:02.916995Z","times_seen":5,"resource_available":true,"data":null}},"time_used":579,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":437,"receive":142,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/assets/css/8133.50c90806.css","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:10.096Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"GET /assets/css/8133.50c90806.css HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nCookie: JSESSIONID=836A8D6F4DB7413F2461D8FF3861926C\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:10 GMT\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\nlast-modified: Tue, 21 Apr 2026 07:30:54 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"69e727ae-afa\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZUYCNh590tBfYRTgGyDUyfnIeMQWULU2DBVuWvm7gg7gihPEOrkeiyS36xNQVWZmXbILqu%2FWRAaEADgI57hHAb9LQbZaU6ZtnWgOjQj3xgf9%2FHD08YwVtOdHbiVcYMotMUrRaA%3D%3D\"}]}\r\ncf-ray: 9fbf23081d984e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2810,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2810), with no line terminators","md5":"7474bf2f5e89cbc11cd5f8e3f2d725e8","sha1":"32941b6a91c0f45cb5464f1fd19d6570ad5c6b92","sha256":"30283c994fd49849697ad068d8f210f6d52264d8ec68885192f9b2e3c587d460","sha512":"28a35f634c9625b8d16ce21fc15d51a305329bf6d74cf84f498f20c90d9813fd635a0607f67141a66328fdca3be18e6c109f0ab04f6b57d309a9805d93fdb67c","ssdeep":"","tlshash":"445177b047032d2de517d5cb76d1f244900cc402ea534ebea6967266cdb72cb26b6b4c","first_seen":"2026-02-09T13:47:06.871085Z","last_seen":"2026-05-15T03:45:02.899442Z","times_seen":18,"resource_available":false,"data":null}},"time_used":148,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":148,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/uploadFile/20260410/20260410020603.jpg","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:11.492Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"GET /uploadFile/20260410/20260410020603.jpg HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nCookie: JSESSIONID=836A8D6F4DB7413F2461D8FF3861926C\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:12 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 106219\r\nlast-modified: Thu, 09 Apr 2026 18:06:03 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=k9%2F8M0CRnqTXc3xUg%2FUDnTEQ6XASA%2FdQXlAM1vGzur4Zgw9AqfqBC3ks4ow1OyqKJWI8D9u%2FlUzDGdxwlazIQl3t3msDPGVh63LJ1Xyq3YnUR19yg2PTu1FGKQibNw6DdBSWAA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9fbf2310ddbe4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":106219,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, resolution (DPI), density 144x144, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2026:04:10 02:05:41], progressive, precision 8, 750x536, components 3","md5":"d42ead931be64cd74ea207acfefd579c","sha1":"904c4acc875f90a4066c36a743e382694b859e42","sha256":"3e7bc807b7e78cebe4d64122cd9d8817ebc196af598cfba3efe9c3862afb9184","sha512":"5233dbadce55d3fc54f6480d3336abf752d5e4f6d9eea5a03328a2f21255ed3b50e4860b2cbb6da2ef4a14ef11119517fb6bdb85f60d86e57a4c8d1c9052be57","ssdeep":"3072:pJx2lfi4wF578tQ5EAdHx5glpjfjRUyBB:pJcRi4wFh80PdHglNjxB","tlshash":"eda302e8ada5cf33f6e90730b9a4d6c6e133465ac19265cfb00d69823bb7393690d106","first_seen":"2026-04-21T03:05:14.759126Z","last_seen":"2026-05-15T03:45:02.858898Z","times_seen":7,"resource_available":false,"data":null}},"time_used":1105,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":553,"receive":552,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/assets/js/index.32b55a0f.js","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:05.364Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"GET /assets/js/index.32b55a0f.js HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:05 GMT\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 21 Apr 2026 07:32:41 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"69e72819-ef616\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iuf8BMG4lnodoZuLMfh4mXAu%2FiigaQV822lRrb1mLY1qyIhV9KOPZcFiIdbYwevMN34IQkEjDSzBikroe0Ofqxah4erShTeNPl%2FdrvDUwkgyINrKBMqaJUtG21F%2FnZkRtKxh5w%3D%3D\"}]}\r\ncf-ray: 9fbf22ea7ce14e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":980502,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65464), with no line terminators","md5":"435385facb1735f1e836ebe56d450860","sha1":"5e6c1df0d4671249ee0477a2bfa21d8b1d172618","sha256":"b993030c4d1175a567758987d693e4482946c68e596f16686a46c26cc2f32626","sha512":"5f4d35fe046811217a1c3980dc74f263105195907eca373272e2600a327b14b965283520e19ea7fd7228644238f89a21cff682f1ecd9484d04a09709e29e3fde","ssdeep":"24576:UO68tYOk3Wn2w8x1LbCX1QLaa/J+vKJA0k8mLvYiKmLpAO:IL3Wn3eaa/QvK7kxLN","tlshash":"59258e60329b633607da718934973302f3bd0a77924d90aceaa8cc5925dd96191fff39","first_seen":"2026-05-15T03:43:36.453966Z","last_seen":"2026-05-15T03:43:36.453966Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1286,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":435,"receive":851,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/assets/css/index.de59e14a.css","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:05.370Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"GET /assets/css/index.de59e14a.css HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:05 GMT\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\nlast-modified: Tue, 21 Apr 2026 07:31:01 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"69e727b5-ca7a\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TCRqFRT00ytnQTABSnTHoxdCgtmfrQxzlYA7IaZMSNq59vxY1uaT7DXsZ3v2vA192z3jUbtPpnG5A0VNhaP9IAE%2F%2FQYeDvFIHURU02%2FD3%2F79zsT8yXT7j17PEk6bomA8tokNdw%3D%3D\"}]}\r\ncf-ray: 9fbf22ea8ce34e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":51834,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (51834), with no line terminators","md5":"f0389baa17a131b14f59934fe8028ff4","sha1":"4cad7d8789d79c7be9d3ac3b93c2db0d9fdf9e4b","sha256":"6c7ed6b9f26ba92ea9db6d507b160840d085d636a3428cba33584b8a4c649b54","sha512":"cd3631233dd95d6ccee95f7939f8497c5c21b83e427519427af60feed7eaf3afa308e4c75cd67427e78658c183ddef52062c77be117d704322abc03d472a2a21","ssdeep":"1536:uXqiooUNDgL1Vrk84QA8uaA3PMKw3GYtppF0KxCsMiV95hR9HjReG:vMKwWYV","tlshash":"d3334c747b0d2117a87fc0d968d4e9689c39f8c3e4124fe9b67723564e973833ae9248","first_seen":"2026-01-21T20:20:48.178214Z","last_seen":"2026-05-15T03:45:02.887485Z","times_seen":57,"resource_available":false,"data":null}},"time_used":697,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":424,"receive":273,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/assets/css/3367.7b09b9b1.css","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:08.229Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"GET /assets/css/3367.7b09b9b1.css HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nCookie: JSESSIONID=836A8D6F4DB7413F2461D8FF3861926C\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:08 GMT\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\nlast-modified: Tue, 21 Apr 2026 07:30:36 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"69e7279c-6c4d\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8Jc4HLsFWUQFjIW%2FqZ%2FFaHMhEwCO%2BLYgaib24Y%2FCy1i4%2FW2MvprVRQLVPeiCZsgVLtfHEYzIv2LJu9MNz9lc%2FnIDp0PwqeV2Aocb5XXxTHd%2FQAUdlWQVUZqVPhMhmPjwCX5T0g%3D%3D\"}]}\r\ncf-ray: 9fbf22fc6d614e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27725,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (27573)","md5":"c6010a0c1ef42bd2f0a3462aa7e330ce","sha1":"020ba8c558eae6345b435aac8fa06711caf71a53","sha256":"c05410d9d9ad9687f68227f4bb70b3047d60799aa9fe8f9ee5c1460a672e447b","sha512":"50526a114585154f14ca478b641d6bc39aea01191b6c95ead4ce5d28d021658362a1cf93ef71e62e5030f2288e5b4a884639dbf5e322a4ce8e3acddf4ff6ebbc","ssdeep":"384:VwckoivPvNmc0USsr/qP7n5MhezqcbAHaJQyL6IPROi+ifh:DkBvt0n5mSqc0HaJQZsfh","tlshash":"3cc20a716b95393df17b816f70e0a64c941cc842f75b9faaa62372318ac31c3297539e","first_seen":"2026-04-29T03:18:06.581484Z","last_seen":"2026-05-15T03:45:02.875515Z","times_seen":5,"resource_available":false,"data":null}},"time_used":564,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":426,"receive":138,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/assets/js/3367.d70c3dc2.js","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:08.233Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"GET /assets/js/3367.d70c3dc2.js HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nCookie: JSESSIONID=836A8D6F4DB7413F2461D8FF3861926C\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:08 GMT\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 21 Apr 2026 07:31:59 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"69e727ef-7a\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9pQkVpl84MG5vkQn5IE4KHBi3NgjfaPgApSqrSkV%2FmK%2F73CAgDZyZxvi3Xwq4Emc5zlLf3triWKmde4HVGIovrEx%2BLu00PriE%2BXI3UZltXxhSgwYa%2FmRi1naJMffM0RYraCZeQ%3D%3D\"}]}\r\ncf-ray: 9fbf22fc7d624e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":122,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with