{"report_id":"68132578-ffba-42e0-8ec2-d4de3194bea4","version":6,"status":"done","tags":[],"date":"2025-08-18T17:27:16Z","url":{"schema":"http","addr":"www.xmrth.lol/user","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":0,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"www.xmrth.lol/auth/login","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"title":"登录 — XMRth"},"submit":{"url":{"schema":"http","addr":"www.xmrth.lol/user","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":0,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-09-22T17:27:16Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-08-18T17:27:06Z","timestamp":1755538026,"ip_dst":{"addr":"54.240.174.124","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.2","port":36196,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed FingerprintJS Domain (openfpcdn .io in TLS SNI)","source":"{\"timestamp\":\"2025-08-18T17:27:06.169701+0000\",\"flow_id\":570710462990660,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.2\",\"src_port\":36196,\"dest_ip\":\"54.240.174.124\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2049251,\"rev\":1,\"signature\":\"ET INFO Observed FingerprintJS Domain (openfpcdn .io in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_11_17\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_11_17\"]}},\"tls\":{\"sni\":\"openfpcdn.io\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":4622,\"start\":\"2025-08-18T17:27:06.166212+0000\"}}"}],"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-18","alert":"Sinkholed","trigger":"127.0.0.1","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"client.crisp.chat","ip":{"addr":"104.18.28.104","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2017-06-09","domain_rank":168029,"first_seen":"2017-07-02T12:33:45Z","last_seen":"2025-08-17T13:32:20.105706Z","alert_count":0,"request_count":8,"received_data":549723,"sent_data":3947,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"www.xmrth.lol","ip":{"addr":"47.239.193.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"domain_registered":"2024-03-11","domain_rank":0,"first_seen":"2025-08-18T17:27:17.955618Z","last_seen":"2025-08-18T17:27:17.955618Z","alert_count":0,"request_count":21,"received_data":1182713,"sent_data":12386,"comment":"","tags":null,"fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"SweetAlert2:7.25.6","description":"SweetAlert2 is a JavaScript library that provides customisable, visually appealing, and responsive alert and modal dialog boxes for web applications.","website":"https://sweetalert2.github.io/","common_platform_enumeration":"","icon":"SweetAlert2.svg","categories":["JavaScript libraries"]},{"name":"Clipboard.js","description":"","website":"https://clipboardjs.com/","common_platform_enumeration":"","icon":"Clipboard.js.svg","categories":["JavaScript libraries"]},{"name":"Bootstrap:4.1.3","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Popper","description":"Popper is a positioning engine, its purpose is to calculate the position of an element to make it possible to position it near a given reference element.","website":"https://popper.js.org","common_platform_enumeration":"","icon":"Popper.svg","categories":["Miscellaneous"]},{"name":"Moment.js","description":"Moment.js is a free and open-source JavaScript library that removes the need to use the native JavaScript Date object directly.","website":"https://momentjs.com","common_platform_enumeration":"cpe:2.3:a:momentjs:moment:*:*:*:*:*:*:*:*","icon":"Moment.js.svg","categories":["JavaScript libraries"]}]},{"fqdn":"client.relay.crisp.chat","ip":{"addr":"64.227.36.222","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United Kingdom","country_code":"GB"},"domain_registered":"2017-06-09","domain_rank":159579,"first_seen":"2017-07-02T12:24:26Z","last_seen":"2025-08-16T18:12:25.602372Z","alert_count":0,"request_count":1,"received_data":441,"sent_data":592,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"openfpcdn.io","ip":{"addr":"54.240.174.124","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2021-11-10","domain_rank":9255,"first_seen":"2021-11-11T13:02:44Z","last_seen":"2025-08-16T11:25:49.698698Z","alert_count":0,"request_count":1,"received_data":34142,"sent_data":443,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}]},{"fqdn":"telegram.org","ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"domain_registered":"2003-12-15","domain_rank":499,"first_seen":"2013-12-18T13:14:30Z","last_seen":"2025-08-17T23:27:00.550473Z","alert_count":0,"request_count":1,"received_data":20801,"sent_data":422,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"127.0.0.1","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":1,"request_count":1,"received_data":0,"sent_data":550,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-08-13T15:10:36.82984Z","alert_count":0,"request_count":3,"received_data":119817,"sent_data":1590,"comment":"","tags":null,"fingerprints":null},{"fqdn":"oauth.telegram.org","ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"domain_registered":"2003-12-15","domain_rank":101848,"first_seen":"2018-02-07T13:36:20Z","last_seen":"2025-08-13T14:59:50.683964Z","alert_count":0,"request_count":1,"received_data":414,"sent_data":652,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"image.crisp.chat","ip":{"addr":"104.18.28.104","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2017-06-09","domain_rank":456330,"first_seen":"2017-07-02T12:33:45Z","last_seen":"2025-08-17T03:57:35.451554Z","alert_count":0,"request_count":4,"received_data":3114,"sent_data":1975,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"challenge.rivers.chaitin.cn","ip":{"addr":"121.196.236.254","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"domain_registered":"2014-09-23","domain_rank":5061027,"first_seen":"2023-07-04T18:32:26Z","last_seen":"2025-08-16T21:59:21.162599Z","alert_count":0,"request_count":8,"received_data":120486,"sent_data":3396,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"WebAssembly","description":"WebAssembly (abbreviated Wasm) is a binary instruction format for a stack-based virtual machine. Wasm is designed as a portable compilation target for programming languages, enabling deployment on the web for client and server applications.","website":"https://webassembly.org/","common_platform_enumeration":"","icon":"WebAssembly.svg","categories":["Programming languages"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-08-13T15:14:14.224423Z","alert_count":0,"request_count":1,"received_data":7530,"sent_data":454,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-08-18T17:27:06Z","timestamp":1755538026,"ip_dst":{"addr":"54.240.174.124","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.2","port":36196,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed FingerprintJS Domain (openfpcdn .io in TLS SNI)","source":"{\"timestamp\":\"2025-08-18T17:27:06.169701+0000\",\"flow_id\":570710462990660,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.2\",\"src_port\":36196,\"dest_ip\":\"54.240.174.124\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2049251,\"rev\":1,\"signature\":\"ET INFO Observed FingerprintJS Domain (openfpcdn .io in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_11_17\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_11_17\"]}},\"tls\":{\"sni\":\"openfpcdn.io\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":4622,\"start\":\"2025-08-18T17:27:06.166212+0000\"}}"}]}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"www.xmrth.lol/user","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":80,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"572cb94037fffc2a0a53b465972e15f1","sha1":"0d679b041a7c1ca45cc99e2d229fc2b86762838d","sha256":"6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35","sha512":"f7c4db7986d362b58ff4b4646cdeb71992c0ce28949773c4471915f2cc8828329445777e228ef248f508f721a33dfea3d5694bc7ec18dc6c00134ee23155ff32","ssdeep":"","tlshash":"e3800455714110004f57115050171c444030007155407cc011c0d4710d51030110545c","size":34,"data":"","first_seen":"2023-04-11T21:16:40Z","last_seen":"2026-04-21T15:41:22.587349Z","times_seen":82491,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xmrth.lol/user","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":80,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"572cb94037fffc2a0a53b465972e15f1","sha1":"0d679b041a7c1ca45cc99e2d229fc2b86762838d","sha256":"6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35","sha512":"f7c4db7986d362b58ff4b4646cdeb71992c0ce28949773c4471915f2cc8828329445777e228ef248f508f721a33dfea3d5694bc7ec18dc6c00134ee23155ff32","ssdeep":"","tlshash":"e3800455714110004f57115050171c444030007155407cc011c0d4710d51030110545c","size":34,"data":"","first_seen":"2023-04-11T21:16:40Z","last_seen":"2026-04-21T15:41:22.587349Z","times_seen":82491,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.org/js/telegram-widget.js?4","fqdn":"telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"1ff8b98c72268de58837846f2056c65a","sha1":"e77fcc14f1efd17d319c9f82627e5789333b9dbe","sha256":"0f6cdd09b3bbebf50c4e1679aff6f021f5e183a4ba2dea3a0801394599ff6afd","sha512":"1a680a7e87f16520da934f4034cdc601ebef9c306c7f5e3ea165588f044142cadcf5eb06cefedc8ea7768ff63830586a2776351c7b9429f1e33b639adca5f1ed","ssdeep":"384:+vLsc8o/o9o7IFdWDoCzh3o4t6/7c8cBoYgNqPb:YLfwu7SU0CF3gLcHPb","tlshash":"2492819e1af72224a567713a4b5fa1093232e163700ddc503e6c5b90bf90a6767b0fdd","size":20469,"data":"","first_seen":"2023-04-05T01:44:44Z","last_seen":"2026-04-21T10:42:44.376647Z","times_seen":2539,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xmrth.lol/user","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":80,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"572cb94037fffc2a0a53b465972e15f1","sha1":"0d679b041a7c1ca45cc99e2d229fc2b86762838d","sha256":"6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35","sha512":"f7c4db7986d362b58ff4b4646cdeb71992c0ce28949773c4471915f2cc8828329445777e228ef248f508f721a33dfea3d5694bc7ec18dc6c00134ee23155ff32","ssdeep":"","tlshash":"e3800455714110004f57115050171c444030007155407cc011c0d4710d51030110545c","size":34,"data":"","first_seen":"2023-04-11T21:16:40Z","last_seen":"2026-04-21T15:41:22.587349Z","times_seen":82491,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xmrth.lol/user","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":80,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"572cb94037fffc2a0a53b465972e15f1","sha1":"0d679b041a7c1ca45cc99e2d229fc2b86762838d","sha256":"6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35","sha512":"f7c4db7986d362b58ff4b4646cdeb71992c0ce28949773c4471915f2cc8828329445777e228ef248f508f721a33dfea3d5694bc7ec18dc6c00134ee23155ff32","ssdeep":"","tlshash":"e3800455714110004f57115050171c444030007155407cc011c0d4710d51030110545c","size":34,"data":"","first_seen":"2023-04-11T21:16:40Z","last_seen":"2026-04-21T15:41:22.587349Z","times_seen":82491,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xmrth.lol/user","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":80,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"572cb94037fffc2a0a53b465972e15f1","sha1":"0d679b041a7c1ca45cc99e2d229fc2b86762838d","sha256":"6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35","sha512":"f7c4db7986d362b58ff4b4646cdeb71992c0ce28949773c4471915f2cc8828329445777e228ef248f508f721a33dfea3d5694bc7ec18dc6c00134ee23155ff32","ssdeep":"","tlshash":"e3800455714110004f57115050171c444030007155407cc011c0d4710d51030110545c","size":34,"data":"","first_seen":"2023-04-11T21:16:40Z","last_seen":"2026-04-21T15:41:22.587349Z","times_seen":82491,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrth.lol/auth/login","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"1752d6fca60b19ad7de958820ce04a69","sha1":"dcbc4ce66caf29bd0b5cafa3ec1ff4c925b48c80","sha256":"0a1ed4a365e66fa864da72482bbc9010c616aeb596c3052e3003ee642a9e60cf","sha512":"2b5973fbacd283a88d9a5665643a02c7e0ff9e3c45f053bc32a9104c3a9a5d1e357a9b802e168dc8b3e62c58590812a844b38620c433646925ad41f3edeec77f","ssdeep":"","tlshash":"04e07d761657103000ad079ea22aa12c644240971213600160cdc89e4f30c578769fb8","size":299,"data":"","first_seen":"2025-08-18T17:27:25.384604Z","last_seen":"2025-08-18T17:27:25.384604Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrth.lol/auth/login","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"7a4fa5e00a5a5d6765fdb3e9aa9e44b2","sha1":"03c4d458ba72b3204aafcc68f7f608ef8c890411","sha256":"7ebd9bad94e100d2554fb3441582fb1be2ba858e35d9568a4d86aa8e0a086134","sha512":"bd0d0e238b9e424981ba1653db2259229777de96d366792837367e0a0b6bcefdfd7ca0e120da093791e92cb023f57e0fa00c2ef7c6143198d09a9c1498498f71","ssdeep":"","tlshash":"76d09782b9512c4022161361d0bcc108ffa908638968c432e4382f8d5d03303c089e97","size":232,"data":"","first_seen":"2023-06-16T19:20:41Z","last_seen":"2026-03-25T09:32:35.494902Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xmrth.lol/user","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":80,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"572cb94037fffc2a0a53b465972e15f1","sha1":"0d679b041a7c1ca45cc99e2d229fc2b86762838d","sha256":"6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35","sha512":"f7c4db7986d362b58ff4b4646cdeb71992c0ce28949773c4471915f2cc8828329445777e228ef248f508f721a33dfea3d5694bc7ec18dc6c00134ee23155ff32","ssdeep":"","tlshash":"e3800455714110004f57115050171c444030007155407cc011c0d4710d51030110545c","size":34,"data":"","first_seen":"2023-04-11T21:16:40Z","last_seen":"2026-04-21T15:41:22.587349Z","times_seen":82491,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrth.lol/assets/npm/jquery.nicescroll@3.7.6/jquery.nicescroll.min.js","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"abc14d7328aea1752d30a12381f579af","sha1":"2c8068646e398cc77b09bcab4ad8f40b8ceb36f5","sha256":"428928bb998b4636b5eed9daa8b116b38542ec63a8573de3f61b3de3b2b7ce9b","sha512":"7eeb70a21e3d3a690972d6e9e41934cb9d572767c2e742d8c6ad5e4f98687c34e6fc4e398c68cea7c3c1c829c24ea0a8d75c71dafa4d7d7a6bd6dd93d3f78f6d","ssdeep":"768:rPMzXWojPjh2/3YsvZoIGFaC5rPRcUsdhM8rViuB9:r0jr8tCIGFaC5rPJNY3B9","tlshash":"1543a7cdb523356b01ce5235d18f4a46623aa846770bd0d87628dcf42d69ab9f227f3c","size":60178,"data":"","first_seen":"2023-03-13T00:12:08Z","last_seen":"2026-04-19T14:48:04.98165Z","times_seen":38,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"client.crisp.chat/settings/website/5690d3a5-53e4-435e-a52b-12af296b5cd9/?callback=window.%24__CRISP_INSTANCE.