no line terminators","md5":"7e47199ee62be6a6e882de901f1ec0c1","sha1":"941f1f72e392da53558573db218f91288142beab","sha256":"c23bc8930f14a2a25e59605be52d0d3d724da5c40d0fe0d3af56dbabe784ddc6","sha512":"902372d4dec6c16e01c4a1f4bd426e704bcc27296e5eb36cef5325c08ccb74d0f7a86045ceec751c1e5240da2939756c96cb299b995e6d58c4f6b78e6248b590","ssdeep":"","tlshash":"1ab09b5825867a7d333b71c154d51765746f2090351e50d76e711cf4d46754c06d01cd","first_seen":"2026-01-28T10:32:55.213511Z","last_seen":"2026-05-15T03:45:02.924252Z","times_seen":41,"resource_available":true,"data":null}},"time_used":436,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":436,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/assets/js/3582.32090cd2.js","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:08.247Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"GET /assets/js/3582.32090cd2.js HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nCookie: JSESSIONID=836A8D6F4DB7413F2461D8FF3861926C\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:08 GMT\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 21 Apr 2026 07:32:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"69e727f0-f27e\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GRevsdo7DD6bjatQKQeVJJKepfLyeDGTEA1B2Egq5aiB64VPGgv6prr4F4iS7PUWY69cUYPWe5A4eEXqD2A%2ByoWIUowAwMxrI6NCYFnJfWLlyH8Mc%2BmFoJS7GYrlsHFdusJDMg%3D%3D\"}]}\r\ncf-ray: 9fbf22fc8d664e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":62078,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (62070), with no line terminators","md5":"84b39df92152dbc1b3b2bedcbf8ff202","sha1":"406ca3d28d48221f5aa207e1b749d5db943bd3ce","sha256":"7bf7bf928010d94e3bb2fb277438ca5eb1cab4fee3ae9d8437b5f8c1989b8cd1","sha512":"6abe7d39d2d7886f619bfb1acc8474ec7d9ca6767861085523d5b8609c80a7546efe8355caabc41a01630b0790214488f3d201b38ca9227c7064bd86958692b7","ssdeep":"1536:xHa0LAx37TK4GTgiaq6NUsLIou868l845Xm0cAj6:x6iAxS4FAMIou8Vl84VmJl","tlshash":"78537c15a18be4ffec2d6061a10e2a30f4693ff48161e48af63ccd6595d8d64370ebac","first_seen":"2026-04-20T10:56:10.058492Z","last_seen":"2026-05-15T03:45:02.88061Z","times_seen":8,"resource_available":true,"data":null}},"time_used":697,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":423,"receive":274,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/assets/img/team.d15770ac.png","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:10.104Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"GET /assets/img/team.d15770ac.png HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nCookie: JSESSIONID=836A8D6F4DB7413F2461D8FF3861926C\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:10 GMT\r\ncontent-type: image/png\r\ncontent-length: 14143\r\nlast-modified: Tue, 21 Apr 2026 07:31:34 GMT\r\netag: \"69e727d6-373f\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZxQTvbqnRu9%2FXZhKAN8qrLy1CRr3QiHMOoywGS8B%2BMazh1KkFJ0Z7QbprinweZr%2F%2BlUD9Yhm4jSpXdPiF9yTwVQGjESdbDqH3QDJiFrksroqAhD5NID2SoXyP1aAhWrrMphMfg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9fbf23082d9a4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14143,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 450 x 320, 8-bit/color RGBA, non-interlaced","md5":"05c4ba342a51f3e4a7527a6433e00397","sha1":"72e069a58f80db92d0526ab4d3c511ef6147f0e1","sha256":"9068b3a3eb2491602f4d3fda29ad0cf3572a55faf51a965db5de0e0139564cc3","sha512":"22d14c58e0ccea035624b429fb6961517249268548c489ad09dd60d204d7ae1a26a4eaf6f9d32f261516a900408146139ad14ed322021f5c621a6047510607ab","ssdeep":"384:2iIoMRn6hBcuOCsjU7DNLUX4VKwse/4v9zfi2bmFL:2iIoM8q5ORwpLH62s","tlshash":"a252c1d85a6fc649ecee9497a647673f42f70da3c8b332531122f8160812c0e419fb5d","first_seen":"2025-08-01T10:27:47.898655Z","last_seen":"2026-05-15T03:45:02.900606Z","times_seen":56,"resource_available":false,"data":null}},"time_used":617,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":466,"receive":151,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/assets/img/icon-withdraw.9b673b19.png","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:11.470Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"GET /assets/img/icon-withdraw.9b673b19.png HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nCookie: JSESSIONID=836A8D6F4DB7413F2461D8FF3861926C\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:11 GMT\r\ncontent-type: image/png\r\ncontent-length: 33267\r\nlast-modified: Tue, 21 Apr 2026 07:31:15 GMT\r\netag: \"69e727c3-81f3\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MN8ikS5b8LgE72eVfarc%2FZF1gbpRQOwOt0DgGFFf99XAA8ElXFJd8vVDWFrlqNgeX9y389ZNOSHv5sbo%2FDRTqIH8qeCQsmqX9VZbDogVhgG9OkzNiS%2BXt7xoMhzB4fVwW3WDXQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9fbf2310adb64e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":33267,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 177 x 177, 8-bit/color RGBA, non-interlaced","md5":"293000c552221501eb62bbce2ac92f05","sha1":"109077da885e235a5d69a58f20e13559b75429b8","sha256":"357ca3560727f5e8364abef9f0395172dc3a8aca83311263a57fbfff83c4a32d","sha512":"6b3e2c083469aa410c6181f4e006078e601e35d52ef50b2ae21e387e2ecbe5638eb3e4a421b0636a354ccc7a91dddb7109daf450497e663209401f87b5513d41","ssdeep":"768:fH6t1ooDZIvURMlZuD0Zd60esF00r9LOeX4VAinTGjG:fH6t7ZISMl4D0ZMgF00Zyc4VdnTGjG","tlshash":"b3e2f161e2f224bdf0e6ef65e00deee41bde540252d671601cb997d22ccb631c051bea","first_seen":"2025-09-19T04:24:17.64155Z","last_seen":"2026-05-15T03:45:02.890863Z","times_seen":53,"resource_available":false,"data":null}},"time_used":567,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":428,"receive":139,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/assets/img/icon-vip.dee94ddd.png","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:11.476Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"GET /assets/img/icon-vip.dee94ddd.png HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nCookie: JSESSIONID=836A8D6F4DB7413F2461D8FF3861926C\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:11 GMT\r\ncontent-type: image/png\r\ncontent-length: 31441\r\nlast-modified: Tue, 21 Apr 2026 07:31:15 GMT\r\netag: \"69e727c3-7ad1\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=u7tnev9ANRcFGB87VIcabZ15OTigoAMar%2B9J3P9u4%2B2V0oyZS8BGHo5%2B9FE51PgRcD6N8br5%2FjlJePQczbqxzaxT8yALC97WEaPZFnP2zBHruZcXoGCNf0tgPSZuyi4tJRDcFw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9fbf2310bdb84e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31441,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 153 x 153, 8-bit/color RGBA, non-interlaced","md5":"a092a74bab772755d262977a791e36ae","sha1":"6b869b41d539953bd874c1010d3965afe4318cc8","sha256":"d1970d02a1817e9521f4a75da24c53b47c37c5ed8b54aebf832d3f15e150d594","sha512":"40db0433dc7e0c7e6edd87478dc131745ad97aa9f14e63e8cf5330a89d12d87ed017f0b731310a03bdbfd2fc8883a6a1e6a3dc11c5a60ee74939e0c55c691b4f","ssdeep":"768:JjqT+ms21u3ZUHp7p+DueYAENYXUqe38HNE9mu:GC2OZWADcAMs20u","tlshash":"ffe2e1bc3f8892e5f9d09056a941fbcfe2789fa4b366c904716c6d81d3d4f040a26bd9","first_seen":"2025-09-19T04:24:17.684746Z","last_seen":"2026-05-15T03:45:02.893715Z","times_seen":54,"resource_available":false,"data":null}},"time_used":607,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":458,"receive":149,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/assets/js/4805.2b12a0e8.js","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:10.070Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"GET /assets/js/4805.2b12a0e8.js HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nCookie: JSESSIONID=836A8D6F4DB7413F2461D8FF3861926C\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:10 GMT\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 21 Apr 2026 07:32:07 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"69e727f7-17891\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Q8XZoaiRRik54o55IB1k0npPuXUjszfZY57ziEmBjAzlUjUTY07xt5gK%2FKwewZKIFgCmtz8YVFqt4on8y7Tzxpc86Qcvbt5nUFsi0KLCrZeCwVWmjwQ6hEcIdcMvgPFVbHGsdg%3D%3D\"}]}\r\ncf-ray: 9fbf2307fd954e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":96401,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"9a7770803bd2379ca8f544a7773fff5b","sha1":"fa24d37a06881956b74ee18ac1a15f6b16a6fcd2","sha256":"18a890a3e394ca4c0c21f43d57391bff1953d753669f1eed0a2e283cfc7a6573","sha512":"1d139575755c716ef3ee52d950d8d8846179e921059c6981edfefff13d9d00131051f3da27cd0e5228eca631289065d9cd419afe3f8b2bcd6a06107559d88dbc","ssdeep":"1536:+xCeKWC2jOlvecokNPr42Qj9LNITPn0oIoZRBoEAELhgJciHuaQZr2nQIftHcCbB:9eDBjKv5419NIfIo1gEDiHuaQZr2fL","tlshash":"90934c9032b0f03157ea50eb70766203e330691db44d847cb6addcebad69a5d6326f39","first_seen":"2026-04-29T03:18:06.606482Z","last_seen":"2026-05-15T03:45:02.882162Z","times_seen":5,"resource_available":true,"data":null}},"time_used":719,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":435,"receive":284,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/assets/js/8156.7c090cf2.js","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:10.094Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"GET /assets/js/8156.7c090cf2.js HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nCookie: JSESSIONID=836A8D6F4DB7413F2461D8FF3861926C\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:10 GMT\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 21 Apr 2026 07:32:29 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"69e7280d-11997\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Lcy9HEXcPXlRw7rlJLyrEUZWvU7s8fft6xZRQg6LrCBn5esCBIWo8ACEy%2FFQ2LqSStnG2volWFzNPAqHpXcGhhZpNdVpcyG9JyMa43rVLd1kYalq54xnL6dd5ZjRKTqetLYwOw%3D%3D\"}]}\r\ncf-ray: 9fbf23080d974e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":72087,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65517), with no line terminators","md5":"ca21759ebcf1188e811fcbfd811782d5","sha1":"093f2a13bae7b6d78fa7b3d00bb878dde02bf420","sha256":"f9002271ffc431fb41ecabae2a12fe927d05c6f3d7a00660734234f89c62118d","sha512":"0889ff7ab7dd63e8548a6d786f6b19ca141e91981fe9ede6d32748b0870503b72be86828bfc57d8833d7c1810eaaed626cce1aaad63d9564a7d138b0c8da4586","ssdeep":"1536:MiSa0qa2IR30e4G8GzAopGFObPI5+95q6J5q6gqbcQH0EW:2LqwnRtRcqR1W","tlshash":"66636c11a893e17bdd7fa111510e3934f4763fe49420e08afa788cb469d9c64b71eaf8","first_seen":"2026-04-20T10:56:10.093847Z","last_seen":"2026-05-15T03:45:02.912614Z","times_seen":8,"resource_available":true,"data":null}},"time_used":696,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":561,"receive":135,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:10.821Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"HEAD / HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://mt0403.6868dc.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=836A8D6F4DB7413F2461D8FF3861926C\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"HEAD"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:10 GMT\r\ncontent-type: text/html\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 21 Apr 2026 07:32:46 GMT\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UWrq76eRyL%2BkGeX5lBNS%2Fy5eqUw3WL9opZb3VgIRWXEPNrg6d0L%2ByKjOttsoZrZmPZSRr5nEFtJypNeHGn5VsEgP6Yjb%2BmdHw%2Bu9L3n7TgdW9QxsynSl4qQFX%2FPWN3QAJc%2F3ag%3D%3D\"}]}\r\ncf-ray: 9fbf230cadaa4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-15T06:59:12.237288Z","times_seen":15204267,"resource_available":true,"data":null}},"time_used":147,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":146,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/uploadFile/20240605/20240605104048.ico","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:11.089Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"GET /uploadFile/20240605/20240605104048.ico HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nCookie: JSESSIONID=836A8D6F4DB7413F2461D8FF3861926C\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:11 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UylvASKRlk0aQjTrpSFm4hZ1lFCsu5H%2Fe%2BmOHHXaEi3n%2FtFOHQ8lJiCNswfYBjDnMS7TNITo7dUk7TLImsaUQozMXu%2FUfLw6KR0ng9to0s8ezP763fXYiCjnifU51N1PeqV%2F0A%3D%3D\"}]}\r\npragma: no-cache\r\ncache-control: no-cache, no-store, max-age=0\r\nexpires: Thu, 01 Jan 1970 00:00:00 GMT\r\ncontent-language: en-US\r\ncf-cache-status: BYPASS\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\ncf-ray: 9fbf230e5db04e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":82,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"27bb654e054bbad24bd435ed43529d00","sha1":"1a0d482be1eee574d825629bfb7d9528b829ba49","sha256":"c8cf197434f00b8adc2e86f8144aaf5982b8ab110611fb09920b52e731e068c3","sha512":"bcafd44df50a9c82bb9287297580b37d473c4fbbd60f673b7cbdd21355e602f9c7c9409663ea09deb6ed8f40e5f11430b510c3a5220dde90c9458bb04560d9db","ssdeep":"","tlshash":"03a0122e0848f45c0b02f4e130c860300161545000a024103d10a1744494a0d4742980","first_seen":"2025-05-10T13:21:01.10085Z","last_seen":"2026-05-15T03:45:02.895303Z","times_seen":125,"resource_available":false,"data":null}},"time_used":807,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":807,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/assets/img/btn-ai.f987618d.gif","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:11.465Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"GET /assets/img/btn-ai.f987618d.gif HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nCookie: JSESSIONID=836A8D6F4DB7413F2461D8FF3861926C\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:11 GMT\r\ncontent-type: image/gif\r\ncontent-length: 604547\r\nlast-modified: Tue, 21 Apr 2026 07:31:06 GMT\r\netag: \"69e727ba-93983\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sQg7ac9vlSAkngeYBTvaU8%2FqBYAWI79VQznTnz9OdLDgCi1q%2Bs7%2B0RknGI6Huyj2F9UJangKCZZDC2Zym4pGh8Rv9yS9jGhTggDwxrAkUuWI%2Fo7LrT0mfqNmhbDU7N%2FkYgzzFQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9fbf2310adb54e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":604547,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 510 x 227","md5":"71da39b3e43defd508d51071bbffbc62","sha1":"7d700115d90662a508ddbd45d12a4cabf43cbedd","sha256":"4c21898c83803f7fc794560b1eeb30272473fd599e502a2ce304a267f39fae0b","sha512":"dd38fed202192e2be64f4f93072bc134316ccafc81d87008942d4a54bb49d7bacaa4b1a9742f5d1e246891768e7cd0128db1f1eb4894f819d94eb4459cf1c81d","ssdeep":"12288:Zt9gzgNjA0e9lhv7tPwpZuKiMIE9PruUu/MDoLyd4s5919jgnWsAMIoRII9X/ve7:6t5lhv7tgkKYoiULtP1mnUI926I","tlshash":"18d412ef88751fc2dd6651a53a0d22d49fe531be24fbaa3314d0ba4ccb8e83914e4b45","first_seen":"2025-08-01T10:27:47.905609Z","last_seen":"2026-05-15T03:45:02.864467Z","times_seen":55,"resource_available":false,"data":null}},"time_used":1230,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":457,"receive":773,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/assets/img/icon-loop.4cde8534.png","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:11.478Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"GET /assets/img/icon-loop.4cde8534.png HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nCookie: JSESSIONID=836A8D6F4DB7413F2461D8FF3861926C\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:11 GMT\r\ncontent-type: image/png\r\ncontent-length: 27518\r\nlast-modified: Tue, 21 Apr 2026 07:31:15 GMT\r\netag: \"69e727c3-6b7e\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Od6xWhGGTqknHGe0IQD6XPS0BrlQ5M4fwqM3quruN2hlIWWJKkYrpXPjFEauGzahotpJ2sG5o9mtFjvg1BQZKoBcg8vfKG5Yr65R0kBsj%2Bqk6syP2JeV8yedJX8Wejzw7nabzg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9fbf2310bdba4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27518,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 153 x 153, 8-bit/color RGBA, non-interlaced","md5":"d4d24a4f8c0b7952307c7132beb5e877","sha1":"eab2c9013c98e4f221ac6050ec4d7d2e2a3808f5","sha256":"383708f64d5e0527e9d7f8ac37a06386d4a18e6681db1048a5747950670c0a71","sha512":"539e922672db67c0f92a6c6ead3abbddea17890bbff0a42bff5ced39c1bcf472fca5a550dd9df0ad759ded69b409e42210f92533ec69ed0d5c0da926578cb7d0","ssdeep":"768:EESL9hsniTSdOTDExI86EoJJQTQ/RjQiz3N:0KiWQPuVKzjQK","tlshash":"d1c2f1c88abf79bd4caac50b837d653ea0b9bddf67b9806c5cc4683c4074d4b5a86301","first_seen":"2025-09-19T04:24:17.717466Z","last_seen":"2026-05-15T03:45:02.921212Z","times_seen":54,"resource_available":false,"data":null}},"time_used":298,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":297,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/assets/img/icon-hashrate.68ac2007.png","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:11.479Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"GET /assets/img/icon-hashrate.68ac2007.png HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nCookie: JSESSIONID=836A8D6F4DB7413F2461D8FF3861926C\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:11 GMT\r\ncontent-type: image/png\r\ncontent-length: 9579\r\nlast-modified: Tue, 21 Apr 2026 07:31:14 GMT\r\netag: \"69e727c2-256b\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pae3zjkL6tw%2FrWr%2BxK7ld0ERb1CpS2Ss%2BGiTtd%2FmrkXvRomZ6JzUZpgExWfF8LXfo1t3wwsQi748NpTtF%2F5OoU6%2FsUwebzeChI5SaZvmXL8IVRiS%2BPwPHPNtNskt6Np0IaUxiA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9fbf2310bdbb4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9579,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 59 x 59, 8-bit/color RGBA, non-interlaced","md5":"5469cd02fcbb7e5d43f925fd26c1a574","sha1":"5a3124b096d6336cf1606bdc7b1338df2bf1e01e","sha256":"2c25202d09034a655bd83313e1290743c5bb31da90b9d037fc6ffdabf5f60bcf","sha512":"1e59dbb039a6d5d9d98fb0614f08b94c378135a46cef47a6319766e7cda8a3f79f4f733a7c8cc1b6826e247f929dbb3b86b3a17e15914f1e5d4a664dbca23725","ssdeep":"192:wreWuJ8hIO4TRebsTUfAIyf3BwaIdM+kXVmOsE/KGOh6encvp:wreWuFO4tumSdc9ICdyGPecR","tlshash":"2a12c0d50db5c8e20b02ec91c528f3862d779510b511ecebe69802bb7e8df81306757b","first_seen":"2025-08-01T10:27:47.907111Z","last_seen":"2026-05-15T03:45:02.905949Z","times_seen":56,"resource_available":false,"data":null}},"time_used":457,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":456,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/assets/img/radial-bg.17585ae6.png","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:11.483Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"GET /assets/img/radial-bg.17585ae6.png HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nCookie: JSESSIONID=836A8D6F4DB7413F2461D8FF3861926C\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:11 GMT\r\ncontent-type: image/png\r\ncontent-length: 84502\r\nlast-modified: Tue, 21 Apr 2026 07:31:29 GMT\r\netag: \"69e727d1-14a16\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tskZr3nC2c4osLZP46nqi1SWXNqCzoxrTvkTBq7v8qX5TdVBFZhaG5yN3aZY60OVBUtlmfz4VKlQaDwUNjwwIaCA179rUgLQWXP0xbJFHPB%2FaPrdPk8rms4TYoGz0Pu0hT9XIg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9fbf2310bdbd4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":84502,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 341 x 675, 8-bit/color RGBA, non-interlaced","md5":"23e63822ad18e8970e93d4c87e57bc95","sha1":"d5f248217c7d800bf36d599e8afb980552aeb801","sha256":"8ada1369ef6018dfd70c15da68c1aeeef391da6a3cebd92812c0cf0dab53dea3","sha512":"95b4ad452e55a3c72b4e023a47b7f7d8d476f40278342f5ba8c2ec491c21cbd0cf0b84e9c1453b25153b1e555122e1753df0ddbb77578b171887f7456a367dff","ssdeep":"1536:KkoP7cIQF7fqmaUw6By8EOjzBohCd9M8YSUm+s89pDO2:5oot17aUw6By8EOjq4M8YSG7O2","tlshash":"c1830291d69bc9716dd921f317fe36ec084129b54d16f8c912cf28e163ac903dc8aee2","first_seen":"2025-08-01T10:27:47.829971Z","last_seen":"2026-05-15T03:45:02.91506Z","times_seen":56,"resource_available":false,"data":null}},"time_used":568,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":426,"receive":142,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/assets/js/3860.aff8fb07.js","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:10.086Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"GET /assets/js/3860.aff8fb07.js HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nCookie: JSESSIONID=836A8D6F4DB7413F2461D8FF3861926C\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:10 GMT\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 21 Apr 2026 07:32:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"69e727f0-79a93\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OPuBpyLLptl9WRZH8Ge9dg3yHRSYCiq17LQM1XdM9fQ6s%2BXSiHTJCcsDcSQj7xU%2BIlvY34FkJbadeC3UMsuzIm6fjc4umRBvDR60DTGxAPjUGX4Yiy8rKrwZVTCaohLKbx7XMQ%3D%3D\"}]}\r\ncf-ray: 9fbf23080d964e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":498323,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"26eea29b60e4a2302d5902faae05a760","sha1":"aba3d480a9c59d670bb0b21ddbdc223f0d3008db","sha256":"bbc6b03b2feb11a84e36a88cde941ea68c397808ffe8136e3a658ec87ddba086","sha512":"d2b8cdb4f6765b18ec98d73d5841f5cbc6f62b5538fce73787e947d3e8d6eb183d046078998d95bd74214a10db52e4cfd5745fa2e577be33e1695780385df503","ssdeep":"6144:ZpQQ82ol7YDyomKCYzLrM+xt2BaN17Cf2/slpXaFO+u:LQQ82o5Y2ok2marCO/cp0OH","tlshash":"ffb419dcb291b425439721b0447f150fe33a694da80a85a8f669f4da7cbc44e623bf7c","first_seen":"2026-01-16T19:41:07.354241Z","last_seen":"2026-05-15T03:45:02.877599Z","times_seen":49,"resource_available":true,"data":null}},"time_used":1208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":461,"receive":747,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/assets/img/receive.63fc7435.png","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:10.101Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"GET /assets/img/receive.63fc7435.png HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nCookie: JSESSIONID=836A8D6F4DB7413F2461D8FF3861926C\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:10 GMT\r\ncontent-type: image/png\r\ncontent-length: 81208\r\nlast-modified: Tue, 21 Apr 2026 07:31:29 GMT\r\netag: \"69e727d1-13d38\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vJsFeaKCUNHwL6jWXmT27HKfzEsoo6Bf5IChqNnH6xYqwwsqd1rd5sS45zm0gRI4sxtxByqJvlNtLCbdV593b6jhJICvKHCs5ZvklrGLajVgqdcxlAdcBA1zEzB%2B8qSwviPvFw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9fbf23082d994e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":81208,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 291 x 291, 8-bit/color RGBA, non-interlaced","md5":"1187a7bb85e6fc3978c34bfb3a378f37","sha1":"93d67895bb111b72535941db67349e44dc87e7e3","sha256":"81dd8f18f8b69fb15074a1f6c67cdfdbe4c18de1910f95804a947f75a43d0312","sha512":"2482f43aba935aeb701dbb31d06af8702920cb6c7a0b3a37d7ef5474a21c9a876ce47476ca58e79c3594738fbd170dae764e8e9d66c18bf87f0be4c4f32344df","ssdeep":"1536:Gu9RQzCB9g/lFhFgnVlTSDWrFCoOATMSous+p78dgfnZBPx9QQUQqhXD:LWzCB9g/5FgnVFRFCoOANs+zfR94Qu","tlshash":"5e830237f8dbce1d1ea6017b0af2145399684db448e1a995773916fdbf82c9ed0409cc","first_seen":"2025-08-01T10:27:47.88346Z","last_seen":"2026-05-15T03:45:02.88294Z","times_seen":56,"resource_available":false,"data":null}},"time_used":720,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":436,"receive":284,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/assets/img/navigation-bar.d42f860f.png","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:10.107Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"GET /assets/img/navigation-bar.d42f860f.png HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/assets/css/3367.7b09b9b1.css\r\nCookie: JSESSIONID=836A8D6F4DB7413F2461D8FF3861926C\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:10 GMT\r\ncontent-type: image/png\r\ncontent-length: 41546\r\nlast-modified: Tue, 21 Apr 2026 07:31:24 GMT\r\netag: \"69e727cc-a24a\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Tpk73v636%2BNSQkF%2F3jxfol4eIdQFBsOiUe4IV4b6dTYDPQ7WfYj9Wum4BJaZnjxYMdq9K7YlClsXgySJdXqzd6%2FuZi3AQ%2BVVDTIY7u6qVZXdbF0eM0sVQI4j5wIdqX1Kcvd0sA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9fbf23082d9b4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":41546,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 590 x 184, 8-bit/color RGBA, non-interlaced","md5":"fed74a73e6e9200ab5bd2ff6f1d78a34","sha1":"3aec86d9a42496710ae0baae79eaff2e70189246","sha256":"30310345d4802640a2e6926507c8234c15ce7b0d0241bc3b5c179dc594af1c9d","sha512":"bc70e00aa30153847c08bbb2e092c91d645a7f4b56836b33de1f7ee553e60c483f440ea5da67d9402008ac98ff1d0e3c4b391b33615af7320fd59de79bb082e0","ssdeep":"768:CjONcWTBmQUeJgUZG6idzuNe0tcTP6Bhw3Tf+lsFC8xHHMjPVHQ2:Q6JsQ2zuNe0tprwawC81QHl","tlshash":"fa13f12ddef774029cbb7423c65666f1695fb6fc0a9769e8c3a6419135b202c7ee0900","first_seen":"2025-08-01T10:27:47.871375Z","last_seen":"2026-05-15T03:45:02.925459Z","times_seen":56,"resource_available":false,"data":null}},"time_used":157,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":156,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/assets/img/icon-wallet.ca4d61b6.png","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:11.463Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"GET /assets/img/icon-wallet.ca4d61b6.png HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nCookie: JSESSIONID=836A8D6F4DB7413F2461D8FF3861926C\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:11 GMT\r\ncontent-type: image/png\r\ncontent-length: 36129\r\nlast-modified: Tue, 21 Apr 2026 07:31:16 GMT\r\netag: \"69e727c4-8d21\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ipeg4sWI6P9I3n2M61kYejKgbirsDwchgpS7eZlYnBrAq1AiCBGHvCZK%2BjwNTXC1dOiGLm0d4qxUAnuvQFO9mQYj7uwByNh3y9IOJhzrDC3252i2PJOWBn6SCznH2aUn%2FuFtlA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9fbf2310adb44e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":36129,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 177 x 177, 8-bit/color RGBA, non-interlaced","md5":"1ca28f21eb701159393f037095e496ad","sha1":"a5a58cdfd2310710653050dadb781a38e36a5cda","sha256":"95c8ec18da8708a0f2c8e5540ab7c2dba3b5b6997a955d18d6ab1eb88792a58a","sha512":"c60f10cb049bd1437183443a0af01b46da57359a08cb63dacbd7be47b53491b5bda0e99560666efd83fe74bc249fe5f96e88cde6c168c3a32b87fafc982d2952","ssdeep":"768:500NhcAenPf/7gA6wyWNMLCjIQlxGFlywOVNB7XEaTRF9:S0kHTgfHKEQlxNVNJEal","tlshash":"b2f2f23b255006b26b7eede662466c90381766af9537c2dd5e4d78723fe1c00e42f319","first_seen":"2025-09-19T04:24:17.682712Z","last_seen":"2026-05-15T03:45:02.903188Z","times_seen":54,"resource_available":false,"data":null}},"time_used":325,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":189,"receive":136,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/assets/img/img-banner1.84a5b3eb.png","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:11.481Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"GET /assets/img/img-banner1.84a5b3eb.png HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nCookie: JSESSIONID=836A8D6F4DB7413F2461D8FF3861926C\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:11 GMT\r\ncontent-type: image/png\r\ncontent-length: 286207\r\nlast-modified: Tue, 21 Apr 2026 07:31:17 GMT\r\netag: \"69e727c5-45dff\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Rs3Q%2FXtDn0JPxCCPamvrzx17c%2FgRVVbvlnaaI7wnvHCJRJVORmGbmbwShfqWOyteGX0oNBhtPagKCgXGi1IfnVJpgjwb1BZrGZ79HndfDDNd5LeBTRJnPp8W8fyGalep8DY5%2Fw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9fbf2310bdbc4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":286207,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 