__spool.website_settings_handler\u00261737222594551","fqdn":"client.crisp.chat","domain":"crisp.chat","tld":"chat"},"ip":{"addr":"104.18.28.104","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"92b0988881a2311db3cdcbfd76bc11ac","sha1":"7c1f7faee3a5c3047a8809356721db9da9001dab","sha256":"be34e428fb6bd8e3e9f75cd01d245dc42bbd9e05de572cc37e70030dccd67c99","sha512":"6e46006aa7c46367ddd537d482b6d3748ed4f9a7a78cad6dfcf74708f88b3eeba9718b6324e909c463bd9d1d1546418d46c7a00e3a67d55ab207651be7127f0b","ssdeep":"","tlshash":"7831421d85950cbed4a49346da027f4a1f6c2127aa44f894f99c8e5c32f76cf7372513","size":1743,"data":"","first_seen":"2025-08-18T17:27:25.367193Z","last_seen":"2025-08-18T17:27:25.367193Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xmrth.lol/user","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":80,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"572cb94037fffc2a0a53b465972e15f1","sha1":"0d679b041a7c1ca45cc99e2d229fc2b86762838d","sha256":"6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35","sha512":"f7c4db7986d362b58ff4b4646cdeb71992c0ce28949773c4471915f2cc8828329445777e228ef248f508f721a33dfea3d5694bc7ec18dc6c00134ee23155ff32","ssdeep":"","tlshash":"e3800455714110004f57115050171c444030007155407cc011c0d4710d51030110545c","size":34,"data":"","first_seen":"2023-04-11T21:16:40Z","last_seen":"2026-04-21T15:41:22.587349Z","times_seen":82491,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xmrth.lol/user","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":80,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"572cb94037fffc2a0a53b465972e15f1","sha1":"0d679b041a7c1ca45cc99e2d229fc2b86762838d","sha256":"6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35","sha512":"f7c4db7986d362b58ff4b4646cdeb71992c0ce28949773c4471915f2cc8828329445777e228ef248f508f721a33dfea3d5694bc7ec18dc6c00134ee23155ff32","ssdeep":"","tlshash":"e3800455714110004f57115050171c444030007155407cc011c0d4710d51030110545c","size":34,"data":"","first_seen":"2023-04-11T21:16:40Z","last_seen":"2026-04-21T15:41:22.587349Z","times_seen":82491,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrth.lol/assets/npm/tooltip.js@1.3.2/dist/umd/tooltip.min.js","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"16f19fcaf589d74f7eb20e3be9fb67e2","sha1":"32068153d90013337ce9a4b186d3e38c7f385e11","sha256":"56f17578932781d20ea068deb0488cf3c26b7e52e075b2565c7ed626bf23b832","sha512":"f035b2594a837d4150b5c9dbbf027d77577b2f3ab135418efcce5de7600f314f20c07e379185f468e80e64175fc099a4f672df08de6c5816c237dc4b13465f40","ssdeep":"192:Wd8qlV4jluPyViiUDoGpMluxuw72/zmoS3vvs0ATWk7K:+8qP4x7iihG2+umOzlS3FA6k7K","tlshash":"dbd1725ab6627a730287a17416bf620f717394ab75c4887cf220d9dc1e7c908f1a7d78","size":6370,"data":"","first_seen":"2023-03-08T14:32:41Z","last_seen":"2026-04-19T14:48:04.980813Z","times_seen":66,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrth.lol/assets/npm/bootstrap@4.1.3/dist/js/bootstrap.min.js","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"67176c242e1bdc20603c878dee836df3","sha1":"27a71b00383d61ef3c489326b3564d698fc1227c","sha256":"56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4","sha512":"9fa75814e1b9f7db38fe61a503a13e60b82d83db8f4ce30351bd08a6b48c0d854baf472d891af23c443c8293380c2325c7b3361b708af9971aa0ea09a25cdd0a","ssdeep":"768:E9Yw7GuJM+HV0cen/7Kh5rM7V4RxCKg8FW/xsXQUd+FiID65r48Hgp5HRl+:E9X7PMIM7V4R5LFAxTWyuHHgp5HRl+","tlshash":"3533b649725078b201df9176913f460bb736788ea907816cb95d98ed2e7cd89322bf3c","size":51039,"data":"","first_seen":"2023-03-07T01:02:44Z","last_seen":"2026-04-21T16:19:28.687321Z","times_seen":121457,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrth.lol/auth/login","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"40ec28671b3eb5173f55b5e6037c1bdb","sha1":"20e09795518353931c789db32b24713256dc516e","sha256":"07765b1717a244e3d8bb8d574c4a3972829ea1d1539fa3bf17f252a806b55bc0","sha512":"400e90664e8aa482e065d7e9113eaf1fa43498720fb231c27f227f5091bb8f411ea05632d6d2c62693276a47094428e9d7c07438d53a94d1d521565eb0ba7bd1","ssdeep":"","tlshash":"4c319c0a60a35007193b70fc4adf40166226948714c4df287d6c6bd0bf0577eeaa4b98","size":1558,"data":"","first_seen":"2025-08-18T17:27:25.387092Z","last_seen":"2025-08-18T17:27:25.387092Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrth.lol/auth/login","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"38f12e46e3d02914c249abb24ed9af6f","sha1":"9b593f446382ca3edf7ab6d483be7bd66ec90d26","sha256":"88cc9e55aefc268ac877ae951f2b77764c57759f669e1e475ed264bbf2dc5f0b","sha512":"d39e7233369fa1394a64ac5341c5b998a71a27ef6cb48e04e1b855f64ace2fa4cb89e422acab22d07ac4758ce5b63319457c6fc773049f3e7883dce8f0fa6252","ssdeep":"","tlshash":"a2f0243f3b611a307a2758b3802ebd122a01f023b08a9d70248ce80adf04e691df2088","size":514,"data":"","first_seen":"2025-08-18T17:27:25.388637Z","last_seen":"2025-08-18T17:27:25.388637Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xmrth.lol/user","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":80,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"9b5e9e5edc8665965067826b25b2745b","sha1":"dd5d7549b65df3130cb041174230fba178a60837","sha256":"cff688abf5dd104261a667d11272dbcbdb66adab72abdb16944695bc27937115","sha512":"0efb60b4cef20f4fbd6a9d609133b61be73895d264b33edae2337ec6dfc2ae8f8bdf51d8e264d8e1d3f5c7c65c940b02ea98de36010872fd7cd055499384f201","ssdeep":"192:qrHcu+xZ4Il/20M+fIgoiJLNlgnfyHX1poP+8DrrNTIg2:kctxZ4SIgoOQUYt/z2","tlshash":"e5f1bf6c7f7b0ed837d3457c20d39ead4eac363b50453604a5aa75b56c88a7d6b07c02","size":8060,"data":"","first_seen":"2025-02-23T20:31:09.709826Z","last_seen":"2026-04-21T12:29:38.376803Z","times_seen":197,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xmrth.lol/user","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":80,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"572cb94037fffc2a0a53b465972e15f1","sha1":"0d679b041a7c1ca45cc99e2d229fc2b86762838d","sha256":"6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35","sha512":"f7c4db7986d362b58ff4b4646cdeb71992c0ce28949773c4471915f2cc8828329445777e228ef248f508f721a33dfea3d5694bc7ec18dc6c00134ee23155ff32","ssdeep":"","tlshash":"e3800455714110004f57115050171c444030007155407cc011c0d4710d51030110545c","size":34,"data":"","first_seen":"2023-04-11T21:16:40Z","last_seen":"2026-04-21T15:41:22.587349Z","times_seen":82491,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xmrth.lol/user","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":80,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"572cb94037fffc2a0a53b465972e15f1","sha1":"0d679b041a7c1ca45cc99e2d229fc2b86762838d","sha256":"6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35","sha512":"f7c4db7986d362b58ff4b4646cdeb71992c0ce28949773c4471915f2cc8828329445777e228ef248f508f721a33dfea3d5694bc7ec18dc6c00134ee23155ff32","ssdeep":"","tlshash":"e3800455714110004f57115050171c444030007155407cc011c0d4710d51030110545c","size":34,"data":"","first_seen":"2023-04-11T21:16:40Z","last_seen":"2026-04-21T15:41:22.587349Z","times_seen":82491,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"client.crisp.chat/l.js","fqdn":"client.crisp.chat","domain":"crisp.chat","tld":"chat"},"ip":{"addr":"104.18.28.104","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7524d07a98ab4d86184c812b68e0bb79","sha1":"5bd84372d12bc7ba4e6b0d02b3a6b261bbd0131c","sha256":"9ad6ffd9c5b7e8c58ba2d98eb877b3bb70829372d04ead94835f5ac740c62188","sha512":"c7e7a752b0a9ca783a644033615dcf0439ef96720b27121a9c1323302d9ca3f126bd8927c35d8bf1b72853c30cf98e0cac58be215aeaaba0d5ddad6343b84b7b","ssdeep":"192:L4pTqUSfZ0VsUS/gK12c9MOSHvvraLwThPrWSh3PIlUw2NYYTAviXIL/ebeLurmN:L45E+E/gk9yLwYFK2iYTA++5N","tlshash":"7b12a32975716531019392da5a3b2a0af033622a1c16851db079dcf9292cdcfe12bfff","size":9234,"data":"","first_seen":"2025-08-12T03:30:15.112578Z","last_seen":"2025-11-24T18:56:42.430973Z","times_seen":157,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrth.lol/assets/npm/popper.js@1.14.4/dist/umd/popper.min.js","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"84910d80281fc6b554f4ae2d14612494","sha1":"af6f046adaab7e1501adee034fb7c366b8c059fc","sha256":"106b3d4f5c4c1ddbccd6078cf233e9a28f04675575551b26709cfc381c8434b0","sha512":"7462b0c500aa4a276bfcb80f0588d9a09446cd66b0e5a0bfe680878163d0e0f1aa97f854860e6a6a68a1fa165ecae9c1cd053997545adf350f74ca60162dcdb9","ssdeep":"384:fYhLSLf4UzgCyKnxRsyPMbOXrEQAkxHOxvqAQD75zfS5vIXm3YzGp/ARdOgHhgz/:ILSLAUzgCpRMbcxHOxvwD7pS5vezy/A2","tlshash":"e292b3dc3294b0a647ab91a7a07f960eb2335875610e9410f19df2d97c30ef9613bc79","size":20536,"data":"","first_seen":"2023-03-07T12:07:09Z","last_seen":"2026-04-19T19:03:31.440162Z","times_seen":489,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrth.lol/auth/login","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"55d103c1bb599d07b3a82524f59665f0","sha1":"df16f48ab5f68e8f3630920dac2ac20082817863","sha256":"32818efa4b31fccac6ba3bbd56bfe767f743129839c0bcd187fd1ffda64aa57a","sha512":"498a167aab8e62984e84f4c28db2956b9a28b33e850720af72d763c3515415911950fdeb0e1494a13eaa857a79d6ced855f6a56ffdc2ede31f937ebb04431beb","ssdeep":"","tlshash":"e131a99928f609564623b0bc9ebbc0192636951f1d48ed283e9c75805f4d23ea6b6f48","size":1483,"data":"","first_seen":"2025-08-18T17:27:25.391399Z","last_seen":"2025-08-18T17:27:25.391399Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"client.crisp.chat/static/javascripts/client.js?71d3864","fqdn":"client.crisp.chat","domain":"crisp.chat","tld":"chat"},"ip":{"addr":"104.18.28.104","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"47914a5ece6d6d60e4f4d83263e030f3","sha1":"4e7ff52157fe3849b1f903d8f2114320b12a3ab7","sha256":"908d3adfe003180e67f6ae45be1527dadeff8e045de865e964dd512c273c2967","sha512":"3ab0319d38936773bb89aa296ec5361a305b46056c5e29d9396c120f7aa7b3198c1aad44a2b73019c907b14ed9d2647b7a42d6a65a81321f5519612e918319dd","ssdeep":"3072:hq4l5OW2RiPEiGZ1G3p2BIQjXrPBY2C8f7NtJ3axtr4wxXVsJNGXjL3mjxi60:hq4l8W2RiPEiGZ03pXQrhhar4w7q0","tlshash":"ae84fa4db27160b246d351a2583f1b06b23b6a2d3846446cb26dedf91c7cdde211bfb8","size":385463,"data":"","first_seen":"2025-08-12T03:30:15.121041Z","last_seen":"2025-09-06T11:06:18.690461Z","times_seen":156,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xmrth.lol/user","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":80,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"572cb94037fffc2a0a53b465972e15f1","sha1":"0d679b041a7c1ca45cc99e2d229fc2b86762838d","sha256":"6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35","sha512":"f7c4db7986d362b58ff4b4646cdeb71992c0ce28949773c4471915f2cc8828329445777e228ef248f508f721a33dfea3d5694bc7ec18dc6c00134ee23155ff32","ssdeep":"","tlshash":"e3800455714110004f57115050171c444030007155407cc011c0d4710d51030110545c","size":34,"data":"","first_seen":"2023-04-11T21:16:40Z","last_seen":"2026-04-21T15:41:22.587349Z","times_seen":82491,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xmrth.lol/user","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":80,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"572cb94037fffc2a0a53b465972e15f1","sha1":"0d679b041a7c1ca45cc99e2d229fc2b86762838d","sha256":"6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35","sha512":"f7c4db7986d362b58ff4b4646cdeb71992c0ce28949773c4471915f2cc8828329445777e228ef248f508f721a33dfea3d5694bc7ec18dc6c00134ee23155ff32","ssdeep":"","tlshash":"e3800455714110004f57115050171c444030007155407cc011c0d4710d51030110545c","size":34,"data":"","first_seen":"2023-04-11T21:16:40Z","last_seen":"2026-04-21T15:41:22.587349Z","times_seen":82491,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xmrth.lol/user","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":80,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"572cb94037fffc2a0a53b465972e15f1","sha1":"0d679b041a7c1ca45cc99e2d229fc2b86762838d","sha256":"6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35","sha512":"f7c4db7986d362b58ff4b4646cdeb71992c0ce28949773c4471915f2cc8828329445777e228ef248f508f721a33dfea3d5694bc7ec18dc6c00134ee23155ff32","ssdeep":"","tlshash":"e3800455714110004f57115050171c444030007155407cc011c0d4710d51030110545c","size":34,"data":"","first_seen":"2023-04-11T21:16:40Z","last_seen":"2026-04-21T15:41:22.587349Z","times_seen":82491,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrth.lol/assets/npm/clipboard@2/dist/clipboard.min.js","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"ad98572d415d2f2452845a6068a913c0","sha1":"6674f81dd01c76be986cf0a8172d1073e56d7ef4","sha256":"baff7541be9c20f7f977f6993ce39cfa937a7bde69db6e7beebb8f68372682a1","sha512":"3c88ac453f2615f771c7df6032ced6018e46a7e0ad8d86312af17ddf0f32580bd7e78f1404d0031eeed091abe0afac911be6aca1ca9fba4e5cae335de73f6ce9","ssdeep":"192:RJBFlYPHiG9JyHg4LyAahp1v/N/MosfkApXMdgmkpj:R9yKG9JKziVF/MF/XMmmkpj","tlshash":"d7126599b291b0b15ad731a8412f920ff3766869708b90d0d279d4f0acbcdde4463f2d","size":9034,"data":"","first_seen":"2023-03-07T12:41:35Z","last_seen":"2026-04-21T00:52:33.705217Z","times_seen":17168,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"client.crisp.chat/settings/website/5690d3a5-53e4-435e-a52b-12af296b5cd9/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_prelude_handler\u00262025-7-18-17-27","fqdn":"client.crisp.chat","domain":"crisp.chat","tld":"chat"},"ip":{"addr":"104.18.28.104","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"41727162c9d535122bb685f2ca5352f6","sha1":"79ccd7565e3872a3a6053df0f42067c26d15cdc5","sha256":"e9269dfd2a7a0056869183c860cd193c3add9534f563d43644616234e43f282a","sha512":"f2f1910ee38c69cd047dfbf0d4b0d1bf11d4d08bbe5fdf769bc7d22382a9d6ca6b01588b1765519964cb2f448bca3da4fc6981910e08722fe36a398a61bcce49","ssdeep":"","tlshash":"46d0a97e02d4413006a88b4e160cba5e3473425f86e532bd2a985c5c58392af0726a32","size":222,"data":"","first_seen":"2025-08-18T17:27:25.333544Z","last_seen":"2025-08-18T17:27:25.333544Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xmrth.lol/user","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":80,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"f52cc954805c2a2a491865298c3871ac","sha1":"d74725229591e985b60167bb814c5169e563e4a6","sha256":"4226e272498456f30031c5265f162c9bb3a9100192e710b98b64ab9ddcf9ced3","sha512":"4c992531389f78da44787c4a2dce2e56de2a064d2bbf181d35f5b1c4cc0daf31d541394fb40715f933c921286645a136ebb02ea36e1c16095d22f3c6c44bae5f","ssdeep":"","tlshash":"814174c870355dbc66cb04ee779b3a85fa76b8c07ad09b004640dc0e32295ced35bae8","size":2155,"data":"","first_seen":"2025-02-23T20:31:09.711583Z","last_seen":"2026-03-29T12:53:17.58484Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenge.rivers.chaitin.cn/challenge/v2/challenge.js","fqdn":"challenge.rivers.chaitin.cn","domain":"chaitin.cn","tld":"cn"},"ip":{"addr":"121.196.236.254","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"38cf1b7aeebd9a29a9b5fd756998a91f","sha1":"ffd1dc9eda6c750e7380010560ff80b08d7b1657","sha256":"8d7bac4e877730f5e1671c8031d9bcc50484521e5faa3fcd775f5cdd895c2eb5","sha512":"69d0d5d1cc0e174f3a8b46b25b53fead30c84fae7fd93c45948f01295d2da53c1462d719b42744fcf45ae4ce48b7cdf09bfb17faecda52b6ce5e1af06ed92b6c","ssdeep":"1536:t1ISToO6V4zLkXFEpxtmNMJGcADl9l1SV0FrL7TmTQ6pHvavwpNTWv2CX1zTRvce:t3ZXM9yze","tlshash":"72a3e5dcbac7b069126379b9413f600bf23a7d55681d8801d226d5c23d79e5e8237ebc","size":107351,"data":"","first_seen":"2025-02-23T20:31:09.702226Z","last_seen":"2025-09-04T09:39:15.695631Z","times_seen":67,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrth.lol/assets/npm/jquery@3.2.1/dist/jquery.min.js","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"c9f5aeeca3ad37bf2aa006139b935f0a","sha1":"1055018c28ab41087ef9ccefe411606893dabea2","sha256":"87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de","sha512":"dcff2b5c2b8625d3593a7531ff4ddcd633939cc9f7acfeb79c18a9e6038fdaa99487960075502f159d44f902d965b0b5aed32b41bfa66a1dc07d85b5d5152b58","ssdeep":"1536:YNhEyjjTikEJO4edXXe9J578go6MWX2xkj8e4c4j2ll2AckaXEP6n15HZ+FhFcQ7:uxc2yjx4j2uX/kcQDU8Cu9","tlshash":"4483e6d9b2c67062977730b950bf410bb17a98dab44c8c60f158d9d47eb8a8d907bf2c","size":86659,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-21T16:19:28.656378Z","times_seen":79953,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrth.lol/assets/npm/sweetalert2@7.25.6/dist/sweetalert2.all.min.js","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"7b471f58f305e9fa3d087a1876dfef1e","sha1":"b22d5df9f483a9c35f383770863ea23410dc6b71","sha256":"b9bd803d91be1e7ef83e7accab970189df033107a2e60d33ade907d9a43db265","sha512":"2f3249624545943a93fbcf71ed244548ede0f3501475718c6644e9b6457542afa1d1361e7fb3c4a4f5d14f7085aca1a125a6c84076eec6512405203e06363d8d","ssdeep":"768:uvoUJZWoDX7ZYaEdD2uRfUutRuo2uvDUG08i0+t3WpE9QUbcGJBZBNmshdT6:uzZWm7o1p/KodrTsVWOaUrJBN8","tlshash":"37533ca229803117967b8a7955ded50c76b49106fc330c58b128d0984ffbe8f15b7bbb","size":61250,"data":"","first_seen":"2023-03-13T00:12:08Z","last_seen":"2026-04-19T14:48:04.971252Z","times_seen":48,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrth.lol/theme/malio/js/malio.js?v15","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"1053929913ec00a752041d93af5a1370","sha1":"d07c1c974e3e123cc194240528376d5aee1941ba","sha256":"4dc46d486a63fd3e7ad5184df349d88d3ad857c5b68d30513277253129f0a1d3","sha512":"ae16e4e6d954077c4494f81b94efc0f0f66e88227077daaef2e83128ccd143cdf6e7e1baa571ac607dd5bea81a10741fd8731d1c8acfd681186dfebef00211b0","ssdeep":"1536:hTZFq4CkK8dfxANxLS0LoprmsHr7uYdD/5LRJddd3dadTdSd3d/nLbkCcUfLiBY:hINxLS0LoprmsHr7uYdD/5LRJddd3da2","tlshash":"54931b4d68fb60214277357f4abf9460b72a04174508ee12bc9c66d0efc466ceaf2b79","size":95567,"data":"","first_seen":"2025-08-18T17:27:25.359534Z","last_seen":"2025-08-18T17:27:25.359534Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"openfpcdn.io/fingerprintjs/v3","fqdn":"openfpcdn.io","domain":"openfpcdn.io","tld":"io"},"ip":{"addr":"54.240.174.124","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"ef5a1ccf6a53cc40021bfd4647f82b4a","sha1":"86eaf1a45275873266f2b85249408c8297a54f61","sha256":"57281521094dd6fe0d1997e31eab51a203b0f338d39e730d260fdfecce621905","sha512":"16923eaa089ee9d2d5a4e7a02cdbd31da35c8ce7d61e0d7e1bc8a6aa0648c358ad5d5f9ce5aaec4c5247475b8192af167e7fa6941d4fe181c5e01f28ff8537d7","ssdeep":"384:fQQYf1KNHRJijKLE6wXegKHqHTBMmwZCKQLFKA5+pCqNFaiE8E0QIQfJJcChs9RW:fR1HRxf6Hc9NwlJJAbc1GPgJN","tlshash":"9be2f6d8b2c3b02a227368b6497f6007b63bbd54241d4843d57bd4c17ca5e9a813bfb9","size":33442,"data":"","first_seen":"2023-07-07T06:15:03Z","last_seen":"2026-04-21T06:04:54.957731Z","times_seen":4477,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xmrth.lol/user","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":80,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"8191838295c9ea51f4c7154c3ecff6e0","sha1":"28f3da3e3d2a10f89dc3aa14d90819147519ca6b","sha256":"4e6712566b97c0cf0f2332831044651aace7b441d077182f493a83b1e5997842","sha512":"88911d47c7e171d9b3c118561c65091f7a91ec814f012c73a6ebe0f958e54b7db5e5fdf98d0e76095648bc0d813923a1c666997ee5aed8139f25f413be09c1cf","ssdeep":"","tlshash":"85f050dd9b17107355076308267bbb3416701076185d60513bdd4d655f15e3c52279dd","size":569,"data":"","first_seen":"2025-08-18T17:27:25.393866Z","last_seen":"2025-08-18T17:27:25.393866Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xmrth.lol/user","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":80,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"572cb94037fffc2a0a53b465972e15f1","sha1":"0d679b041a7c1ca45cc99e2d229fc2b86762838d","sha256":"6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35","sha512":"f7c4db7986d362b58ff4b4646cdeb71992c0ce28949773c4471915f2cc8828329445777e228ef248f508f721a33dfea3d5694bc7ec18dc6c00134ee23155ff32","ssdeep":"","tlshash":"e3800455714110004f57115050171c444030007155407cc011c0d4710d51030110545c","size":34,"data":"","first_seen":"2023-04-11T21:16:40Z","last_seen":"2026-04-21T15:41:22.587349Z","times_seen":82491,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrth.lol/assets/npm/moment@2.18.1/min/moment.min.js","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"aeb7908241d9f6d5a45e504cc4f2ec15","sha1":"32fdf6730be34538e09378ec6cc55229d9a70151","sha256":"d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238","sha512":"1bd75f089146df2fd7abc99b6ea6f98b7150355686974164930f953d54f72f4d2003893b8728d218da40c72930803c3571f245963e6d3b75de3daf9ece30d0c9","ssdeep":"768:9SrHp64oc0hnZWGxFmm5rQC51Ch5Xsx0nF5Yr:9stnUbE8rBkXsqgr","tlshash":"ad3394893a46b512572202f504bf0907b23d9caaa44e4e5df149e8e8397cc7e527bf7c","size":51465,"data":"","first_seen":"2023-03-07T01:06:47Z","last_seen":"2026-04-21T15:57:41.276495Z","times_seen":4620,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"client.crisp.chat/static/javascripts/locales/en.js?71d3864","fqdn":"client.crisp.chat","domain":"crisp.chat","tld":"chat"},"ip":{"addr":"104.18.28.104","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9ee2c3099def83547519d547ae1d727f","sha1":"ebcf6325d54a64a7f667da3c18bbe15b7664a94b","sha256":"055ca2eeb54c30350a3e8db5a5041c15ac7d5e854135ab9a0b9e85d820dab319","sha512":"c793328cc32163a86356265857e815bf97397c59bc7e132204f10f1c6bd1481263a2f1dd4121b9f0fc9f14101fe872d3093b0d1995a63e917534aabe5f4b23f9","ssdeep":"192:L9CjyFnokBNEyazGPlDYqvWXfvxEwFwpS6FaFMNRFco3:L9CjyldB+yazG5XOXv6rR","tlshash":"1e22a71edb7a4f2e83324bc2b2c5b2264d6564d44da4a473c82e49bd02b48d5b25becd","size":10004,"data":"","first_seen":"2025-08-12T08:30:53.194859Z","last_seen":"2025-09-06T11:06:18.732705Z","times_seen":123,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"client.crisp.chat/static/fonts/noto_sans/0020-007F/noto_sans_bold.woff2?71d3864","fqdn":"client.crisp.chat","domain":"crisp.chat","tld":"chat"},"ip":{"addr":"104.18.28.104","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.xmrth.lol/auth/login","date":"2025-08-18T17:27:09.023Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crisp.chat","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 04 Jul 2025 01:27:25 GMT","end":"Thu, 02 Oct 2025 02:27:22 GMT"},"fingerprint":{"sha1":"7E:64:40:24:6C:D3:0D:F5:01:3C:9B:56:75:0D:17:1F:BE:27:95:B5","sha256":"25:62:AD:04:D5:F6:49:2F:91:8C:28:6D:E1:F7:48:AE:C6:CB:F6:F4:49:8E:AA:B7:1E:EA:80:10:8B:9F:F2:FF"}}},"request":{"raw":"GET /static/fonts/noto_sans/0020-007F/noto_sans_bold.woff2?71d3864 HTTP/1.1\r\nHost: client.crisp.chat\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.xmrth.lol\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://client.crisp.chat/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 18 Aug 2025 17:27:09 GMT\r\ncontent-type: application/font-woff2\r\ncontent-length: 10252\r\ncf-ray: 97131ec95c6a4e58-ARN\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: Content-Type, Origin\r\naccess-control-allow-methods: HEAD, GET, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 300\r\ncache-control: public, max-age=315360000\r\ncross-origin-resource-policy: cross-origin\r\netag: \"6899f9b1-280c\"\r\nexpires: Thu, 16 Aug 2035 17:27:09 GMT\r\nlast-modified: Mon, 11 Aug 2025 14:09:53 GMT\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10252,"size_decoded":0,"mime_type":"application/font-woff2","magic":"Web Open Font Format (Version 2), TrueType, length 10252, version 1.3932","md5":"6d74a49bf6645c1c8a7940ff7f94ce6f","sha1":"433ea3334227f42a15b8853faa6ec93c371af4ba","sha256":"73d7d4ea3f62303b780f0225e5346e5047cfb41fcae7ac19e99af8a3e1950973","sha512":"6f08896b2d4c534fb8c2b15643c79ab14333afd428bd595c3597e7270d56673ba7bc6cb3b179a53cd375dc0b41025ed5bf005558697bbca121b8b2d08f723f12","ssdeep":"192:rKdkxVGer/0UYUyIX8kG46z66+VXw5jsSZ5pDKFb07vm0lIcuNteqPY:2kx80nYsz9XQoSFub06JcuNPg","tlshash":"0c22d0f71940dd6c86a1c9f23adc83f843a18891715eaea8535e6f4ca80716e8d051ba","first_seen":"2023-04-11T10:28:32Z","last_seen":"2026-04-21T15:53:28.567135Z","times_seen":2531,"resource_available":false,"data":null}},"time_used":65,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":64,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"ws","addr":"127.0.0.1:9222/","fqdn":"127.0.0.1","domain":"127.0.0.1","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"http://www.xmrth.lol/user","date":"2025-08-18T17:26:57.117Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: 127.0.0.1:9222\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: http://www.xmrth.lol\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: XEwuM6G0YJw2lOaB7orAgw==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-21T16:33:36.951402Z","times_seen":14022883,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-18","alert":"Sinkholed","trigger":"127.0.0.1","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/nunito/v31/XRXV3I6Li01BKofINeaB.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.xmrth.lol/auth/login","date":"2025-08-18T17:27:05.952Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:35:11 GMT","end":"Mon, 29 Sep 2025 08:35:10 GMT"},"fingerprint":{"sha1":"43:A0:95:35:FB:C7:02:15:92:9E:20:20:0D:0A:E7:8F:93:61:52:CD","sha256":"F1:59:AE:4E:F0:84:C7:D9:0F:67:4F:CB:FE:A6:ED:7D:47:17:4F:83:AA:B4:ED:FE:F5:F2:69:A8:AB:43:0E:0B"}}},"request":{"raw":"GET /s/nunito/v31/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.xmrth.lol\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 39104\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 14 Aug 2025 10:32:03 GMT\r\nexpires: Fri, 14 Aug 2026 10:32:03 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Thu, 29 May 2025 23:46:18 GMT\r\ncontent-type: font/woff2\r\nage: 370503\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":39104,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 39104, version 1.0","md5":"6009e68ecba183fb9a2b7932afbc82fc","sha1":"15caf30c763b8e49f9a4c247a60b2d5230c865c4","sha256":"24049eb07de61e14aa9e8654cb8450ff06f52152f007f6b10b9d1836de36aa0e","sha512":"0d9549fe4adc7798e5825d2ba4191585451ff0f8cd5da32cb77ce24873c696b7a7e1277c80676df56de6a70be009c927d52a2d098c29299e7fc55d3e3d94c7b2","ssdeep":"768:W74CUaLrqxd9HUjIuD1gzyYU4PIRWzBcomD4IF+W:etUaL2dyjIE+zeK6omT0W","tlshash":"8503f1c312096560fe169bfef389c34eaaa7ceb1b9d644900b711c9cf99ad6130e0813","first_seen":"2025-06-02T18:51:18.970314Z","last_seen":"2026-04-21T13:36:46.450189Z","times_seen":3128,"resource_available":false,"data":null}},"time_used":352,"timings":{"blocked":169,"dns":1,"connect":20,"send":0,"wait":8,"receive":6,"ssl":145},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"client.crisp.chat/settings/website/5690d3a5-53e4-435e-a52b-12af296b5cd9/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_prelude_handler\u00262025-7-18-17-27","fqdn":"client.crisp.chat","domain":"crisp.chat","tld":"chat"},"ip":{"addr":"104.18.28.104","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.xmrth.lol/auth/login","date":"2025-08-18T17:27:06.247Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crisp.chat","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 04 Jul 2025 01:27:25 GMT","end":"Thu, 02 Oct 2025 02:27:22 GMT"},"fingerprint":{"sha1":"7E:64:40:24:6C:D3:0D:F5:01:3C:9B:56:75:0D:17:1F:BE:27:95:B5","sha256":"25:62:AD:04:D5:F6:49:2F:91:8C:28:6D:E1:F7:48:AE:C6:CB:F6:F4:49:8E:AA:B7:1E:EA:80:10:8B:9F:F2:FF"}}},"request":{"raw":"GET /settings/website/5690d3a5-53e4-435e-a52b-12af296b5cd9/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_prelude_handler\u00262025-7-18-17-27 HTTP/1.1\r\nHost: client.crisp.chat\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.xmrth.lol/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 18 Aug 2025 17:27:06 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-encoding: br\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: Content-Type, Origin\r\naccess-control-allow-methods: HEAD, GET, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 300\r\ncache-control: public, max-age=14400\r\ncross-origin-resource-policy: cross-origin\r\nexpires: Mon, 18 Aug 2025 21:27:06 GMT\r\nvary: Accept-Encoding\r\nlast-modified: Mon, 18 Aug 2025 17:27:06 GMT\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 97131eb81ed54e58-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":222,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"41727162c9d535122bb685f2ca5352f6","sha1":"79ccd7565e3872a3a6053df0f42067c26d15cdc5","sha256":"e9269dfd2a7a0056869183c860cd193c3add9534f563d43644616234e43f282a","sha512":"f2f1910ee38c69cd047dfbf0d4b0d1bf11d4d08bbe5fdf769bc7d22382a9d6ca6b01588b1765519964cb2f448bca3da4fc6981910e08722fe36a398a61bcce49","ssdeep":"","tlshash":"46d0a97e02d4413006a88b4e160cba5e3473425f86e532bd2a985c5c58392af0726a32","first_seen":"2025-08-18T17:27:25.333544Z","last_seen":"2025-08-18T17:27:25.333544Z","times_seen":1,"resource_available":true,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":104,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"oauth.telegram.org/embed/XMRthBot?origin=https%3A%2F%2Fwww.xmrth.lol\u0026return_to=https%3A%2F%2Fwww.xmrth.lol%2Fauth%2Flogin\u0026size=large\u0026request_access=write","fqdn":"oauth.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://www.xmrth.lol/auth/login","date":"2025-08-18T17:27:06.418Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Mon, 11 Aug 2025 13:36:48 GMT","end":"Sat, 12 Sep 2026 13:36:48 GMT"},"fingerprint":{"sha1":"85:08:98:2F:A3:60:90:21:E8:78:21:C8:A4:96:E1:A2:E6:9D:2C:64","sha256":"49:35:FF:BC:17:D1:E9:B3:15:37:E4:67:C2:3A:A0:69:6C:37:DC:52:3F:7C:02:D6:30:C4:6E:45:7C:CA:F0:D2"}}},"request":{"raw":"GET /embed/XMRthBot?origin=https%3A%2F%2Fwww.xmrth.lol\u0026return_to=https%3A%2F%2Fwww.xmrth.lol%2Fauth%2Flogin\u0026size=large\u0026request_access=write HTTP/1.1\r\nHost: oauth.