440 x 457, 8-bit/color RGBA, non-interlaced","md5":"7d23152368e6fd0a670632530f876635","sha1":"1e44b6ea048d876a8bc3e11533a2dabe94b164d4","sha256":"eb47309679a1dc62a1057c665b1ea62c0f88c5c14cf0e22dca108187a5b8587f","sha512":"25dcbe97f3f207ce27e314e01334279d71635385900ff70011832f767f3e03d25b131e0d50f896e41cc86fe3e471d3769d8a3fd967ed5b6abd0bbb9dfceacc29","ssdeep":"6144:lCjHYBpQ974OusbkIRgoZQSnkX6Kvt8eToWa+KFVhDtoOoh8F0YOrbxxXRPS:IYBG141kkD+kZFTw+KNtg8FdOnxxBPS","tlshash":"4554233135bd7c1627bcbe5ace39186b0881c9dd9da6084dbc2f592e726bb1b410c47b","first_seen":"2025-08-01T10:27:47.835351Z","last_seen":"2026-05-15T03:45:02.879051Z","times_seen":56,"resource_available":false,"data":null}},"time_used":1038,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":443,"receive":595,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/uploadFile/20260410/20260410030134.jpg","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:11.497Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"GET /uploadFile/20260410/20260410030134.jpg HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nCookie: JSESSIONID=836A8D6F4DB7413F2461D8FF3861926C\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:12 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 113418\r\nlast-modified: Thu, 09 Apr 2026 19:01:34 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mqU36VGzXBwuE5fz6nX6WiEVGJWLJ%2Bj0y1Sa%2B2ddOTUsBSrnq2sn0wKoVaVuqIyEu8MgASSYY02QX3Ok6rm7JJrcpPDQBEhJYRR8KmoC8fvZCnevK7KV%2FVR0kifLSpYivvUnMg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9fbf2310ddc04e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":113418,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, resolution (DPI), density 144x144, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2026:04:10 03:01:19], progressive, precision 8, 750x536, components 3","md5":"44016c693a1c6c9b9b242a936d7c4b2a","sha1":"45210ea5b64b85876b77c7f44bad972f9a3dbb85","sha256":"05346a9c427c0565d95f4a30fefc63a95e06ea0afc018992e3f4c2fa835c14f1","sha512":"7ba73b498b097c94970c09fa31ac6082493cdd31fee3d9fd917b99d126367869a7545197f3595287ae236fad8717ab952e5ac9c48b5d94b8ca494b74ea244300","ssdeep":"1536:l7uoZ1/7uoZ1rnfXFM1ZY8kVd24U5qsYCznSltg/eL9k8fOaQVcoH8yGtuMPj2iC:ZVZJVZ1fXFaJnGtgCOhVhH8yGHva","tlshash":"7cb3023d3ba19d53c4f090b4c856d79bf00037aad2671baa761c115cbf62291bbe9607","first_seen":"2026-04-21T03:05:14.738149Z","last_seen":"2026-05-15T03:45:02.907627Z","times_seen":7,"resource_available":false,"data":null}},"time_used":1105,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":532,"receive":573,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-15T03:43:04.654Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 15 May 2026 03:43:05 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Tue, 21 Apr 2026 07:32:46 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Is%2FIogIjiJGExVJHlGarTelchMDtLupnJp2W%2FzKMrroHQie%2FClYaH2Bgu%2FAqti0WPYmXsaAAlCe13JXQtiG%2FgLUC1geMocLkVFA1b5ptaL3Qv3lFN3q6k9McGtW9cMuIJt6qsw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9fbf22e67eb9c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2399,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (1417), with CRLF line terminators","md5":"26e92331f04867f07c1c9c1faa0a1e22","sha1":"512a70fccd27e90b0551c1476acaa826e65fb6e2","sha256":"c480bc358745e29bcdfef39737337e5d2357007a7e47d0aa7dbc3c2665f4f47d","sha512":"b4df17b5a0cd313d8aa6b27f2af7a45c83faae49b66aab570b553aa712a25a54dcd607e3419ab2e606821c498fe5c75778794f2add8c2c63de385a2a2699fc86","ssdeep":"","tlshash":"434144e39c105c1d27714a32ea66f11a8a796524d454ec99f4dc60ae4fe0fc380c3f35","first_seen":"2026-04-29T03:18:06.57277Z","last_seen":"2026-05-15T03:45:02.879804Z","times_seen":5,"resource_available":true,"data":null}},"time_used":558,"timings":{"blocked":59,"dns":30,"connect":1,"send":0,"wait":440,"receive":0,"ssl":26},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/js/web3.min.js","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:05.352Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"GET /js/web3.min.js HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:05 GMT\r\ncontent-type: application/javascript\r\npriority: u=2,i=?0\r\nlast-modified: Tue, 21 Apr 2026 07:32:44 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"69e7281c-9cd7c\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ebaRx%2F0TffkbyzPkZJi21BQDdP%2B8Sd4N%2F%2Bm8Ygja3Y6J5WZo0ComxcmF4T2%2FO20DPxa%2FaMc6qu9uMXAm696t6aUHBLJ0trxYF97gkVG2Gnvy0yPsCpQv1DCqbzQX4JGe7JzWOg%3D%3D\"}]}\r\ncf-ray: 9fbf22ea6cdb4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":642428,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65470)","md5":"ce5bd54ade787e3757d0d32ff267280a","sha1":"33daa933561e55f9988e2be25448078f97ef0db2","sha256":"f03340295d792adb763c777eaa96039aa831c2402bd7cbc970db44931fa736b8","sha512":"11ca21748cd36a3ee4bcfd3298cdd188ac5a9ef7f01af8ecae6a2e15139e2dbb485cd5e04010d479eeb0adfecbe1b8304a25c66512e2d8094390e4385ab08a62","ssdeep":"6144:iNajiG1YOdqCibdPB8c118X1Unf9F9CvU9sT6Q479FwwQPvi6naRq3A7Hpa:ic+skHYW79FlDpa","tlshash":"98d44b847690f0a10bdb50e554b70002f334b965701d94a8b7b99cebbea9ecda137f39","first_seen":"2024-12-04T22:03:33.643534Z","last_seen":"2026-05-15T03:45:02.916098Z","times_seen":2082,"resource_available":true,"data":null}},"time_used":1156,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":443,"receive":713,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/assets/js/chunk-vendors.510c1d94.js","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:05.362Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"GET /assets/js/chunk-vendors.510c1d94.js HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:05 GMT\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 21 Apr 2026 07:32:38 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"69e72816-478ce\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AHtBlAdxmhYuKKln8%2B2pHJgzAG%2BvnkPswS8c1QlPUg9frKWvlGdKY8fqlSaQ6dY9RkwQRTYNZOQIHTedhtKUTTJLmKOwpz2dvHof5QhTHkVhf3t6bMl2Fvaqz3A6bFjfORr%2FaA%3D%3D\"}]}\r\ncf-ray: 9fbf22ea7cdd4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":293070,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"5c9b5810e450dea73197b6f1e631f49c","sha1":"e700133dd570dd11bef0505c1725e2d20af952e9","sha256":"310b3f854af87c01f0af5d2ba248a26c0d9869fc920b872c0c828d0279f6919f","sha512":"657d60cd9778c10d48f6570725af1ff197ea178b2382be01d5430abe0d8900ae7c6a631cf478a0003801e9a1e69f4f918d64c8914c235bcee8cc493246afb5aa","ssdeep":"3072:5YFUeD8r4nfMdJ34Nape8sW+MW334mwXJoXOgtkqC1yHSuHFol9caYizi:S3DOWa24oyaHql97u","tlshash":"5354f6cdb291b0b207e760f5402f150bf23b6959a80e84a4f665e4e5acbd94e9137f3c","first_seen":"2026-01-16T19:41:07.399477Z","last_seen":"2026-05-15T03:45:02.923271Z","times_seen":61,"resource_available":true,"data":null}},"time_used":1029,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":439,"receive":590,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/assets/js/5911.fe7c027e.js","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:07.348Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"GET /assets/js/5911.fe7c027e.js HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:07 GMT\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 21 Apr 2026 07:32:15 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"69e727ff-23d9\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=frdD8ahZ71DCNbwWZzEg%2Bg4RecrOWL9CIxRnCfHYguCL8JV40BT5RcmNwDrqe387vZZuOkYYQ%2F0CGEK%2Bc0C9ZjZFQpXF5eU5OaKeQuii8G8e2YVp3AsmdJ8D5O2XO8JHjQWxzg%3D%3D\"}]}\r\ncf-ray: 9fbf22f6fd474e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9177,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (9177), with no line terminators","md5":"503df0c13b7c5e285486abd29a208585","sha1":"abfcc70397ed363e50983df7ca287a67fbf5b67e","sha256":"58b155704667bce30b11d1a819c47cb266b8fad7fed3b77cc7ac007aadba3cdc","sha512":"3233ff93556322bf8c90d1055f067f1f6fefa3daec8a72b4e6048a6f2d8c4f58f3ae4d5835b23c1a9a1ad420c49559df2d9bd7f39d8cba8da39a471421774ab7","ssdeep":"96:CHMUjrEVoOzwhD8D7ZUhnYBorLJBJmZdKtmYp:aDjwrz085BjZdKtmi","tlshash":"2e12a88521d2c2e0677ced536f9649a3ea3733799e4d34c0fd959a880bf2a4bd13206d","first_seen":"2026-04-29T03:18:06.575884Z","last_seen":"2026-05-15T03:45:02.909603Z","times_seen":5,"resource_available":true,"data":null}},"time_used":437,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":437,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/assets/img/icon-earn.d7c35d02.png","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:11.474Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"GET /assets/img/icon-earn.d7c35d02.png HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nCookie: JSESSIONID=836A8D6F4DB7413F2461D8FF3861926C\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:11 GMT\r\ncontent-type: image/png\r\ncontent-length: 30872\r\nlast-modified: Tue, 21 Apr 2026 07:31:14 GMT\r\netag: \"69e727c2-7898\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ToxxDf49FFjiNCWcXt4hdqQGSSk0qnB7R43d26cmcGD6%2FeqyN8PRhLSRVbC%2BZTLtOUNWy8t50PTdNbrOnhcxTDtfLGHhDaami2J0pVhL%2BubUMerix%2B7hJB5ltzNDw%2FBNxtkYxg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9fbf2310adb74e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":30872,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 153 x 153, 8-bit/color RGBA, non-interlaced","md5":"188b3ed41ce6ace45ade49c45d3e164e","sha1":"1b1d8f726268b00105d66e3c2ba8d4875a4f42a4","sha256":"f48c8183b49713a1bfa1fe472e6aa8b853217340148a71ace28dc79a8c6db570","sha512":"cb770076a6fed668df340e04c09898bbe472e2dcba0b4ca377f7850c46afb579ef6326e581040248762dad5a0aec8eed74509f49c78ef6b5e36928ace7ed1b5c","ssdeep":"768:DRcn6PphgDZf4ZNfOiCPX703nUMLvdig1mzOE33nZCyy5eN:DG6BhcZAKnrQUA1Q6E3pRy5eN","tlshash":"03d2e09d66b36182a07b4a72c049c3ab663dcf374062bb9df5bb0d16ac75db5b1e0800","first_seen":"2025-09-19T04:24:17.698619Z","last_seen":"2026-05-15T03:45:02.920249Z","times_seen":54,"resource_available":false,"data":null}},"time_used":299,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":289,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/uploadFile/20260410/20260410031902.jpg","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:11.499Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"GET /uploadFile/20260410/20260410031902.jpg HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nCookie: JSESSIONID=836A8D6F4DB7413F2461D8FF3861926C\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:12 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 128950\r\nlast-modified: Thu, 09 Apr 2026 19:19:02 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=armi2mPKQ5alNPerLNcGBdeQr467KiMTSfI5eHEaBb0VFTgUgSKbk5osqDM2%2BLTGTdv24RkHfdmxJAjEPIAsPZPgOVH5kD3GUB85UbN%2FlhdJQdGrjlmBfd4E54CpXnj%2BSGXKBw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9fbf2310ddc14e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":128950,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, resolution (DPI), density 144x144, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2026:04:10 03:18:49], progressive, precision 8, 750x536, components 3","md5":"2e9fcf446249fc54880db1ae84960f87","sha1":"58d63d7961cf7d55cfead09fd27cb651a5d04fe8","sha256":"8ee0813dd138545a55efadc0b8c2cf682063aa0283ba39c2e26663ff7ffab6c5","sha512":"8561bc72243c688f554c8a06cb50a6a439e252a0e519c4bfe2d9a1b9e97ace8fbb0077f1ef41d82083408baf29138c0c0e9887c1370e702fb8a490d0b1c7d462","ssdeep":"3072:dwHwPs95jU7LnC16CXmeuxTu4YG2F4v6CxBZA1+24W0K4e3:dwHw8czC16omeuArtF4CCah4W0K4e3","tlshash":"18c30221b575cca3f6db82780ae6c294fa380d35f213fa8b374c75697b26250ad4c2d5","first_seen":"2026-04-21T03:05:14.755352Z","last_seen":"2026-05-15T03:45:02.867464Z","times_seen":7,"resource_available":false,"data":null}},"time_used":1408,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":822,"receive":586,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v24/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.251.143.131","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:11.503Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 08:36:34 GMT","end":"Mon, 13 Jul 2026 08:36:33 GMT"},"fingerprint":{"sha1":"99:99:69:B2:FC:B4:4F:EA:18:FB:04:4C:0F:8D:3E:40:61:B5:31:00","sha256":"55:6F:9F:9F:5C:FF:31:03:79:C7:88:2B:89:0C:1A:2F:DE:0B:7B:1A:91:6E:BD:C8:7D:60:EF:5A:D9:C7:51:26"}}},"request":{"raw":"GET /s/poppins/v24/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://mt0403.6868dc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 8000\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 12 May 2026 18:33:24 GMT\r\nexpires: Wed, 12 May 2027 18:33:24 GMT\r\ncache-control: public, max-age=31536000\r\nage: 205787\r\nlast-modified: Mon, 15 Sep 2025 16:33:57 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8000,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 8000, version 1.0","md5":"72993dddf88a63e8f226656f7de88e57","sha1":"179f97ec0275f09603a8db94d4380eb584d81cd5","sha256":"f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149","sha512":"7c20165f9d22a86341e841fd58526209017dcde2afe2d0d2a89fe853d95dc69f658d25cf798c71f452dab09843fc808c1ae87a60b1284134163abf5a1d93e50a","ssdeep":"192:GDonmfrEdXT8WrxzRXwyQo3zGEOM7Y2hOMgWnsfYSjv4ENFGwrlKJ:8onPxTzjgyQSzLPXOTIYHJAJ","tlshash":"08f1b0ffa92456c4df692475a5044f27623652b4dd35cb2f496f3e12d2d74224bcc4c1","first_seen":"2023-04-05T18:53:14Z","last_seen":"2026-05-15T06:59:34.090776Z","times_seen":236626,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v24/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.251.143.131","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:11.504Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 08:36:34 GMT","end":"Mon, 13 Jul 2026 08:36:33 GMT"},"fingerprint":{"sha1":"99:99:69:B2:FC:B4:4F:EA:18:FB:04:4C:0F:8D:3E:40:61:B5:31:00","sha256":"55:6F:9F:9F:5C:FF:31:03:79:C7:88:2B:89:0C:1A:2F:DE:0B:7B:1A:91:6E:BD:C8:7D:60:EF:5A:D9:C7:51:26"}}},"request":{"raw":"GET /s/poppins/v24/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://mt0403.6868dc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 7816\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 12 May 2026 18:23:07 GMT\r\nexpires: Wed, 12 May 2027 18:23:07 GMT\r\ncache-control: public, max-age=31536000\r\nage: 206404\r\nlast-modified: Mon, 15 Sep 2025 16:35:07 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7816,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7816, version 1.0","md5":"25b0e113ca7cce3770d542736db26368","sha1":"cb726212d5d525021752a1d8470a0fb593e0c49e","sha256":"9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526","sha512":"a0d331e62ab4727f49ca286a1ee7fb81cddc5bb9edf71ef84f4bd4fa1552069af1a82752011ba88fae80862d034135926b7e99d70e59d626d66d4ede90e94c30","ssdeep":"192:Agw5ksLwlyK8F2BXU96Fc575OI3+ga534SlEFwTG4ovej9be:Al5y8FSUMS5VOq1KISlvS4ov+4","tlshash":"a3f1af19d5de5a73f80032b45b6911ba7e42fa83bc68bbedf8046a10ad542cb467cc91","first_seen":"2023-04-05T13:48:05Z","last_seen":"2026-05-15T06:58:29.498187Z","times_seen":240169,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/api/config","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:07.652Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"POST /api/config HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US\r\nAccept-Encoding: gzip, deflate, br\r\nlang: en-US\r\nContent-Type: application/json\r\nContent-Length: 56\r\nOrigin: https://mt0403.6868dc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":56,"data":"{\"id\":\"5\",\"m\":null,\"reffer\":\"https://mt0403.6868dc.com\"}"}},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:08 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nset-cookie: JSESSIONID=836A8D6F4DB7413F2461D8FF3861926C; Path=/; Secure; HttpOnly\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mfxOzBXBBpoeVYEkukYBu8iaWwXNvU7OP4NKfTelp9A03f7tSFfg8BmxXfPaklbXCkD6aBj%2B2JLUI%2Bm74yu7W2egRCWo%2BeE3bHsJr92LJX6EHwbzS9KE%2BpHe5xsHz49IOHgCWA%3D%3D\"}]}\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9fbf22f8dd544e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}],"data":{"size":13149,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (13141), with no line terminators","md5":"146cf8ac077a3fedc88583d95b37d25c","sha1":"b5311b3ebd9d646e157d6351fe95b9ede3805579","sha256":"00cb6046e02f18d15fabd67215c033bdbbcb791add696aeafd8b9290efd39fca","sha512":"297bdfe86b01d1efbcb5634711b7662960ed2425497e7be87a2513680c6e9e640d19e65296a6cee228c54167955f897c04c60c42cad041b0ba335f06e74c7025","ssdeep":"384:DozezFHTML0mKXK2Q65LxDbGkcF21Sy6Lo+TUDu+wKK2O66oI1UEOU7X:c7KI1UEOU7X","tlshash":"e8421181bd043e6e5110be29a97f80f060da36d2485e0715978bf53e42ec631bda7d6f","first_seen":"2026-05-15T03:43:36.474871Z","last_seen":"2026-05-15T03:45:02.861333Z","times_seen":2,"resource_available":false,"data":null}},"time_used":544,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":544,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/assets/js/247.6b2b1a77.js","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:08.239Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"GET /assets/js/247.6b2b1a77.js HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nCookie: JSESSIONID=836A8D6F4DB7413F2461D8FF3861926C\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:08 GMT\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 21 Apr 2026 07:31:52 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"69e727e8-1a064c\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uXXaWDSYfCYTuY9wVeemab95XOUXMEZGOhgPZhBbyYGvrPWlcMUJT%2BNzzsFriL3qHHdjX6nD9v9Cg1fI%2B5xjj41J6GOQ9d7z3dhWY8whAQcMJb%2FeXkxCM7HhzySEofJ9j1nwgA%3D%3D\"}]}\r\ncf-ray: 