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.xmrth.lol/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Mon, 18 Aug 2025 17:27:06 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 38\r\nset-cookie: stel_ssid=647621452567eb71d4_13015758248017143574; expires=Sat, 15 Aug 2026 05:35:12 GMT; path=/; samesite=None; secure; HttpOnly\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"e20383b2b8931e1c8a50d2214c049939","sha1":"95db08a78223da9da58473707f2c9df2eb24654c","sha256":"3d0e30dfd547174adaf01e1208d27195476ea4e561d60585ec049860f1da5f0a","sha512":"eced3e7a9812c7bfe2434340230595d502eabddab3bf59d3ab2b7472ff8d0e8d154dbbcba48fcf494224e8bb7a4135f02983efa169b71f7f41cf6761daaa5d78","ssdeep":"","tlshash":"67700008082002200a808a8c3080220228c0a0b0000000000808820000c88a0282000c","first_seen":"2023-04-09T00:05:42Z","last_seen":"2026-04-19T18:32:28.869528Z","times_seen":151,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":20,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"image.crisp.chat/avatar/website/5690d3a5-53e4-435e-a52b-12af296b5cd9/60/?1737222594551","fqdn":"image.crisp.chat","domain":"crisp.chat","tld":"chat"},"ip":{"addr":"104.18.28.104","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrth.lol/auth/login","date":"2025-08-18T17:27:09.020Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crisp.chat","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 04 Jul 2025 01:27:25 GMT","end":"Thu, 02 Oct 2025 02:27:22 GMT"},"fingerprint":{"sha1":"7E:64:40:24:6C:D3:0D:F5:01:3C:9B:56:75:0D:17:1F:BE:27:95:B5","sha256":"25:62:AD:04:D5:F6:49:2F:91:8C:28:6D:E1:F7:48:AE:C6:CB:F6:F4:49:8E:AA:B7:1E:EA:80:10:8B:9F:F2:FF"}}},"request":{"raw":"GET /avatar/website/5690d3a5-53e4-435e-a52b-12af296b5cd9/60/?1737222594551 HTTP/1.1\r\nHost: image.crisp.chat\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.xmrth.lol/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 18 Aug 2025 17:27:09 GMT\r\ncontent-type: image/webp\r\ncontent-length: 680\r\ncf-ray: 97131ec95c644e58-ARN\r\ncache-control: public, max-age=315360000\r\ncross-origin-resource-policy: cross-origin\r\netag: W/\"2a8-198b859def1\"\r\nexpires: Thu, 16 Aug 2035 17:27:09 GMT\r\nlast-modified: Sun, 17 Aug 2025 14:05:54 GMT\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":680,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 60x60, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"9895e366afef16a28b015fff8087f4e4","sha1":"6bcd9355e5e1a76939d21bb4cac5bf417b691012","sha256":"2d40af2169e06247947ebc55437211389bba979c6d2196a09e4371a157013469","sha512":"107947f6b7026c2135b2a9247d739390a29f7f2d71bbffe417e33a63c9a1b477adc50902e6558bb2bb0ba9972e02c1c848b887e60d0259a27df6ff27394f790a","ssdeep":"","tlshash":"000188f5d81af9da7da2c7f61c22819e6108a482cf1a721634f25d64b4b5dd37003c3d","first_seen":"2025-08-18T17:27:25.338215Z","last_seen":"2025-08-18T17:27:25.338215Z","times_seen":1,"resource_available":false,"data":null}},"time_used":57,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":56,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"challenge.rivers.chaitin.cn/challenge/v2/api/issue","fqdn":"challenge.rivers.chaitin.cn","domain":"chaitin.cn","tld":"cn"},"ip":{"addr":"121.196.236.254","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://www.xmrth.lol/user","date":"2025-08-18T17:26:57.832Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"OPTIONS /challenge/v2/api/issue HTTP/1.1\r\nHost: challenge.rivers.chaitin.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: http://www.xmrth.lol/\r\nOrigin: http://www.xmrth.lol\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Mon, 18 Aug 2025 17:26:58 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nAccess-Control-Allow-Headers: Content-Type, Origin, Accept\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-21T16:33:36.951402Z","times_seen":14022883,"resource_available":true,"data":null}},"time_used":389,"timings":{"blocked":192,"dns":0,"connect":0,"send":0,"wait":197,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"challenge.rivers.chaitin.cn/challenge/v2/api/verify","fqdn":"challenge.rivers.chaitin.cn","domain":"chaitin.cn","tld":"cn"},"ip":{"addr":"121.196.236.254","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://www.xmrth.lol/user","date":"2025-08-18T17:26:59.457Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"OPTIONS /challenge/v2/api/verify HTTP/1.1\r\nHost: challenge.rivers.chaitin.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: http://www.xmrth.lol/\r\nOrigin: http://www.xmrth.lol\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Mon, 18 Aug 2025 17:26:59 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nAccess-Control-Allow-Headers: Content-Type, Origin, Accept\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-21T16:33:36.951402Z","times_seen":14022883,"resource_available":true,"data":null}},"time_used":198,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":198,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrth.lol/assets/npm/bootstrap@4.1.3/dist/js/bootstrap.min.js","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.xmrth.lol/auth/login","date":"2025-08-18T17:27:03.984Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrth.lol","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 16:32:34 GMT","end":"Mon, 27 Oct 2025 16:32:33 GMT"},"fingerprint":{"sha1":"62:A6:D5:DD:63:8A:10:56:D6:EB:FD:0A:2D:C8:DC:C7:7A:2C:5F:76","sha256":"E8:22:42:87:33:85:31:06:46:78:2F:88:D9:CF:A1:16:57:E9:7E:64:F0:0D:AF:61:5C:72:6C:AD:24:E9:C3:1A"}}},"request":{"raw":"GET /assets/npm/bootstrap@4.1.3/dist/js/bootstrap.min.js HTTP/1.1\r\nHost: www.xmrth.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.xmrth.lol/auth/login\r\nCookie: sl-session=gNYiRN6zpGi5d0HpyChIXQ==; sl-challenge-server=cloud; sl-challenge-jwt=; sl_jwt_session=ApHpKHdwo2hn4VR6+zn4Uw==; sl_jwt_sign=\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ndate: Mon, 18 Aug 2025 17:27:04 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 28 Jul 2022 04:40:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"62e2133e-c75f\"\r\nexpires: Tue, 19 Aug 2025 05:27:04 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":51039,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (50758)","md5":"67176c242e1bdc20603c878dee836df3","sha1":"27a71b00383d61ef3c489326b3564d698fc1227c","sha256":"56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4","sha512":"9fa75814e1b9f7db38fe61a503a13e60b82d83db8f4ce30351bd08a6b48c0d854baf472d891af23c443c8293380c2325c7b3361b708af9971aa0ea09a25cdd0a","ssdeep":"768:E9Yw7GuJM+HV0cen/7Kh5rM7V4RxCKg8FW/xsXQUd+FiID65r48Hgp5HRl+:E9X7PMIM7V4R5LFAxTWyuHHgp5HRl+","tlshash":"3533b649725078b201df9176913f460bb736788ea907816cb95d98ed2e7cd89322bf3c","first_seen":"2023-03-07T01:02:44Z","last_seen":"2026-04-21T16:19:28.687321Z","times_seen":121457,"resource_available":true,"data":null}},"time_used":532,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":532,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrth.lol/assets/npm/moment@2.18.1/min/moment.min.js","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.xmrth.lol/auth/login","date":"2025-08-18T17:27:03.991Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrth.lol","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 16:32:34 GMT","end":"Mon, 27 Oct 2025 16:32:33 GMT"},"fingerprint":{"sha1":"62:A6:D5:DD:63:8A:10:56:D6:EB:FD:0A:2D:C8:DC:C7:7A:2C:5F:76","sha256":"E8:22:42:87:33:85:31:06:46:78:2F:88:D9:CF:A1:16:57:E9:7E:64:F0:0D:AF:61:5C:72:6C:AD:24:E9:C3:1A"}}},"request":{"raw":"GET /assets/npm/moment@2.18.1/min/moment.min.js HTTP/1.1\r\nHost: www.xmrth.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.xmrth.lol/auth/login\r\nCookie: sl-session=gNYiRN6zpGi5d0HpyChIXQ==; sl-challenge-server=cloud; sl-challenge-jwt=; sl_jwt_session=ApHpKHdwo2hn4VR6+zn4Uw==; sl_jwt_sign=\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ndate: Mon, 18 Aug 2025 17:27:04 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 28 Jul 2022 04:40:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"62e2133e-c909\"\r\nexpires: Tue, 19 Aug 2025 05:27:04 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":51465,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32013)","md5":"aeb7908241d9f6d5a45e504cc4f2ec15","sha1":"32fdf6730be34538e09378ec6cc55229d9a70151","sha256":"d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238","sha512":"1bd75f089146df2fd7abc99b6ea6f98b7150355686974164930f953d54f72f4d2003893b8728d218da40c72930803c3571f245963e6d3b75de3daf9ece30d0c9","ssdeep":"768:9SrHp64oc0hnZWGxFmm5rQC51Ch5Xsx0nF5Yr:9stnUbE8rBkXsqgr","tlshash":"ad3394893a46b512572202f504bf0907b23d9caaa44e4e5df149e8e8397cc7e527bf7c","first_seen":"2023-03-07T01:06:47Z","last_seen":"2026-04-21T15:57:41.276495Z","times_seen":4620,"resource_available":true,"data":null}},"time_used":1000,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1000,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrth.lol/assets/npm/@fortawesome/fontawesome-free@5.8.2/webfonts/fa-brands-400.woff2","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.xmrth.lol/auth/login","date":"2025-08-18T17:27:05.967Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrth.lol","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 16:32:34 GMT","end":"Mon, 27 Oct 2025 16:32:33 GMT"},"fingerprint":{"sha1":"62:A6:D5:DD:63:8A:10:56:D6:EB:FD:0A:2D:C8:DC:C7:7A:2C:5F:76","sha256":"E8:22:42:87:33:85:31:06:46:78:2F:88:D9:CF:A1:16:57:E9:7E:64:F0:0D:AF:61:5C:72:6C:AD:24:E9:C3:1A"}}},"request":{"raw":"GET /assets/npm/@fortawesome/fontawesome-free@5.8.2/webfonts/fa-brands-400.woff2 HTTP/1.1\r\nHost: www.xmrth.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.xmrth.lol/assets/npm/@fortawesome/fontawesome-free@5.8.2/css/all.min.css\r\nCookie: sl-session=gNYiRN6zpGi5d0HpyChIXQ==; sl-challenge-server=cloud; sl_jwt_session=ApHpKHdwo2hn4VR6+zn4Uw==; sl_jwt_sign=\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ndate: Mon, 18 Aug 2025 17:27:06 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 74656\r\nlast-modified: Thu, 28 Jul 2022 04:40:30 GMT\r\netag: \"62e2133e-123a0\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":74656,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 74656, version 329.-17695","md5":"9f4ce3dc689981a1b87faab0f5484f9e","sha1":"1b33b1246610585c440e464b04df64cf0cea1dca","sha256":"57c96fd4294617fb0bf3842d1f77ec2365ff0d0d00b6817508b6192df0e8c169","sha512":"e22393a22b4bca7c3999e36513b37d92f2d3c69d976a800932301c1ea393e97b493b49162af3ebb9c4cdf1344016c6c663d953efb6b9fb06ec4007cce917d7cf","ssdeep":"1536:fjE3CwwFmxm0J/P2u7G/W+z1HD+noltArzFh7NEst3sNoU:f7+Jn2uS+wHDColUFpj2oU","tlshash":"037312c2d62a35fe74f3c539d97a38001fe6b768d8384a8074f4d0bd2656138890af5b","first_seen":"2023-04-07T19:34:40Z","last_seen":"2026-04-21T11:46:55.790633Z","times_seen":2331,"resource_available":false,"data":null}},"time_used":959,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":541,"receive":416,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrth.lol/favicon.ico","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrth.lol/auth/login","date":"2025-08-18T17:27:06.499Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrth.lol","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 16:32:34 GMT","end":"Mon, 27 Oct 2025 16:32:33 GMT"},"fingerprint":{"sha1":"62:A6:D5:DD:63:8A:10:56:D6:EB:FD:0A:2D:C8:DC:C7:7A:2C:5F:76","sha256":"E8:22:42:87:33:85:31:06:46:78:2F:88:D9:CF:A1:16:57:E9:7E:64:F0:0D:AF:61:5C:72:6C:AD:24:E9:C3:1A"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.xmrth.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.xmrth.lol/auth/login\r\nCookie: sl-session=gNYiRN6zpGi5d0HpyChIXQ==; sl-challenge-server=cloud; sl_jwt_session=ApHpKHdwo2hn4VR6+zn4Uw==; sl_jwt_sign=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ndate: Mon, 18 Aug 2025 17:27:06 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 67646\r\nlast-modified: Sat, 05 Mar 2022 17:46:46 GMT\r\netag: \"6223a206-1083e\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":67646,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, -128x-128, 32 bits/pixel","md5":"2bd03c794d9ea82360e0f5e0cf84fbdf","sha1":"290d909ed2e94850c68c3efc97c3d700ddcef353","sha256":"f4ba9908f285718ac2063d735f2799347976585e196cec2b6398851e7677a8ff","sha512":"9a23ae4ffedfda8bccff75f9e7bb4f0ea7dc0988d85cd4924020e7b31e4b079998345cbdca77689713d912b0626e80346dd3f4d196d8e294b493dbcc00238183","ssdeep":"384:wxkk0tLvE2vpZ4u2CRhyuaDDLKlVg88X+BChPqSbUoBPsqSQfBvE49:wxryLvE2hZ52Ci9DVjoo3PsqpP9","tlshash":"be63de3228026269deba81f0e92bfac4c2f2566d8cdbeb6f84c0f53d56d5005f76e514","first_seen":"2025-08-18T17:27:25.344238Z","last_seen":"2025-08-18T17:27:25.344238Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1273,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":670,"receive":603,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"client.crisp.chat/static/fonts/noto_sans/0020-007F/noto_sans_regular.woff2?71d3864","fqdn":"client.crisp.chat","domain":"crisp.chat","tld":"chat"},"ip":{"addr":"104.18.28.104","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.xmrth.lol/auth/login","date":"2025-08-18T17:27:09.024Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crisp.chat","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 04 Jul 2025 01:27:25 GMT","end":"Thu, 02 Oct 2025 02:27:22 GMT"},"fingerprint":{"sha1":"7E:64:40:24:6C:D3:0D:F5:01:3C:9B:56:75:0D:17:1F:BE:27:95:B5","sha256":"25:62:AD:04:D5:F6:49:2F:91:8C:28:6D:E1:F7:48:AE:C6:CB:F6:F4:49:8E:AA:B7:1E:EA:80:10:8B:9F:F2:FF"}}},"request":{"raw":"GET /static/fonts/noto_sans/0020-007F/noto_sans_regular.woff2?71d3864 HTTP/1.1\r\nHost: client.crisp.chat\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.xmrth.lol\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://client.crisp.chat/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 18 Aug 2025 17:27:09 GMT\r\ncontent-type: application/font-woff2\r\ncontent-length: 10340\r\ncf-ray: 97131ec96c724e58-ARN\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: Content-Type, Origin\r\naccess-control-allow-methods: HEAD, GET, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 300\r\ncache-control: public, max-age=315360000\r\ncross-origin-resource-policy: cross-origin\r\netag: \"6899f9b1-2864\"\r\nexpires: Thu, 16 Aug 2035 17:27:09 GMT\r\nlast-modified: Mon, 11 Aug 2025 14:09:53 GMT\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10340,"size_decoded":0,"mime_type":"application/font-woff2","magic":"Web Open Font Format (Version 2), TrueType, length 10340, version 1.3932","md5":"78fa8c47eac0b8da9cca3a18bf86c011","sha1":"b90a9205a440c4a45271a4f325e32d1b05189206","sha256":"6a3dd77dcb09b4dd4f21dc57d0babf83c04d10eedd13037572384179d30106e5","sha512":"fc3f1c0af848540ba24f63bc837d1a7af28784ce0e33e3ff1ed62d7257dffa24fcd8de91106de6828328f088db362a87e6ab852a27ec682bf03e2934dd01b332","ssdeep":"192:tWsBBhOAaNbZh7Ykr9LY9qbEVExuidBU3t5akR+6bx+uhF7xKr8uaxwk:t5QMCY9q2Exu2a95OutPKYua/","tlshash":"9222bff11dc72c9ed05484706039de4ac9a7d69686ed06fc5ba314c31810f9ee1e3ae9","first_seen":"2023-04-11T10:28:32Z","last_seen":"2026-04-21T15:53:28.551136Z","times_seen":2551,"resource_available":false,"data":null}},"time_used":68,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":67,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xmrth.lol/user","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":80,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-08-18T17:26:55.100Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /user HTTP/1.1\r\nHost: www.xmrth.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 468 \r\nDate: Mon, 18 Aug 2025 17:26:55 GMT\r\nContent-Type: text/html\r\nContent-Length: 14892\r\nConnection: close\r\nSet-Cookie: sl-session=C2L1Fd+zpGih2Hqutagm7w==; Path=/; Max-Age=86400; HttpOnly\r\n\r\n","headers":null,"cookies":null,"status_code":"468","status_text":"","fingerprints":null,"data":{"size":14892,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (14560), with no line terminators","md5":"a8b87af5d1f7f54728565640d80eee51","sha1":"5ff778beb5e813dd28c5e1b88c4587243c4fe021","sha256":"d656ef34e06d8bfb07f7ad74dd910ab83f7e716772c96cd5fe23f7980ff0b284","sha512":"1b2700d1cb331c28dc3f6c22beb415aeaafa036afc0635292d1beeb40af25ec4835455f1424496663b31e0e8487a9422bf758cff655427f589a5f5ae3df8ba07","ssdeep":"192:gXWgmHhrHcu+xZ4Il/20M+fIgoiJLNlgnfyHX1poP+8DrrNTIgpbIu59i3dVuAl0:+m5ctxZ4SIgoOQUYt/z2uzi3OtKI","tlshash":"2b62af89773685a9218706fc7a9fbbce2739346d71825304b25eea146fc399c9f07c10","first_seen":"2025-08-18T17:27:25.346987Z","last_seen":"2025-08-18T17:27:25.346987Z","times_seen":1,"resource_available":false,"data":null}},"time_used":811,"timings":{"blocked":263,"dns":1,"connect":264,"send":0,"wait":264,"receive":19,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"challenge.rivers.chaitin.cn/challenge/v2/api/verify","fqdn":"challenge.rivers.chaitin.cn","domain":"chaitin.cn","tld":"cn"},"ip":{"addr":"121.196.236.254","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://www.xmrth.lol/user","date":"2025-08-18T17:26:59.658Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /challenge/v2/api/verify HTTP/1.1\r\nHost: challenge.rivers.chaitin.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.xmrth.lol/\r\nContent-Type: application/json\r\nContent-Length: 321\r\nOrigin: http://www.xmrth.lol\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Mon, 18 Aug 2025 17:26:59 GMT\r\nContent-Type: application/json\r\nContent-Length: 290\r\nConnection: keep-alive\r\nAccess-Control-Allow-Headers: Content-Type, Origin, Accept\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":290,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"9c6a9f60eb17db372f46c96e965676f0","sha1":"0526ef8052179ad0782765819e30758550eba2c7","sha256":"80d998b73c3629eeaed8bb8acebad9691e6a9077913687992191c36c4d039037","sha512":"4342afb0e5887909dd895101319aa4451607d1fe33bc4887f80456acb3b921f95df33b1369b798a70930b7bae5153341052414c70299f9d41496eccba8223203","ssdeep":"","tlshash":"9cd0e7115d6f4e5464d39311f32fe109554a31f7601100b27cd9c128f79cb853413255","first_seen":"2025-08-18T17:27:25.351678Z","last_seen":"2025-08-18T17:27:25.351678Z","times_seen":1,"resource_available":false,"data":null}},"time_used":201,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":199,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrth.lol/assets/npm/@fortawesome/fontawesome-free@5.8.2/css/all.min.css","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.xmrth.lol/auth/login","date":"2025-08-18T17:27:03.968Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrth.lol","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 16:32:34 GMT","end":"Mon, 27 Oct 2025 16:32:33 GMT"},"fingerprint":{"sha1":"62:A6:D5:DD:63:8A:10:56:D6:EB:FD:0A:2D:C8:DC:C7:7A:2C:5F:76","sha256":"E8:22:42:87:33:85:31:06:46:78:2F:88:D9:CF:A1:16:57:E9:7E:64:F0:0D:AF:61:5C:72:6C:AD:24:E9:C3:1A"}}},"request":{"raw":"GET /assets/npm/@fortawesome/fontawesome-free@5.8.2/css/all.min.css HTTP/1.1\r\nHost: www.xmrth.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.xmrth.lol/auth/login\r\nCookie: sl-session=gNYiRN6zpGi5d0HpyChIXQ==; sl-challenge-server=cloud; sl-challenge-jwt=; sl_jwt_session=ApHpKHdwo2hn4VR6+zn4Uw==; sl_jwt_sign=\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ndate: Mon, 18 Aug 2025 17:27:04 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 28 Jul 2022 04:40:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"62e2133e-d78f\"\r\nexpires: Tue, 19 Aug 2025 05:27:04 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":55183,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (54998)","md5":"77cbad34e5ce95e70847b074e05faeab","sha1":"50ccfd672cc8d4d4cff476204509c2fd51907ffa","sha256":"06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f","sha512":"aea425b5746e1f1b4f5a192da406712c751527712899b9f786f93d3c78d5fcde43314627cca3c2d62dee6f49845e0173b1a64d789728134607ab48ff185b1d1a","ssdeep":"768:nuC31UP18Pq4/vnU6UHJXkQCZ/WMQyjJKX7I9sGsQz5:nu5PWC4/vYH5BCkgc7qsiF","tlshash":"bd430bb8e54c41c9a731c44fbf82b2bc61b6f73ce5914d95f00e691c2ad26a811c9fb9","first_seen":"2023-04-05T05:12:38Z","last_seen":"2026-04-21T14:05:12.113165Z","times_seen":3971,"resource_available":false,"data":null}},"time_used":867,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":867,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrth.lol/assets/npm/tooltip.js@1.3.2/dist/umd/tooltip.min.js","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.xmrth.lol/auth/login","date":"2025-08-18T17:27:03.981Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrth.lol","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 16:32:34 GMT","end":"Mon, 27 Oct 2025 16:32:33 GMT"},"fingerprint":{"sha1":"62:A6:D5:DD:63:8A:10:56:D6:EB:FD:0A:2D:C8:DC:C7:7A:2C:5F:76","sha256":"E8:22:42:87:33:85:31:06:46:78:2F:88:D9:CF:A1:16:57:E9:7E:64:F0:0D:AF:61:5C:72:6C:AD:24:E9:C3:1A"}}},"request":{"raw":"GET /assets/npm/tooltip.js@1.3.2/dist/umd/tooltip.min.js HTTP/1.1\r\nHost: www.xmrth.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.xmrth.lol/auth/login\r\nCookie: sl-session=gNYiRN6zpGi5d0HpyChIXQ==; sl-challenge-server=cloud; sl-challenge-jwt=; sl_jwt_session=ApHpKHdwo2hn4VR6+zn4Uw==; sl_jwt_sign=\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ndate: Mon, 18 Aug 2025 17:27:04 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 28 Jul 2022 04:40:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"62e2133e-18e2\"\r\nexpires: Tue, 19 Aug 2025 05:27:04 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":6370,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6196)","md5":"16f19fcaf589d74f7eb20e3be9fb67e2","sha1":"32068153d90013337ce9a4b186d3e38c7f385e11","sha256":"56f17578932781d20ea068deb0488cf3c26b7e52e075b2565c7ed626bf23b832","sha512":"f035b2594a837d4150b5c9dbbf027d77577b2f3ab135418efcce5de7600f314f20c07e379185f468e80e64175fc099a4f672df08de6c5816c237dc4b13465f40","ssdeep":"192:Wd8qlV4jluPyViiUDoGpMluxuw72/zmoS3vvs0ATWk7K:+8qP4x7iihG2+umOzlS3FA6k7K","tlshash":"dbd1725ab6627a730287a17416bf620f717394ab75c4887cf220d9dc1e7c908f1a7d78","first_seen":"2023-03-08T14:32:41Z","last_seen":"2026-04-19T14:48:04.980813Z","times_seen":66,"resource_available":true,"data":null}},"time_used":438,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":438,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xmrth.lol/user","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":80,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-08-18T17:27:02.872Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /user HTTP/1.1\r\nHost: www.xmrth.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-challenge-server=cloud; sl-challenge-jwt=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJjbGllbnRfaWQiOiIxODkzN2I5MTEzM2Q0Y2U1YWJlMDY2NjNkM2IyNzBjZV8xMCIsImlhdCI6MTc1NTUzODAxOSwibGV2ZWwiOjF9.rThsc4feTOczCsOJNuS38RTW0zJvvEr-IRu2mX17HeBFIvurKr88SnXEts02PUVjHlwz59K9IGL3O71i-HDrlA\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nDate: Mon, 18 Aug 2025 17:27:03 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 0\r\nConnection: keep-alive\r\nLocation: /auth/login\r\nSet-Cookie: sl_jwt_session=ApHpKHdwo2hn4VR6+zn4Uw==;Path=/; Max-Age=3600; HttpOnly\nsl_jwt_sign=;Path=/; Max-Age=3600; HttpOnly\nsl-challenge-jwt=; Domain=; Path=/; Max-Age=1\nsl-session=HwNVReezpGjqR67w1+U44w==; Path=/; Max-Age=86400; HttpOnly\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":10344,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-21T16:33:36.951402Z","times_seen":14022883,"resource_available":true,"data":null}},"time_used":437,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":437,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrth.lol/theme/malio/assets/css/style.css","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.xmrth.lol/auth/login","date":"2025-08-18T17:27:03.970Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrth.lol","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 16:32:34 GMT","end":"Mon, 27 Oct 2025 16:32:33 GMT"},"fingerprint":{"sha1":"62:A6:D5:DD:63:8A:10:56:D6:EB:FD:0A:2D:C8:DC:C7:7A:2C:5F:76","sha256":"E8:22:42:87:33:85:31:06:46:78:2F:88:D9:CF:A1:16:57:E9:7E:64:F0:0D:AF:61:5C:72:6C:AD:24:E9:C3:1A"}}},"request":{"raw":"GET /theme/malio/assets/css/style.css HTTP/1.1\r\nHost: www.xmrth.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.xmrth.lol/auth/login\r\nCookie: sl-session=gNYiRN6zpGi5d0HpyChIXQ==; sl-challenge-server=cloud; sl-challenge-jwt=; sl_jwt_session=ApHpKHdwo2hn4VR6+zn4Uw==; sl_jwt_sign=\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ndate: Mon, 18 Aug 2025 17:27:04 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 05 Mar 2022 15:16:00 GMT\r\nvary: Accept-Encoding\r\netag: W/\"62237eb0-1f1c0\"\r\nexpires: Tue, 19 Aug 2025 05:27:04 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":127424,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, ASCII text, with very long lines (3874)","md5":"bf1fcb76f10004f5d7334dbc7bafff4c","sha1":"531945787d6cde650869a111d8f16942e387de20","sha256":"589d5fbcd1c2f95bc9933b4e2298f17bfb99ef92dc6b61d89170029b2c041ff3","sha512":"53c4f159ab4778a31015f0d908a9176f3061d9544ab671ec410a6865acd37aed98419f1fcda611bff7d6d7a361e68ed2a4bc7d6cf7094ecb192f5ce7fb23cc10","ssdeep":"1536:UbY+6bxEacehbBZYoKb1AbvkPNb11BLbHYgZ7VO9iMczb3cjrKaKgBfNuDiqnTpo:ABU+phbMcP3MHuD1TpGauTwU93OVrs5","tlshash":"5cc3fa87a6e3340c34a6595866b6bba13b2a4443d40dce7e766f325ccf483c456a7f8c","first_seen":"2023-08-27T13:01:17Z","last_seen":"2026-04-19T14:48:04.963915Z","times_seen":32,"resource_available":false,"data":null}},"time_used":866,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":866,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/nunito/v31/XRXV3I6Li01BKofINeaB.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.xmrth.lol/auth/login","date":"2025-08-18T17:27:05.944Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:35:11 GMT","end":"Mon, 29 Sep 2025 08:35:10 GMT"},"fingerprint":{"sha1":"43:A0:95:35:FB:C7:02:15:92:9E:20:20:0D:0A:E7:8F:93:61:52:CD","sha256":"F1:59:AE:4E:F0:84:C7:D9:0F:67:4F:CB:FE:A6:ED:7D:47:17:4F:83:AA:B4:ED:FE:F5:F2:69:A8:AB:43:0E:0B"}}},"request":{"raw":"GET /s/nunito/v31/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.xmrth.lol\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 39104\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 14 Aug 2025 10:32:03 GMT\r\nexpires: Fri, 14 Aug 2026 10:32:03 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Thu, 29 May 2025 23:46:18 GMT\r\ncontent-type: font/woff2\r\nage: 370503\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":39104,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 39104, version 1.0","md5":"6009e68ecba183fb9a2b7932afbc82fc","sha1":"15caf30c763b8e49f9a4c247a60b2d5230c865c4","sha256":"24049eb07de61e14aa9e8654cb8450ff06f52152f007f6b10b9d1836de36aa0e","sha512":"0d9549fe4adc7798e5825d2ba4191585451ff0f8cd5da32cb77ce24873c696b7a7e1277c80676df56de6a70be009c927d52a2d098c29299e7fc55d3e3d94c7b2","ssdeep":"768:W74CUaLrqxd9HUjIuD1gzyYU4PIRWzBcomD4IF+W:etUaL2dyjIE+zeK6omT0W","tlshash":"8503f1c312096560fe169bfef389c34eaaa7ceb1b9d644900b711c9cf99ad6130e0813","first_seen":"2025-06-02T18:51:18.970314Z","last_seen":"2026-04-21T13:36:46.450189Z","times_seen":3128,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":111,"dns":1,"connect":21,"send":0,"wait":11,"receive":4,"ssl":86},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"wss","addr":"client.relay.crisp.chat/w/617/?EIO=4\u0026transport=websocket","fqdn":"client.relay.crisp.chat","domain":"crisp.chat","tld":"chat"},"ip":{"addr":"64.227.36.222","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://www.xmrth.lol/auth/login","date":"2025-08-18T17:27:06.426Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"client.relay.crisp.chat","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 03 Jul 2025 00:00:00 GMT","end":"Mon, 29 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"CE:90:EE:6D:D5:63:F5:A1:37:0F:51:0C:32:82:59:67:AE:D0:33:E7","sha256":"B4:16:9C:53:C5:9E:50:98:26:14:D8:A8:13:14:9F:B0:2D:AF:A3:3A:52:8C:70:C7:1D:23:EB:2B:39:D0:CC:71"}}},"request":{"raw":"GET /w/617/?EIO=4\u0026transport=websocket HTTP/1.1\r\nHost: client.relay.crisp.chat\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://www.xmrth.lol\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: ATIx8bGaVQnoGfIqxqgSlw==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nServer: nginx\r\nDate: Mon, 18 Aug 2025 17:27:06 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: uzx1wxsC2wND0em64yKPGLzLlJQ=\r\nX-Crisp-Ray: website w:617 10.133.254.92:3000\r\nAccess-Control-Allow-Headers: Content-Type, Origin, Upgrade\r\nAccess-Control-Allow-Methods: HEAD, GET, OPTIONS\r\nAccess-Control-Allow-Credentials: false\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Max-Age: 300\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-21T16:33:36.951402Z","times_seen":14022883,"resource_available":true,"data":null}},"time_used":330,"timings":{"blocked":0,"dns":117,"connect":137,"send":0,"wait":41,"receive":0,"ssl":151},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"challenge.rivers.chaitin.cn/challenge/v2/api/issue","fqdn":"challenge.rivers.chaitin.cn","domain":"chaitin.cn","tld":"cn"},"ip":{"addr":"121.196.236.254","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://www.xmrth.lol/user","date":"2025-08-18T17:26:58.223Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /challenge/v2/api/issue HTTP/1.1\r\nHost: challenge.rivers.chaitin.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.xmrth.lol/\r\nContent-Type: application/json\r\nContent-Length: 61\r\nOrigin: http://www.xmrth.lol\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Mon, 18 Aug 2025 17:26:58 GMT\r\nContent-Type: application/json\r\nContent-Length: 150\r\nConnection: keep-alive\r\nAccess-Control-Allow-Headers: Content-Type, Origin, Accept\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":150,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"e2aa152e4eb83c90ed2ddd8e990441f2","sha1":"e53868c1811de16e6e6228e42409d0ccbe8c9625","sha256":"d738fed41ac15f55a54ecf71edc507461ced9c9fbe71496f3218880263adb872","sha512":"bc247f73c03814d8aa7de4bbfa8172ab498fe295fda5328e1b8b7a293199b050fc30a0e4a653718d9399c0e1404736a4533a31ffb6f00d6bd961420bba5770ea","ssdeep":"","tlshash":"a5c02b009c049cdc350300cfa203d42749f05b319c3138ce3fa0b543e20c1780513e30","first_seen":"2025-08-18T17:27:25.357765Z","last_seen":"2025-08-18T17:27:25.357765Z","times_seen":1,"resource_available":false,"data":null}},"time_used":197,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":197,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrth.lol/theme/malio/js/malio.js?v15","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.xmrth.lol/auth/login","date":"2025-08-18T17:27:03.996Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrth.lol","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 16:32:34 GMT","end":"Mon, 27 Oct 2025 16:32:33 GMT"},"fingerprint":{"sha1":"62:A6:D5:DD:63:8A:10:56:D6:EB:FD:0A:2D:C8:DC:C7:7A:2C:5F:76","sha256":"E8:22:42:87:33:85:31:06:46:78:2F:88:D9:CF:A1:16:57:E9:7E:64:F0:0D:AF:61:5C:72:6C:AD:24:E9:C3:1A"}}},"request":{"raw":"GET /theme/malio/js/malio.js?v15 HTTP/1.1\r\nHost: www.xmrth.