9fbf22fc7d634e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1705548,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (57267)","md5":"7714c0960d6c3cf45aef968b627602a0","sha1":"8c21896942f2324ad1e43317a4bcb1d2442ee4bb","sha256":"320470b0d2ce64a6b85156ccdd760d8754b0fd217ab725c52d930838b31aab5a","sha512":"fd37ef0c19b559c94220cf06594427f3dba5251a368956fa7b34bf2af01476cabc474e0627e88317e4d12c8aa4020dca10ba57a3a7a1547b9d36cd7078b658c5","ssdeep":"12288:bZVRJcVzL4YyzJ2aGJ7NHPfdnoXfJuiyEKGfRXeVQtpOgr:b/OAYyzJm7NHPRoXfJ2dGfMVmpOgr","tlshash":"b2255c8073a5f07607db15d964761006f3385868740a806cfbecacebbf999859a3bf35","first_seen":"2026-04-29T03:18:06.593715Z","last_seen":"2026-05-15T03:45:02.924845Z","times_seen":7,"resource_available":false,"data":null}},"time_used":1376,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":459,"receive":917,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/assets/css/3582.f8856c0c.css","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:08.245Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"GET /assets/css/3582.f8856c0c.css HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nCookie: JSESSIONID=836A8D6F4DB7413F2461D8FF3861926C\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:08 GMT\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\nlast-modified: Tue, 21 Apr 2026 07:30:39 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"69e7279f-31b8\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=E4jAACtU5%2FeWLpVoeNjN7N%2BKxvLeGVcEo5sOfjjSJ0xhJy6BYS%2Fw2zHN31mxuHT3Jo9XE50lXAIsLbEYyzE6zuPb1Fa8U4qzSy5rvNMwTwyl17yrjIvAgNQ1wDY85zMA7JXUtA%3D%3D\"}]}\r\ncf-ray: 9fbf22fc7d654e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12728,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (12728), with no line terminators","md5":"dfc35d6f908822d703c7baf808fe5606","sha1":"57b854f089dfeaba9d37d7e0baab1a02e5ce3b76","sha256":"7adbf1564fe8765642f1c3a2b6fea914357edc4a4562821d8918cdaad024c68c","sha512":"a15c725c8f022bb58e112e999e5c34f7204b5399f03b7ac7d4e176f52929e4c204e0d77370ab48446166806b89477a15385f511bc39a4ed9364f786cad25d81d","ssdeep":"96:aKQkPywQGFb7BUPnbtfUtDQGiWChkCuwsgHRnI7f2OJaEO2ivoQUaUaDMheOa1DG:RQUH17UbtUpuuIIz2eaEpigx3heOjIG7","tlshash":"7c4235373acb6038b42bd7d7b4d061e8802ce1b3d146ee6951a62531cea35cb263365a","first_seen":"2026-01-28T10:32:55.19388Z","last_seen":"2026-05-15T03:45:02.889863Z","times_seen":39,"resource_available":false,"data":null}},"time_used":610,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":460,"receive":150,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/api/get_config","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:10.262Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"POST /api/get_config HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US\r\nAccept-Encoding: gzip, deflate, br\r\nlang: en-US\r\nContent-Type: application/json\r\nContent-Length: 85\r\nOrigin: https://mt0403.6868dc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nCookie: JSESSIONID=836A8D6F4DB7413F2461D8FF3861926C\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":85,"data":"{\"code\":null,\"reffer\":\"https://mt0403.6868dc.com\",\"merchant\":null,\"sid\":\"5\",\"id\":\"5\"}"}},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:10 GMT\r\ncontent-type: application/json;charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FwdjSpLbqJaindisnizaadirEJV8ZWP5LP4ZCf5sjc8PapXnzenhYNyTQgisCLLrscqsuYe%2FQzOuhVIZxB%2FJvBacYUhB8UD8PuSmgYOdcWtQjSDBqPC70SGxP8EG17IYvWf6AQ%3D%3D\"}]}\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9fbf23092da24e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":105,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"dec6f1dd7070b41b4ff7bdbec16a770f","sha1":"aab4e300d82148813d12f572483ae1786d8f2f36","sha256":"5bfbba467cae018090db4331686225a02207c31ca0f90e8d6bbb983473cdd422","sha512":"c8175b6f7cdbdcd2bc134b23609a57d922f8ae18d34068c3a4f54e2ac31cf80ad0d164bdeec19a491da38319e807481ef257b3a4d5bf28499a006475ff27ed4a","ssdeep":"","tlshash":"35b012d09694eb705fc1018ab21b2c054460302b7cd4ac748cbc34a867cf42b29cdd24","first_seen":"2026-02-09T13:47:06.972078Z","last_seen":"2026-05-15T03:45:02.919139Z","times_seen":7,"resource_available":false,"data":null}},"time_used":546,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":546,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Fredoka+One\u0026family=Montserrat:wght@400;600;700;800;900\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.142.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:05.359Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 08:36:34 GMT","end":"Mon, 13 Jul 2026 08:36:33 GMT"},"fingerprint":{"sha1":"25:C3:78:A0:E1:97:BA:8A:CE:43:FA:9C:BF:89:EF:DD:A3:CD:9C:40","sha256":"C1:18:7F:C1:92:8E:D0:83:CA:E8:62:DB:BE:FE:89:B2:84:13:70:FA:0E:40:65:D2:B6:8C:09:37:73:46:4D:4B"}}},"request":{"raw":"GET /css2?family=Fredoka+One\u0026family=Montserrat:wght@400;600;700;800;900\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Fri, 15 May 2026 03:43:05 GMT\r\ndate: Fri, 15 May 2026 03:43:05 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10051,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"dafaff8cc1c7415c879444dda500ba0b","sha1":"0d03c6ef2e351d9a2c7a0a6024e85c566e2cec03","sha256":"00e18884c0a1a6b3ced77016a2f511d68d62878215ff7df118b0b87c7c1e6a46","sha512":"b2e2d9e1e4d057643e76b72760611c6c4bd0eaf57a4f9cf087fb8301eaf92577128014800f67cc7fa15aaaaade73f04ce6dd1e7c14f645fc3dddde31ac861375","ssdeep":"192:2wbCRo7TbOmupRS719Ocu6RB7W+OjuTRU7XPOKuMR77wIO5u8:byQ4ajdfMfPE","tlshash":"2322bc91105ba500e7472cc923cf7e26dd4e61627494c579bffe2ca8adeac224325b3d","first_seen":"2025-09-18T15:29:39.116952Z","last_seen":"2026-05-15T03:45:02.872243Z","times_seen":124,"resource_available":false,"data":null}},"time_used":189,"timings":{"blocked":81,"dns":0,"connect":8,"send":0,"wait":18,"receive":0,"ssl":79},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v24/pxiEyp8kv8JHgFVrJJfecg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.251.143.131","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:08.837Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 08:36:34 GMT","end":"Mon, 13 Jul 2026 08:36:33 GMT"},"fingerprint":{"sha1":"99:99:69:B2:FC:B4:4F:EA:18:FB:04:4C:0F:8D:3E:40:61:B5:31:00","sha256":"55:6F:9F:9F:5C:FF:31:03:79:C7:88:2B:89:0C:1A:2F:DE:0B:7B:1A:91:6E:BD:C8:7D:60:EF:5A:D9:C7:51:26"}}},"request":{"raw":"GET /s/poppins/v24/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://mt0403.6868dc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 7884\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 12 May 2026 18:27:04 GMT\r\nexpires: Wed, 12 May 2027 18:27:04 GMT\r\ncache-control: public, max-age=31536000\r\nage: 206164\r\nlast-modified: Mon, 15 Sep 2025 16:34:42 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7884,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7884, version 1.0","md5":"9212f6f9860f9fc6c69b02fedf6db8c3","sha1":"ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b","sha256":"7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f","sha512":"67317495f4b53e20a9f31c034e456e6c37f387dffb2c092caa5159bc441cfcadd02749ffe5bbed1d580d5300a59e48a767ef2c6d9978b474f84c1a2cd095c126","ssdeep":"192:xLFDbKO9E3rS3JWBRO/J601FSS5ZUbik3Zy2f0:pd9J5W501otlI","tlshash":"c3f1ae4eb3f2cd1be40982e53a0fc90b1c578272681fd772d067a22517893bc8db2c81","first_seen":"2023-04-05T15:35:34Z","last_seen":"2026-05-15T06:59:40.980392Z","times_seen":333969,"resource_available":false,"data":null}},"time_used":206,"timings":{"blocked":91,"dns":1,"connect":21,"send":0,"wait":23,"receive":1,"ssl":66},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/api/help","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:10.259Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"POST /api/help HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US\r\nAccept-Encoding: gzip, deflate, br\r\nlang: en-US\r\nContent-Type: application/json\r\nContent-Length: 56\r\nOrigin: https://mt0403.6868dc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nCookie: JSESSIONID=836A8D6F4DB7413F2461D8FF3861926C\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":56,"data":"{\"id\":\"5\",\"m\":null,\"reffer\":\"https://mt0403.6868dc.com\"}"}},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:10 GMT\r\ncontent-type: application/json;charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VeBqrFdPvdcjyDTXj9YDCT3tbTC5ZgXAyFdLyqYwfUnF0ep0k67IemHVPftl0z9dEPIG5xhRRrTIr%2B60bEzqXACXUhywiTWYPYtgUyDezI1kDelkmomaUUfaPd4fuP2vIPzrqw%3D%3D\"}]}\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9fbf23091da14e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":113,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"cdc6b029a6f7ecdfb37dbe4b3dedc930","sha1":"39d542826ec702a3abcb2bd076e882716da23f35","sha256":"1c9d0b55ddbfbeef5100e85626d10b1aa5ad3ff03569a022338b1087205b812d","sha512":"c3a37475f9804101ecffbc443a6496b3900cc10078d2620e53dff084c3a037ce2b67eb3903f5e8b368e99c776d237b812a3899b5df8bca28536df33452fcba7c","ssdeep":"","tlshash":"edb09261a8191e2726834451209a7d084a5c7347ea954c74884daf7946fd4792522b25","first_seen":"2023-10-31T03:45:57Z","last_seen":"2026-05-15T03:45:02.885886Z","times_seen":51,"resource_available":false,"data":null}},"time_used":551,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":551,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/api/account/bulletin","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:10.272Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"POST /api/account/bulletin HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US\r\nAccept-Encoding: gzip, deflate, br\r\nlang: en-US\r\nOrigin: https://mt0403.6868dc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nCookie: JSESSIONID=836A8D6F4DB7413F2461D8FF3861926C\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:10 GMT\r\ncontent-type: application/json;charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WnJCMBsv0oTeDj6DNX5d8getuBMu0utn3EHYqBQS6%2Bn4pE05kGDYyIvZ1q98wbNkI9S8cISBsdtQ9Jk5YzBQwPqBfjF5sf5E7cGscgtVo9TbRu49ZFs3mxo5I5%2B30psB5aqLbA%3D%3D\"}]}\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9fbf23093da34e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"50ee4589b8688c9f7cef8726113a6563","sha1":"357c7bbea528505e018d3839bff52c51d9a40e32","sha256":"6a62fa4b9149f1fe5e8f621c8af9967abb2f94add8e58514e40ccbee3bdf924a","sha512":"11946cdf502e8609f320e5a45887db7917351d3d30ed6b921d54c6df0236dbf74d4cda885a98164f8191bcf4b3a68da0e142a999f514d76b454000304294a756","ssdeep":"","tlshash":"fd90029015181f655b864067701a20048954714159a89429884c5115878841e1901960","first_seen":"2025-05-10T13:21:01.083992Z","last_seen":"2026-05-15T03:45:02.88667Z","times_seen":91,"resource_available":false,"data":null}},"time_used":549,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":549,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/assets/img/icon-user.54ed9535.png","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:11.477Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"GET /assets/img/icon-user.54ed9535.png HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nCookie: JSESSIONID=836A8D6F4DB7413F2461D8FF3861926C\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:11 GMT\r\ncontent-type: image/png\r\ncontent-length: 29743\r\nlast-modified: Tue, 21 Apr 2026 07:31:15 GMT\r\netag: \"69e727c3-742f\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HfjX%2FGSxgShDXBZ6D5Qym2nKXNRuk9kf2qLcLElzXxUmJ%2BvRuf3DGtONot2UJaXTZiV5%2FBQ3picJ5IBExiBYcI3GfKmWQnlbaJ4Wnti7dUhSqkggFA%2F%2FLhwhiDVK8tn4Zueh6w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9fbf2310bdb94e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29743,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 153 x 153, 8-bit/color RGBA, non-interlaced","md5":"bd09958409da335a77369ea6575dff15","sha1":"741b9536814a6b7b3a0a5feb0001da235ac9b628","sha256":"ab8b5265aa672252b20d35188de0f3068e59c73475bf084eba4ef650b34f59d5","sha512":"d79c7a95d2cde6275d5d892b9c5cb2a1aeef5ea8b4929cc14cedf53e750620815d41ffed7a3843763619fede12dd5da8323194a52ab44e6d024ec6f3a7994c6a","ssdeep":"768:L4dflHVEcEhAitzi1RXoq1wZDYaMrY8pUH3Ot:L4/mcoAOziPXozDYaUFUH3u","tlshash":"ffd2e1d4a671874e2e5152259a4e485b9f7fcc0f3d825c9eb973203844b96a873facc2","first_seen":"2025-09-19T04:24:17.702844Z","last_seen":"2026-05-15T03:45:02.865177Z","times_seen":54,"resource_available":false,"data":null}},"time_used":578,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":435,"receive":143,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/uploadFile/20260411/20260411202825.jpg","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:11.495Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"GET /uploadFile/20260411/20260411202825.jpg HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nCookie: JSESSIONID=836A8D6F4DB7413F2461D8FF3861926C\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:12 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 117036\r\nlast-modified: Sat, 11 Apr 2026 12:28:25 GMT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KNkLXDaT2NHpF7cRuvOiUotojSdcKVihgb0jmYyz0aZyHBl%2F6yFf8QmWtlBHYQRxBwfhxtc%2BYvfCDfWsz0CrM8F7eO%2FgwgUSoECOxEpVGdL1sNwvr8P6z9A3PkDuevL8xr8aFg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9fbf2310ddbf4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":117036,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, resolution (DPI), density 144x144, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2026:04:11 20:27:52], progressive, precision 8, 750x536, components 3","md5":"9f1dbe8ec73685a75417d251a89c56b5","sha1":"f1809a3450a2159417ec7e6b44c1420c5cd31264","sha256":"b1c00067e57e45eed8b39aa27626bb96daa82d68fcf5c213870106cbd6dc74d2","sha512":"772dce832a10deef25470654ecdff2d7b2760f5708f956265b552b2a0c1ac9a9d7be57e9973e7dbc87b325177e31c2cada8412e2f6495da075b86c49ea1ad693","ssdeep":"3072:/sjBsjznL0pwvsttsFAtmOwfA5y04UI/XODkeCPxDiBw:20TL7vsDsFcwo5y04vIkechie","tlshash":"d8b3f1a1eb008a72e3c05a76f1c0fed7f2f32ee26963d15cb91c19e47ba554669cd108","first_seen":"2026-04-21T03:05:14.760156Z","last_seen":"2026-05-15T03:45:02.922197Z","times_seen":7,"resource_available":false,"data":null}},"time_used":1381,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":807,"receive":574,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/assets/img/mining-icon.da6091cc.png","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:11.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"GET /assets/img/mining-icon.da6091cc.png HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/assets/css/3367.7b09b9b1.css\r\nCookie: JSESSIONID=836A8D6F4DB7413F2461D8FF3861926C\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:11 GMT\r\ncontent-type: image/png\r\ncontent-length: 285254\r\nlast-modified: Tue, 21 Apr 2026 07:31:21 GMT\r\netag: \"69e727c9-45a46\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zAAEFEZZlAUE8XZRML17mvyPuJxatALv5TBh6ZXZwmR7Jsd0zj34iAssL9DTwSoEGs9ONL0G49qz5LSALdtp%2BSB38z0N8wp7g3GVopZsOgIDUCab9ehEdq%2Fs7WPkcbQrcDYJJQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9fbf2310ddc24e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":285254,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 542 x 457, 8-bit/color RGBA, non-interlaced","md5":"ed131c7ada02f6a7157cec956d544b4d","sha1":"22a7ac51592991f1fcc17a62b7d3ccd5eba22bec","sha256":"c2f12528f805d941ae7391dd07678efee203e5b28356de41fc28ded171bd8146","sha512":"e3a5755428811449079b6829d3ce3e385d43b8299c2717eeacfb981308b225a278e1f6d1ac5fcecca05caa2935324095bb3d7cf9faf248feae48806109a9609a","ssdeep":"6144:Hr1526SbIZgLkHCCcbMRcYCXAd71W3cnF5P2PJIr8CGvxbIw2WpKKzwu:Hh526FZgL2CVMMAd1W3cnF86r8xJ2Wo4","tlshash":"825423a01cf5d86f2c91d413fe29832cb5c85bc0c3f92145a53f1a3d875ae69e29663e","first_seen":"2025-08-01T10:27:47.893568Z","last_seen":"2026-05-15T03:45:02.870412Z","times_seen":54,"resource_available":false,"data":null}},"time_used":1117,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":484,"receive":633,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mt0403.6868dc.com/api/help","fqdn":"mt0403.6868dc.com","domain":"6868dc.com","tld":"com"},"ip":{"addr":"104.21.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://mt0403.6868dc.com/","date":"2026-05-15T03:43:11.535Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6868dc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 18:46:57 GMT","end":"Wed, 22 Jul 2026 19:45:37 GMT"},"fingerprint":{"sha1":"EB:53:C9:00:59:40:96:B1:AF:D9:73:7D:15:45:E2:57:89:03:E2:83","sha256":"85:91:A5:5B:FE:5F:65:EA:A4:A4:21:3B:B4:69:04:42:B3:CF:06:3E:8F:9F:40:D7:91:B9:4B:66:99:D5:FB:8F"}}},"request":{"raw":"POST /api/help HTTP/1.1\r\nHost: mt0403.6868dc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US\r\nAccept-Encoding: gzip, deflate, br\r\nlang: en-US\r\nContent-Type: application/json\r\nContent-Length: 56\r\nOrigin: https://mt0403.6868dc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mt0403.6868dc.com/\r\nCookie: JSESSIONID=836A8D6F4DB7413F2461D8FF3861926C\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":56,"data":"{\"id\":\"5\",\"m\":null,\"reffer\":\"https://mt0403.6868dc.com\"}"}},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 15 May 2026 03:43:12 GMT\r\ncontent-type: application/json;charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: X-Requested-With\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hdmjTYTDVaoksiJhP85V0%2Fj2lxQuVENbPYEO2Ml2KIH4RaAQ1wildQuLGYPt%2BVBpJFbW%2FUXHRhxrGLIViQIwlW44YJ1vZ04laQp7y5lAlB9B5DzNdTY%2Fz6O7kichWdBbn8HuFg%3D%3D\"}]}\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9fbf23111dc34e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":113,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"cdc6b029a6f7ecdfb37dbe4b3dedc930","sha1":"39d542826ec702a3abcb2bd076e882716da23f35","sha256":"1c9d0b55ddbfbeef5100e85626d10b1aa5ad3ff03569a022338b1087205b812d","sha512":"c3a37475f9804101ecffbc443a6496b3900cc10078d2620e53dff084c3a037ce2b67eb3903f5e8b368e99c776d237b812a3899b5df8bca28536df33452fcba7c","ssdeep":"","tlshash":"edb09261a8191e2726834451209a7d084a5c7347ea954c74884daf7946fd4792522b25","first_seen":"2023-10-31T03:45:57Z","last_seen":"2026-05-15T03:45:02.885886Z","times_seen":51,"resource_available":false,"data":null}},"time_used":545,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":545,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"mt0403.6868dc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}