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.xmrth.lol/auth/login\r\nCookie: sl-session=gNYiRN6zpGi5d0HpyChIXQ==; sl-challenge-server=cloud; sl-challenge-jwt=; sl_jwt_session=ApHpKHdwo2hn4VR6+zn4Uw==; sl_jwt_sign=\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ndate: Mon, 18 Aug 2025 17:27:04 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 07 Aug 2025 13:33:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6894ab37-1754f\"\r\nexpires: Tue, 19 Aug 2025 05:27:04 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":95567,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"1053929913ec00a752041d93af5a1370","sha1":"d07c1c974e3e123cc194240528376d5aee1941ba","sha256":"4dc46d486a63fd3e7ad5184df349d88d3ad857c5b68d30513277253129f0a1d3","sha512":"ae16e4e6d954077c4494f81b94efc0f0f66e88227077daaef2e83128ccd143cdf6e7e1baa571ac607dd5bea81a10741fd8731d1c8acfd681186dfebef00211b0","ssdeep":"1536:hTZFq4CkK8dfxANxLS0LoprmsHr7uYdD/5LRJddd3dadTdSd3d/nLbkCcUfLiBY:hINxLS0LoprmsHr7uYdD/5LRJddd3da2","tlshash":"54931b4d68fb60214277357f4abf9460b72a04174508ee12bc9c66d0efc466ceaf2b79","first_seen":"2025-08-18T17:27:25.359534Z","last_seen":"2025-08-18T17:27:25.359534Z","times_seen":1,"resource_available":true,"data":null}},"time_used":995,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":995,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Nunito:400,600,700,800","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.xmrth.lol/auth/login","date":"2025-08-18T17:27:05.306Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:35:11 GMT","end":"Mon, 29 Sep 2025 08:35:10 GMT"},"fingerprint":{"sha1":"DF:A1:DB:1F:BC:5E:31:D7:F8:FE:26:E3:B9:B3:02:98:B1:C8:50:EC","sha256":"A2:57:20:B6:AE:46:89:B9:39:C7:57:9B:1E:43:96:E3:5A:BC:7E:3F:1D:18:10:34:CC:53:3D:DB:78:4E:5C:21"}}},"request":{"raw":"GET /css?family=Nunito:400,600,700,800 HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.xmrth.lol/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Mon, 18 Aug 2025 17:27:05 GMT\r\ndate: Mon, 18 Aug 2025 17:27:05 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6844,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"abc97d82398070e14d1ed51430b7da8a","sha1":"50eebe5e467de44cde32b809ef99d5f9ff4a76c9","sha256":"46302847a843596091e313a4a6527e37ba6f55ff8dd48f15dd46bb358869c47f","sha512":"70fc6f94a8cafb51647b61300eb4fd95ee18c2adf1b04097238289c98455389a37bb9f8129d98b6c8ac31298c24960245c4237e31da023f482abdd807e2029f3","ssdeep":"192:kI0T7KLmDIGT1oLU4I5TyzL/ZIYTnWLaq:HiOQDhF+g","tlshash":"90e1a991142bd400a7832cc6a7df7e32dd8ea2103454c47aebfd989cdca7d272260b5e","first_seen":"2025-06-14T02:10:54.291186Z","last_seen":"2025-09-12T10:16:24.670526Z","times_seen":10,"resource_available":false,"data":null}},"time_used":142,"timings":{"blocked":60,"dns":0,"connect":7,"send":0,"wait":22,"receive":0,"ssl":50},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenge.rivers.chaitin.cn/challenge/v2/challenge.js","fqdn":"challenge.rivers.chaitin.cn","domain":"chaitin.cn","tld":"cn"},"ip":{"addr":"121.196.236.254","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.xmrth.lol/user","date":"2025-08-18T17:26:55.778Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenge.rivers.chaitin.cn","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 07 Aug 2025 21:41:33 GMT","end":"Wed, 05 Nov 2025 21:41:32 GMT"},"fingerprint":{"sha1":"6B:A0:B0:F4:0A:AB:1B:38:FE:66:C7:9C:11:8B:A9:6F:8A:D8:27:B3","sha256":"9C:A5:6C:9D:A4:06:41:83:5E:57:FD:B4:F1:CA:C2:C0:85:9C:F7:CF:89:E2:45:8C:BA:8F:02:E0:DE:33:85:E4"}}},"request":{"raw":"GET /challenge/v2/challenge.js HTTP/1.1\r\nHost: challenge.rivers.chaitin.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xmrth.lol/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Mon, 18 Aug 2025 17:26:56 GMT\r\nContent-Type: text/javascript; charset=utf-8\r\nContent-Length: 107351\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Headers: Content-Type, Origin, Accept\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":107351,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65338), with no line terminators","md5":"38cf1b7aeebd9a29a9b5fd756998a91f","sha1":"ffd1dc9eda6c750e7380010560ff80b08d7b1657","sha256":"8d7bac4e877730f5e1671c8031d9bcc50484521e5faa3fcd775f5cdd895c2eb5","sha512":"69d0d5d1cc0e174f3a8b46b25b53fead30c84fae7fd93c45948f01295d2da53c1462d719b42744fcf45ae4ce48b7cdf09bfb17faecda52b6ce5e1af06ed92b6c","ssdeep":"1536:t1ISToO6V4zLkXFEpxtmNMJGcADl9l1SV0FrL7TmTQ6pHvavwpNTWv2CX1zTRvce:t3ZXM9yze","tlshash":"72a3e5dcbac7b069126379b9413f600bf23a7d55681d8801d226d5c23d79e5e8237ebc","first_seen":"2025-02-23T20:31:09.702226Z","last_seen":"2025-09-04T09:39:15.695631Z","times_seen":67,"resource_available":true,"data":null}},"time_used":1770,"timings":{"blocked":454,"dns":15,"connect":220,"send":0,"wait":436,"receive":425,"ssl":218},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xmrth.lol/.safeline/static/favicon.png","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":80,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xmrth.lol/user","date":"2025-08-18T17:26:55.875Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /.safeline/static/favicon.png HTTP/1.1\r\nHost: www.xmrth.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xmrth.lol/user\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 18 Aug 2025 17:26:56 GMT\r\nContent-Type: image/png\r\nContent-Length: 5877\r\nLast-Modified: Thu, 06 Feb 2025 10:10:44 GMT\r\nConnection: keep-alive\r\nETag: \"67a48aa4-16f5\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5877,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit colormap, non-interlaced","md5":"2be075e4a1cfec3835c04507a5e3dc18","sha1":"e78062a21d45cb70ce944d4a9e8e0c626477fb63","sha256":"5ca2e0cb829146e179354847f6f9d3fde4664e675735108d65ec8dda79855ae2","sha512":"5a1e02c58ec932100e075c82c9ff9fe7013342f6c6c17019728791e408d6bb1f810f92ae3fff9fc979eb8ed19ad5653ff64492952771b63f223bf3c929271757","ssdeep":"96:BtTIoD+Ua6R2qGxC/xhzdMSVqaRIZAiZx8mLSy0HBbgAk2IMNN:fZ+6R2JgfzBwAq8mLeB8hk","tlshash":"36c1c0aa9b55026846cbef0436dacd6edbb6154f39cc712083803e30e5d1fb761d860d","first_seen":"2024-10-11T09:03:21.972949Z","last_seen":"2026-04-21T12:29:38.375304Z","times_seen":193,"resource_available":false,"data":null}},"time_used":271,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":271,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"challenge.rivers.chaitin.cn/challenge/v2/calc.js","fqdn":"challenge.rivers.chaitin.cn","domain":"chaitin.cn","tld":"cn"},"ip":{"addr":"121.196.236.254","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://www.xmrth.lol/user","date":"2025-08-18T17:26:57.256Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /challenge/v2/calc.js HTTP/1.1\r\nHost: challenge.rivers.chaitin.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.xmrth.lol/\r\nOrigin: http://www.xmrth.lol\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Mon, 18 Aug 2025 17:26:57 GMT\r\nContent-Type: text/javascript; charset=utf-8\r\nContent-Length: 2999\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Headers: Content-Type, Origin, Accept\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2999,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2999), with no line terminators","md5":"d7e6c8e417c83ee1593564aee1c40d13","sha1":"324b316a2a72e64a9c831bbcb9a2ef548c6c61cc","sha256":"69e5ea2af61933296bcfc1d9b55afc652b6425c7c95644c02bbe65b1f63a7a52","sha512":"ec2dcd7c4d40901cd0cdb8e340488345731ff71f1194eb858bd369c4f19bfeb5607a8b8d68f678f2456ac4068cc41dd16e7a8d1a1ef3f541d41fa7de5412f891","ssdeep":"","tlshash":"ec51618f36b074461b0765b5662f900baab2bc7b0a4da460d31cc8f83cb855e4197f6e","first_seen":"2025-02-23T20:31:09.703994Z","last_seen":"2026-04-19T14:51:53.152208Z","times_seen":141,"resource_available":false,"data":null}},"time_used":929,"timings":{"blocked":365,"dns":0,"connect":196,"send":0,"wait":199,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"challenge.rivers.chaitin.cn/challenge/v2/calc.wasm","fqdn":"challenge.rivers.chaitin.cn","domain":"chaitin.cn","tld":"cn"},"ip":{"addr":"121.196.236.254","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://www.xmrth.lol/user","date":"2025-08-18T17:26:57.827Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /challenge/v2/calc.wasm HTTP/1.1\r\nHost: challenge.rivers.chaitin.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.xmrth.lol/\r\nOrigin: http://www.xmrth.lol\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Mon, 18 Aug 2025 17:26:57 GMT\r\nContent-Type: application/wasm\r\nContent-Length: 911\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Headers: Content-Type, Origin, Accept\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"WebAssembly","description":"WebAssembly (abbreviated Wasm) is a binary instruction format for a stack-based virtual machine. Wasm is designed as a portable compilation target for programming languages, enabling deployment on the web for client and server applications.","website":"https://webassembly.org/","common_platform_enumeration":"","icon":"WebAssembly.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":911,"size_decoded":0,"mime_type":"application/wasm","magic":"WebAssembly (wasm) binary module version 0x1 (MVP)","md5":"560619e83e0cfb1a67f1e7a2777be9fc","sha1":"05b1f7f124e86efb69c270641c48d7aa39ab5970","sha256":"9bb167113224c1bd710b2ab974ff6b7754dd0d3c08b582c4d57b875c134e3bda","sha512":"f4d9bfc0ae3454e26b6bfe1a942475d94413f3765e5c0f75824bf87fd631084cc37f7b4f56928655e0eed2ffe8a3026161d81ac31476c695b41fc3f7b9fb02fd","ssdeep":"","tlshash":"d6112327eb058ab9b630c94a097b83614f591844bbcca352153360f61dfb76021c2560","first_seen":"2025-02-23T20:31:09.704921Z","last_seen":"2026-04-19T14:51:53.153687Z","times_seen":145,"resource_available":false,"data":null}},"time_used":197,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":197,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"image.crisp.chat/avatar/operator/efdd70c9-d6d4-462a-aba1-46fa58108223/60/?1737222594551","fqdn":"image.crisp.chat","domain":"crisp.chat","tld":"chat"},"ip":{"addr":"104.18.28.104","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrth.lol/auth/login","date":"2025-08-18T17:27:09.006Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crisp.chat","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 04 Jul 2025 01:27:25 GMT","end":"Thu, 02 Oct 2025 02:27:22 GMT"},"fingerprint":{"sha1":"7E:64:40:24:6C:D3:0D:F5:01:3C:9B:56:75:0D:17:1F:BE:27:95:B5","sha256":"25:62:AD:04:D5:F6:49:2F:91:8C:28:6D:E1:F7:48:AE:C6:CB:F6:F4:49:8E:AA:B7:1E:EA:80:10:8B:9F:F2:FF"}}},"request":{"raw":"GET /avatar/operator/efdd70c9-d6d4-462a-aba1-46fa58108223/60/?1737222594551 HTTP/1.1\r\nHost: image.crisp.chat\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.xmrth.lol/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 18 Aug 2025 17:27:09 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\ncf-ray: 97131ec94c314e58-ARN\r\ncache-control: public, max-age=315360000\r\ncross-origin-resource-policy: cross-origin\r\nexpires: Thu, 16 Aug 2035 17:27:09 GMT\r\nlast-modified: Sun, 17 Aug 2025 19:03:42 GMT\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"6d22e4f2d2057c6e8d6fab098e76e80f","sha1":"b80b11203d97fe01c5597ca3be70406ea48f5709","sha256":"afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277","sha512":"95dd0e4944b1541a9be48a60a1a105fcfa0d69dd215abaa9c1771adecc5ee0c0fe91d0eb367b6d46a4f8b2e06e6fb962d56dfc1c53f1f62cc8b314710628cb1e","ssdeep":"","tlshash":"ed900003eb800003e2bae0320b0e0b80238cac200ebc030b80aeb0acecba2a00c03020","first_seen":"2023-04-05T05:18:26Z","last_seen":"2026-04-21T15:53:29.028821Z","times_seen":17097,"resource_available":true,"data":null}},"time_used":81,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":81,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"client.crisp.chat/static/stylesheets/client_default.css?71d3864","fqdn":"client.crisp.chat","domain":"crisp.chat","tld":"chat"},"ip":{"addr":"104.18.28.104","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.xmrth.lol/auth/login","date":"2025-08-18T17:27:06.040Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crisp.chat","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 04 Jul 2025 01:27:25 GMT","end":"Thu, 02 Oct 2025 02:27:22 GMT"},"fingerprint":{"sha1":"7E:64:40:24:6C:D3:0D:F5:01:3C:9B:56:75:0D:17:1F:BE:27:95:B5","sha256":"25:62:AD:04:D5:F6:49:2F:91:8C:28:6D:E1:F7:48:AE:C6:CB:F6:F4:49:8E:AA:B7:1E:EA:80:10:8B:9F:F2:FF"}}},"request":{"raw":"GET /static/stylesheets/client_default.css?71d3864 HTTP/1.1\r\nHost: client.crisp.chat\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.xmrth.lol/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 18 Aug 2025 17:27:06 GMT\r\ncontent-type: text/css\r\ncontent-encoding: br\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: Content-Type, Origin\r\naccess-control-allow-methods: HEAD, GET, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 300\r\ncache-control: public, max-age=315360000\r\ncross-origin-resource-policy: cross-origin\r\netag: W/\"6899fb0b-1c58f\"\r\nexpires: Thu, 16 Aug 2035 17:27:06 GMT\r\nlast-modified: Mon, 11 Aug 2025 14:15:39 GMT\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 11384\r\npriority: u=2,i=?0\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 97131eb6cb9f4e58-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":116111,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65437)","md5":"bfd89c16d94183ea856ce78befbfcbe8","sha1":"c708ef4d9e9cced796f08995ba0faf1ed2692e70","sha256":"f48d9e8700993db920248a60d0f3954a4bcd48376c7285f68b14262f3c614c17","sha512":"93a8edb659119e1d39077c02593ea146a057498433ddbc28e9885b2473633d1577dbec92f353d571a8441aa42ea1427bdf08fbaec2c5af40b829f88e94f79128","ssdeep":"768:00jtUFj+utH46l2xyXxlZmwwtGqJWIRyWVJeEg7Dm4S4+qf8:hol2AxlZmwwtGqJWIRygesq0","tlshash":"41b3ef0bf29a502120d25ea27cc5733a082e60ff9701aa39e19676be4d951ef177c73c","first_seen":"2025-08-12T03:30:15.137531Z","last_seen":"2025-09-06T11:06:18.704486Z","times_seen":156,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"client.crisp.chat/settings/website/5690d3a5-53e4-435e-a52b-12af296b5cd9/?callback=window.%24__CRISP_INSTANCE.__spool.website_settings_handler\u00261737222594551","fqdn":"client.crisp.chat","domain":"crisp.chat","tld":"chat"},"ip":{"addr":"104.18.28.104","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.xmrth.lol/auth/login","date":"2025-08-18T17:27:06.776Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crisp.chat","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 04 Jul 2025 01:27:25 GMT","end":"Thu, 02 Oct 2025 02:27:22 GMT"},"fingerprint":{"sha1":"7E:64:40:24:6C:D3:0D:F5:01:3C:9B:56:75:0D:17:1F:BE:27:95:B5","sha256":"25:62:AD:04:D5:F6:49:2F:91:8C:28:6D:E1:F7:48:AE:C6:CB:F6:F4:49:8E:AA:B7:1E:EA:80:10:8B:9F:F2:FF"}}},"request":{"raw":"GET /settings/website/5690d3a5-53e4-435e-a52b-12af296b5cd9/?callback=window.%24__CRISP_INSTANCE.__spool.website_settings_handler\u00261737222594551 HTTP/1.1\r\nHost: client.crisp.chat\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.xmrth.lol/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 18 Aug 2025 17:27:06 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-encoding: br\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: Content-Type, Origin\r\naccess-control-allow-methods: HEAD, GET, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 300\r\ncache-control: public, max-age=14400\r\ncross-origin-resource-policy: cross-origin\r\nexpires: Mon, 18 Aug 2025 21:27:06 GMT\r\nvary: Accept-Encoding\r\nlast-modified: Mon, 18 Aug 2025 17:27:06 GMT\r\ncf-cache-status: EXPIRED\r\npriority: u=3,i=?0\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 97131ebb6f604e58-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1743,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (1727), with no line terminators","md5":"92b0988881a2311db3cdcbfd76bc11ac","sha1":"7c1f7faee3a5c3047a8809356721db9da9001dab","sha256":"be34e428fb6bd8e3e9f75cd01d245dc42bbd9e05de572cc37e70030dccd67c99","sha512":"6e46006aa7c46367ddd537d482b6d3748ed4f9a7a78cad6dfcf74708f88b3eeba9718b6324e909c463bd9d1d1546418d46c7a00e3a67d55ab207651be7127f0b","ssdeep":"","tlshash":"7831421d85950cbed4a49346da027f4a1f6c2127aa44f894f99c8e5c32f76cf7372513","first_seen":"2025-08-18T17:27:25.367193Z","last_seen":"2025-08-18T17:27:25.367193Z","times_seen":1,"resource_available":true,"data":null}},"time_used":117,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":117,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"client.crisp.chat/static/javascripts/locales/en.js?71d3864","fqdn":"client.crisp.chat","domain":"crisp.chat","tld":"chat"},"ip":{"addr":"104.18.28.104","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.xmrth.lol/auth/login","date":"2025-08-18T17:27:06.901Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crisp.chat","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 04 Jul 2025 01:27:25 GMT","end":"Thu, 02 Oct 2025 02:27:22 GMT"},"fingerprint":{"sha1":"7E:64:40:24:6C:D3:0D:F5:01:3C:9B:56:75:0D:17:1F:BE:27:95:B5","sha256":"25:62:AD:04:D5:F6:49:2F:91:8C:28:6D:E1:F7:48:AE:C6:CB:F6:F4:49:8E:AA:B7:1E:EA:80:10:8B:9F:F2:FF"}}},"request":{"raw":"GET /static/javascripts/locales/en.js?71d3864 HTTP/1.1\r\nHost: client.crisp.chat\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.xmrth.lol/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 18 Aug 2025 17:27:06 GMT\r\ncontent-type: application/javascript\r\ncontent-encoding: br\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: Content-Type, Origin\r\naccess-control-allow-methods: HEAD, GET, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 300\r\ncache-control: public, max-age=315360000\r\ncross-origin-resource-policy: cross-origin\r\netag: W/\"6899f9b1-2714\"\r\nexpires: Thu, 16 Aug 2035 17:27:06 GMT\r\nlast-modified: Mon, 11 Aug 2025 14:09:53 GMT\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 11368\r\npriority: u=3,i=?0\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 97131ebc29164e58-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10004,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (9909)","md5":"9ee2c3099def83547519d547ae1d727f","sha1":"ebcf6325d54a64a7f667da3c18bbe15b7664a94b","sha256":"055ca2eeb54c30350a3e8db5a5041c15ac7d5e854135ab9a0b9e85d820dab319","sha512":"c793328cc32163a86356265857e815bf97397c59bc7e132204f10f1c6bd1481263a2f1dd4121b9f0fc9f14101fe872d3093b0d1995a63e917534aabe5f4b23f9","ssdeep":"192:L9CjyFnokBNEyazGPlDYqvWXfvxEwFwpS6FaFMNRFco3:L9CjyldB+yazG5XOXv6rR","tlshash":"1e22a71edb7a4f2e83324bc2b2c5b2264d6564d44da4a473c82e49bd02b48d5b25becd","first_seen":"2025-08-12T08:30:53.194859Z","last_seen":"2025-09-06T11:06:18.732705Z","times_seen":123,"resource_available":true,"data":null}},"time_used":44,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":43,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"image.crisp.chat/avatar/operator/d31d44ed-cd95-4452-89ca-86a022ddf2a1/60/?1737222594551","fqdn":"image.crisp.chat","domain":"crisp.chat","tld":"chat"},"ip":{"addr":"104.18.28.104","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrth.lol/auth/login","date":"2025-08-18T17:27:09.011Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crisp.chat","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 04 Jul 2025 01:27:25 GMT","end":"Thu, 02 Oct 2025 02:27:22 GMT"},"fingerprint":{"sha1":"7E:64:40:24:6C:D3:0D:F5:01:3C:9B:56:75:0D:17:1F:BE:27:95:B5","sha256":"25:62:AD:04:D5:F6:49:2F:91:8C:28:6D:E1:F7:48:AE:C6:CB:F6:F4:49:8E:AA:B7:1E:EA:80:10:8B:9F:F2:FF"}}},"request":{"raw":"GET /avatar/operator/d31d44ed-cd95-4452-89ca-86a022ddf2a1/60/?1737222594551 HTTP/1.1\r\nHost: image.crisp.chat\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.xmrth.lol/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 18 Aug 2025 17:27:09 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\ncf-ray: 97131ec95c3b4e58-ARN\r\ncache-control: public, max-age=315360000\r\ncross-origin-resource-policy: cross-origin\r\nexpires: Thu, 16 Aug 2035 17:27:09 GMT\r\nlast-modified: Sun, 17 Aug 2025 19:03:42 GMT\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"6d22e4f2d2057c6e8d6fab098e76e80f","sha1":"b80b11203d97fe01c5597ca3be70406ea48f5709","sha256":"afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277","sha512":"95dd0e4944b1541a9be48a60a1a105fcfa0d69dd215abaa9c1771adecc5ee0c0fe91d0eb367b6d46a4f8b2e06e6fb962d56dfc1c53f1f62cc8b314710628cb1e","ssdeep":"","tlshash":"ed900003eb800003e2bae0320b0e0b80238cac200ebc030b80aeb0acecba2a00c03020","first_seen":"2023-04-05T05:18:26Z","last_seen":"2026-04-21T15:53:29.028821Z","times_seen":17097,"resource_available":true,"data":null}},"time_used":73,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"challenge.rivers.chaitin.cn/challenge/v2/challenge.css","fqdn":"challenge.rivers.chaitin.cn","domain":"chaitin.cn","tld":"cn"},"ip":{"addr":"121.196.236.254","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://www.xmrth.lol/user","date":"2025-08-18T17:26:57.123Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /challenge/v2/challenge.css HTTP/1.1\r\nHost: challenge.rivers.chaitin.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xmrth.lol/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Mon, 18 Aug 2025 17:26:57 GMT\r\nContent-Type: text/css; charset=utf-8\r\nContent-Length: 6277\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Headers: Content-Type, Origin, Accept\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6277,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (6277), with no line terminators","md5":"61ef796c5fd53dce6871538a9f23327a","sha1":"5a2c5032c4dee4229f90c53ad494bc8a942c3767","sha256":"85dfffa2c8de1a360b3531087bac677fc83f8d91fa0addf379cbe09fcc38aaa8","sha512":"02ed4eb50e69b26575b58a58d52f8b296d427c342429887f10bb41b2faa2fb9e7095f9c23df082aa582dae967bb3890f7c82ac082b0f47de0e3458d24c74b086","ssdeep":"192:4ScUzU/R6Ub/vhszjvsNRhs08wsY8vosqOmsww/osNRT:5cUzU/R6Ub/6zj0NRi08hY8vZqO7ww/Z","tlshash":"39d1dedb15614395e527ab63a3cc8e4c4535ca529d3106eff2226a2ec3c3fb4131b96b","first_seen":"2025-02-23T20:31:09.703056Z","last_seen":"2026-04-19T14:51:53.161166Z","times_seen":148,"resource_available":false,"data":null}},"time_used":746,"timings":{"blocked":248,"dns":1,"connect":247,"send":0,"wait":249,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrth.lol/auth/login","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-08-18T17:27:03.316Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrth.lol","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 16:32:34 GMT","end":"Mon, 27 Oct 2025 16:32:33 GMT"},"fingerprint":{"sha1":"62:A6:D5:DD:63:8A:10:56:D6:EB:FD:0A:2D:C8:DC:C7:7A:2C:5F:76","sha256":"E8:22:42:87:33:85:31:06:46:78:2F:88:D9:CF:A1:16:57:E9:7E:64:F0:0D:AF:61:5C:72:6C:AD:24:E9:C3:1A"}}},"request":{"raw":"GET /auth/login HTTP/1.1\r\nHost: www.xmrth.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nCookie: sl-session=gNYiRN6zpGi5d0HpyChIXQ==; sl-challenge-server=cloud; sl-challenge-jwt=; sl_jwt_session=ApHpKHdwo2hn4VR6+zn4Uw==; sl_jwt_sign=\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ndate: Mon, 18 Aug 2025 17:27:03 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"SweetAlert2:7.25.6","description":"SweetAlert2 is a JavaScript library that provides customisable, visually appealing, and responsive alert and modal dialog boxes for web applications.","website":"https://sweetalert2.github.io/","common_platform_enumeration":"","icon":"SweetAlert2.svg","categories":["JavaScript libraries"]},{"name":"Clipboard.js","description":"","website":"https://clipboardjs.com/","common_platform_enumeration":"","icon":"Clipboard.js.svg","categories":["JavaScript libraries"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Bootstrap:4.1.3","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Popper","description":"Popper is a positioning engine, its purpose is to calculate the position of an element to make it possible to position it near a given reference element.","website":"https://popper.js.org","common_platform_enumeration":"","icon":"Popper.svg","categories":["Miscellaneous"]},{"name":"Moment.js","description":"Moment.js is a free and open-source JavaScript library that removes the need to use the native JavaScript Date object directly.","website":"https://momentjs.com","common_platform_enumeration":"cpe:2.3:a:momentjs:moment:*:*:*:*:*:*:*:*","icon":"Moment.js.svg","categories":["JavaScript libraries"]}],"data":{"size":10344,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"19963518786355792364efec360dc699","sha1":"46624b1db8c4552fef4e200eed696427c9ac4e12","sha256":"d29c8b34ebdb463199ea0af7bd6e1d149c515b4cfb0d0dcdad0cc0df4709695f","sha512":"9aa4df60b5b0a2f669b2344def745ad6b0d72f4362a1076d3b9ae98f468c29753c11a6d2b1a13cdd3377fe93b718f9a1585557de037b1d3633cbceedf75dc529","ssdeep":"192:xfAqnEECEMwu6x/uTN5Z9bbaBaUV+47EyjbC9yEKLaFMjSqxyOAM:xfAKEESk2TNNeo92L3gM","tlshash":"ae22a52818f14922016360e86af9d51b3e51e107d54bce147afc5fc42fc7faa8e67718","first_seen":"2025-08-18T17:27:25.371433Z","last_seen":"2025-08-18T17:27:25.371433Z","times_seen":1,"resource_available":false,"data":null}},"time_used":463,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":463,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrth.lol/theme/malio/assets/css/components.css","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.xmrth.lol/auth/login","date":"2025-08-18T17:27:03.973Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrth.lol","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 16:32:34 GMT","end":"Mon, 27 Oct 2025 16:32:33 GMT"},"fingerprint":{"sha1":"62:A6:D5:DD:63:8A:10:56:D6:EB:FD:0A:2D:C8:DC:C7:7A:2C:5F:76","sha256":"E8:22:42:87:33:85:31:06:46:78:2F:88:D9:CF:A1:16:57:E9:7E:64:F0:0D:AF:61:5C:72:6C:AD:24:E9:C3:1A"}}},"request":{"raw":"GET /theme/malio/assets/css/components.css HTTP/1.1\r\nHost: www.xmrth.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.xmrth.lol/auth/login\r\nCookie: sl-session=gNYiRN6zpGi5d0HpyChIXQ==; sl-challenge-server=cloud; sl-challenge-jwt=; sl_jwt_session=ApHpKHdwo2hn4VR6+zn4Uw==; sl_jwt_sign=\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ndate: Mon, 18 Aug 2025 17:27:04 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 05 Mar 2022 15:16:00 GMT\r\nvary: Accept-Encoding\r\netag: W/\"62237eb0-339ce\"\r\nexpires: Tue, 19 Aug 2025 05:27:04 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":211406,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (30420)","md5":"cac459b9fa3fa1fc038e88aab93214f7","sha1":"b8a34aa55255dd7693db005255695f1b8cd9d722","sha256":"f25af3c9903502a9e56f093554d7557ca3cd8eb7b0de3b9af2f6d50679a8afba","sha512":"1b8c268be6d662e34ab9e5f348b2cc9a9a383c4edf5a6ecbc485c48ab67c982af563b81d64ceda08c87e527e47343059e51c1838c8058faca5cd63758d5777ea","ssdeep":"6144:fiXgFVZhA93FOxxovAVRp1t/En38Apw5H3SL8zu+n1Qo0GOvrUgxQUq:fiwFNA93FfvARpe3nw5Fu+n1UGODX8","tlshash":"3c24bf73dba71908792658985bfe53813e680403a649ceb8bedd316ccf8c6c058f2b5d","first_seen":"2023-06-16T19:20:42Z","last_seen":"2026-04-19T14:48:04.979243Z","times_seen":46,"resource_available":false,"data":null}},"time_used":865,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":865,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrth.lol/assets/npm/jquery.nicescroll@3.7.6/jquery.nicescroll.min.js","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.xmrth.lol/auth/login","date":"2025-08-18T17:27:03.987Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrth.lol","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 16:32:34 GMT","end":"Mon, 27 Oct 2025 16:32:33 GMT"},"fingerprint":{"sha1":"62:A6:D5:DD:63:8A:10:56:D6:EB:FD:0A:2D:C8:DC:C7:7A:2C:5F:76","sha256":"E8:22:42:87:33:85:31:06:46:78:2F:88:D9:CF:A1:16:57:E9:7E:64:F0:0D:AF:61:5C:72:6C:AD:24:E9:C3:1A"}}},"request":{"raw":"GET /assets/npm/jquery.nicescroll@3.7.6/jquery.nicescroll.min.js HTTP/1.1\r\nHost: www.xmrth.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.xmrth.lol/auth/login\r\nCookie: sl-session=gNYiRN6zpGi5d0HpyChIXQ==; sl-challenge-server=cloud; sl-challenge-jwt=; sl_jwt_session=ApHpKHdwo2hn4VR6+zn4Uw==; sl_jwt_sign=\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ndate: Mon, 18 Aug 2025 17:27:04 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 28 Jul 2022 04:40:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"62e2133e-eb12\"\r\nexpires: Tue, 19 Aug 2025 05:27:04 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":60178,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (59832)","md5":"abc14d7328aea1752d30a12381f579af","sha1":"2c8068646e398cc77b09bcab4ad8f40b8ceb36f5","sha256":"428928bb998b4636b5eed9daa8b116b38542ec63a8573de3f61b3de3b2b7ce9b","sha512":"7eeb70a21e3d3a690972d6e9e41934cb9d572767c2e742d8c6ad5e4f98687c34e6fc4e398c68cea7c3c1c829c24ea0a8d75c71dafa4d7d7a6bd6dd93d3f78f6d","ssdeep":"768:rPMzXWojPjh2/3YsvZoIGFaC5rPRcUsdhM8rViuB9:r0jr8tCIGFaC5rPJNY3B9","tlshash":"1543a7cdb523356b01ce5235d18f4a46623aa846770bd0d87628dcf42d69ab9f227f3c","first_seen":"2023-03-13T00:12:08Z","last_seen":"2026-04-19T14:48:04.98165Z","times_seen":38,"resource_available":true,"data":null}},"time_used":852,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":852,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/nunito/v31/XRXV3I6Li01BKofINeaB.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.xmrth.lol/auth/login","date":"2025-08-18T17:27:05.958Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:35:11 GMT","end":"Mon, 29 Sep 2025 08:35:10 GMT"},"fingerprint":{"sha1":"43:A0:95:35:FB:C7:02:15:92:9E:20:20:0D:0A:E7:8F:93:61:52:CD","sha256":"F1:59:AE:4E:F0:84:C7:D9:0F:67:4F:CB:FE:A6:ED:7D:47:17:4F:83:AA:B4:ED:FE:F5:F2:69:A8:AB:43:0E:0B"}}},"request":{"raw":"GET /s/nunito/v31/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.xmrth.lol\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 39104\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 14 Aug 2025 10:32:03 GMT\r\nexpires: Fri, 14 Aug 2026 10:32:03 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Thu, 29 May 2025 23:46:18 GMT\r\ncontent-type: font/woff2\r\nage: 370503\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":39104,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 39104, version 1.0","md5":"6009e68ecba183fb9a2b7932afbc82fc","sha1":"15caf30c763b8e49f9a4c247a60b2d5230c865c4","sha256":"24049eb07de61e14aa9e8654cb8450ff06f52152f007f6b10b9d1836de36aa0e","sha512":"0d9549fe4adc7798e5825d2ba4191585451ff0f8cd5da32cb77ce24873c696b7a7e1277c80676df56de6a70be009c927d52a2d098c29299e7fc55d3e3d94c7b2","ssdeep":"768:W74CUaLrqxd9HUjIuD1gzyYU4PIRWzBcomD4IF+W:etUaL2dyjIE+zeK6omT0W","tlshash":"8503f1c312096560fe169bfef389c34eaaa7ceb1b9d644900b711c9cf99ad6130e0813","first_seen":"2025-06-02T18:51:18.970314Z","last_seen":"2026-04-21T13:36:46.450189Z","times_seen":3128,"resource_available":false,"data":null}},"time_used":198,"timings":{"blocked":89,"dns":1,"connect":10,"send":0,"wait":9,"receive":10,"ssl":75},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"image.crisp.chat/avatar/operator/a2f91043-bb82-4760-b504-a76fb1c25fd5/60/?1737222594551","fqdn":"image.crisp.chat","domain":"crisp.chat","tld":"chat"},"ip":{"addr":"104.18.28.104","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrth.lol/auth/login","date":"2025-08-18T17:27:09.016Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crisp.chat","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 04 Jul 2025 01:27:25 GMT","end":"Thu, 02 Oct 2025 02:27:22 GMT"},"fingerprint":{"sha1":"7E:64:40:24:6C:D3:0D:F5:01:3C:9B:56:75:0D:17:1F:BE:27:95:B5","sha256":"25:62:AD:04:D5:F6:49:2F:91:8C:28:6D:E1:F7:48:AE:C6:CB:F6:F4:49:8E:AA:B7:1E:EA:80:10:8B:9F:F2:FF"}}},"request":{"raw":"GET /avatar/operator/a2f91043-bb82-4760-b504-a76fb1c25fd5/60/?1737222594551 HTTP/1.1\r\nHost: image.crisp.chat\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.xmrth.lol/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 18 Aug 2025 17:27:09 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\ncf-ray: 97131ec95c524e58-ARN\r\ncache-control: public, max-age=315360000\r\ncross-origin-resource-policy: cross-origin\r\nexpires: Thu, 16 Aug 2035 17:27:09 GMT\r\nlast-modified: Sun, 17 Aug 2025 19:03:42 GMT\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"6d22e4f2d2057c6e8d6fab098e76e80f","sha1":"b80b11203d97fe01c5597ca3be70406ea48f5709","sha256":"afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277","sha512":"95dd0e4944b1541a9be48a60a1a105fcfa0d69dd215abaa9c1771adecc5ee0c0fe91d0eb367b6d46a4f8b2e06e6fb962d56dfc1c53f1f62cc8b314710628cb1e","ssdeep":"","tlshash":"ed900003eb800003e2bae0320b0e0b80238cac200ebc030b80aeb0acecba2a00c03020","first_seen":"2023-04-05T05:18:26Z","last_seen":"2026-04-21T15:53:29.028821Z","times_seen":17097,"resource_available":true,"data":null}},"time_used":74,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":74,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrth.lol/user","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-08-18T17:26:53.846Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrth.lol","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 16:32:34 GMT","end":"Mon, 27 Oct 2025 16:32:33 GMT"},"fingerprint":{"sha1":"62:A6:D5:DD:63:8A:10:56:D6:EB:FD:0A:2D:C8:DC:C7:7A:2C:5F:76","sha256":"E8:22:42:87:33:85:31:06:46:78:2F:88:D9:CF:A1:16:57:E9:7E:64:F0:0D:AF:61:5C:72:6C:AD:24:E9:C3:1A"}}},"request":{"raw":"GET /user HTTP/1.1\r\nHost: www.xmrth.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 468 No Reason Phrase\r\nserver: Tengine\r\ndate: Mon, 18 Aug 2025 17:26:54 GMT\r\ncontent-type: text/html\r\ncontent-length: 14892\r\nset-cookie: sl-session=gNYiRN6zpGi5d0HpyChIXQ==; SameSite=None; Secure; Path=/; Max-Age=86400; HttpOnly\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"468","status_text":"No Reason Phrase","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":14892,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (14560), with no line terminators","md5":"df17477fb6bc13410845c831680ac546","sha1":"a389737ee6ca5c52fda227e34ead00b614e83930","sha256":"645e5f41bdbe2d0a331df59d2f8356c277c7af0bd9da6ece2d3d4b90d02407d3","sha512":"2c21a5e5da474eca0d820ba3274f2de7142014ce268ef32ca5b0bb6f922d06ca5402c2be58d1f98bf626faf9f7141174d7d0762b920923c5b2881e3a85653384","ssdeep":"192:gXWgmHhrHcu+xZ4Il/20M+fIgoiJLNlgnfyHX1poP+8DrrNTIgpbIu59i3dVuAls:+m5ctxZ4SIgoOQUYt/z2uzi3OtObI","tlshash":"5862a0897736c4a9118706fc7a9f7b8e2739356d72825304b25eea145fc759c9f07c10","first_seen":"2025-08-18T17:27:25.374891Z","last_seen":"2025-08-18T17:27:25.374891Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1739,"timings":{"blocked":584,"dns":1,"connect":287,"send":0,"wait":569,"receive":1,"ssl":294},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrth.lol/theme/malio/assets/img/stisla-fill.svg","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrth.lol/auth/login","date":"2025-08-18T17:27:03.974Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrth.lol","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 16:32:34 GMT","end":"Mon, 27 Oct 2025 16:32:33 GMT"},"fingerprint":{"sha1":"62:A6:D5:DD:63:8A:10:56:D6:EB:FD:0A:2D:C8:DC:C7:7A:2C:5F:76","sha256":"E8:22:42:87:33:85:31:06:46:78:2F:88:D9:CF:A1:16:57:E9:7E:64:F0:0D:AF:61:5C:72:6C:AD:24:E9:C3:1A"}}},"request":{"raw":"GET /theme/malio/assets/img/stisla-fill.svg HTTP/1.1\r\nHost: www.xmrth.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.xmrth.lol/auth/login\r\nCookie: sl-session=gNYiRN6zpGi5d0HpyChIXQ==; sl-challenge-server=cloud; sl-challenge-jwt=; sl_jwt_session=ApHpKHdwo2hn4VR6+zn4Uw==; sl_jwt_sign=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ndate: Mon, 18 Aug 2025 17:27:04 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 983\r\nlast-modified: Sat, 05 Mar 2022 15:16:01 GMT\r\netag: \"62237eb1-3d7\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":983,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"3084ac12055dbd904318ef68cceb2921","sha1":"b4691126c8eac8dac9f491a38415ad57b73e5afe","sha256":"b3ebd0d2307bfc0cf78717093ec82187490a6cd400f5fea05afcf0a089ccab96","sha512":"2eb2bebc9b0397171d6aff7d326bc663170a67316a21904f96557961bdf61add144b5198522c84e832bf0b754d3008a99f2305894164072c39012d05b24cf511","ssdeep":"","tlshash":"2111547e02fd2b73596687aca0d4708ab01d2806f7a8c19dabb31b38d8256f20430571","first_seen":"2023-08-27T13:01:17Z","last_seen":"2026-04-19T14:48:04.980093Z","times_seen":36,"resource_available":false,"data":null}},"time_used":439,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":439,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrth.lol/assets/npm/sweetalert2@7.25.6/dist/sweetalert2.all.min.js","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.xmrth.lol/auth/login","date":"2025-08-18T17:27:03.993Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrth.lol","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 16:32:34 GMT","end":"Mon, 27 Oct 2025 16:32:33 GMT"},"fingerprint":{"sha1":"62:A6:D5:DD:63:8A:10:56:D6:EB:FD:0A:2D:C8:DC:C7:7A:2C:5F:76","sha256":"E8:22:42:87:33:85:31:06:46:78:2F:88:D9:CF:A1:16:57:E9:7E:64:F0:0D:AF:61:5C:72:6C:AD:24:E9:C3:1A"}}},"request":{"raw":"GET /assets/npm/sweetalert2@7.25.6/dist/sweetalert2.all.min.js HTTP/1.1\r\nHost: www.xmrth.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.xmrth.lol/auth/login\r\nCookie: sl-session=gNYiRN6zpGi5d0HpyChIXQ==; sl-challenge-server=cloud; sl-challenge-jwt=; sl_jwt_session=ApHpKHdwo2hn4VR6+zn4Uw==; sl_jwt_sign=\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ndate: Mon, 18 Aug 2025 17:27:04 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 28 Jul 2022 04:40:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"62e2133e-ef42\"\r\nexpires: Tue, 19 Aug 2025 05:27:04 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":61250,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (34139)","md5":"7b471f58f305e9fa3d087a1876dfef1e","sha1":"b22d5df9f483a9c35f383770863ea23410dc6b71","sha256":"b9bd803d91be1e7ef83e7accab970189df033107a2e60d33ade907d9a43db265","sha512":"2f3249624545943a93fbcf71ed244548ede0f3501475718c6644e9b6457542afa1d1361e7fb3c4a4f5d14f7085aca1a125a6c84076eec6512405203e06363d8d","ssdeep":"768:uvoUJZWoDX7ZYaEdD2uRfUutRuo2uvDUG08i0+t3WpE9QUbcGJBZBNmshdT6:uzZWm7o1p/KodrTsVWOaUrJBN8","tlshash":"37533ca229803117967b8a7955ded50c76b49106fc330c58b128d0984ffbe8f15b7bbb","first_seen":"2023-03-13T00:12:08Z","last_seen":"2026-04-19T14:48:04.971252Z","times_seen":48,"resource_available":true,"data":null}},"time_used":998,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":998,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"client.crisp.chat/l.js","fqdn":"client.crisp.chat","domain":"crisp.chat","tld":"chat"},"ip":{"addr":"104.18.28.104","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.xmrth.lol/auth/login","date":"2025-08-18T17:27:05.923Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crisp.chat","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 04 Jul 2025 01:27:25 GMT","end":"Thu, 02 Oct 2025 02:27:22 GMT"},"fingerprint":{"sha1":"7E:64:40:24:6C:D3:0D:F5:01:3C:9B:56:75:0D:17:1F:BE:27:95:B5","sha256":"25:62:AD:04:D5:F6:49:2F:91:8C:28:6D:E1:F7:48:AE:C6:CB:F6:F4:49:8E:AA:B7:1E:EA:80:10:8B:9F:F2:FF"}}},"request":{"raw":"GET /l.js HTTP/1.1\r\nHost: client.crisp.chat\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.xmrth.lol/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 18 Aug 2025 17:27:05 GMT\r\ncontent-type: application/javascript\r\ncontent-encoding: br\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: Content-Type, Origin\r\naccess-control-allow-methods: HEAD, GET, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 300\r\ncache-control: public, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\netag: W/\"6899f9b1-2412\"\r\nexpires: Tue, 19 Aug 2025 17:27:05 GMT\r\nlast-modified: Mon, 11 Aug 2025 14:09:53 GMT\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 11355\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 97131eb62ed70b4d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9234,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (9139)","md5":"7524d07a98ab4d86184c812b68e0bb79","sha1":"5bd84372d12bc7ba4e6b0d02b3a6b261bbd0131c","sha256":"9ad6ffd9c5b7e8c58ba2d98eb877b3bb70829372d04ead94835f5ac740c62188","sha512":"c7e7a752b0a9ca783a644033615dcf0439ef96720b27121a9c1323302d9ca3f126bd8927c35d8bf1b72853c30cf98e0cac58be215aeaaba0d5ddad6343b84b7b","ssdeep":"192:L4pTqUSfZ0VsUS/gK12c9MOSHvvraLwThPrWSh3PIlUw2NYYTAviXIL/ebeLurmN:L45E+E/gk9yLwYFK2iYTA++5N","tlshash":"7b12a32975716531019392da5a3b2a0af033622a1c16851db079dcf9292cdcfe12bfff","first_seen":"2025-08-12T03:30:15.112578Z","last_seen":"2025-11-24T18:56:42.430973Z","times_seen":157,"resource_available":true,"data":null}},"time_used":70,"timings":{"blocked":25,"dns":0,"connect":2,"send":0,"wait":21,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"client.crisp.chat/static/javascripts/client.js?71d3864","fqdn":"client.crisp.chat","domain":"crisp.chat","tld":"chat"},"ip":{"addr":"104.18.28.104","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.xmrth.lol/auth/login","date":"2025-08-18T17:27:06.038Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crisp.chat","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 04 Jul 2025 01:27:25 GMT","end":"Thu, 02 Oct 2025 02:27:22 GMT"},"fingerprint":{"sha1":"7E:64:40:24:6C:D3:0D:F5:01:3C:9B:56:75:0D:17:1F:BE:27:95:B5","sha256":"25:62:AD:04:D5:F6:49:2F:91:8C:28:6D:E1:F7:48:AE:C6:CB:F6:F4:49:8E:AA:B7:1E:EA:80:10:8B:9F:F2:FF"}}},"request":{"raw":"GET /static/javascripts/client.js?71d3864 HTTP/1.1\r\nHost: client.crisp.chat\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.xmrth.lol/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 18 Aug 2025 17:27:06 GMT\r\ncontent-type: application/javascript\r\ncontent-encoding: br\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: Content-Type, Origin\r\naccess-control-allow-methods: HEAD, GET, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 300\r\ncache-control: public, max-age=315360000\r\ncross-origin-resource-policy: cross-origin\r\netag: W/\"6899f9b1-5e1b7\"\r\nexpires: Thu, 16 Aug 2035 17:27:06 GMT\r\nlast-modified: Mon, 11 Aug 2025 14:09:53 GMT\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 11384\r\npriority: u=3,i=?0\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 97131eb6cb9d4e58-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":385463,"size_decoded":0,"mime_type":"application/javascript","magic":"data","md5":"47914a5ece6d6d60e4f4d83263e030f3","sha1":"4e7ff52157fe3849b1f903d8f2114320b12a3ab7","sha256":"908d3adfe003180e67f6ae45be1527dadeff8e045de865e964dd512c273c2967","sha512":"3ab0319d38936773bb89aa296ec5361a305b46056c5e29d9396c120f7aa7b3198c1aad44a2b73019c907b14ed9d2647b7a42d6a65a81321f5519612e918319dd","ssdeep":"3072:hq4l5OW2RiPEiGZ1G3p2BIQjXrPBY2C8f7NtJ3axtr4wxXVsJNGXjL3mjxi60:hq4l8W2RiPEiGZ03pXQrhhar4w7q0","tlshash":"ae84fa4db27160b246d351a2583f1b06b23b6a2d3846446cb26dedf91c7cdde211bfb8","first_seen":"2025-08-12T03:30:15.121041Z","last_seen":"2025-09-06T11:06:18.690461Z","times_seen":156,"resource_available":true,"data":null}},"time_used":57,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":34,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"openfpcdn.io/fingerprintjs/v3","fqdn":"openfpcdn.io","domain":"openfpcdn.io","tld":"io"},"ip":{"addr":"54.240.174.124","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.xmrth.lol/auth/login","date":"2025-08-18T17:27:06.157Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"openfpcdn.io","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Wed, 27 Nov 2024 00:00:00 GMT","end":"Sat, 27 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"DB:8B:1E:08:FC:EE:6F:56:28:0B:74:80:37:E0:DE:69:D3:59:96:8D","sha256":"C1:3F:58:99:2C:D2:A0:B9:C0:DA:6D:01:AE:FD:93:AB:09:79:09:0C:A8:0B:EB:21:23:E9:A8:78:90:96:EE:55"}}},"request":{"raw":"GET /fingerprintjs/v3 HTTP/1.1\r\nHost: openfpcdn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.xmrth.lol\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.xmrth.lol/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/javascript; charset=utf-8\r\nserver: CloudFront\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\ncontent-encoding: gzip\r\ndate: Mon, 18 Aug 2025 15:53:31 GMT\r\ncache-control: public, max-age=630966, s-maxage=11143\r\netag: W/\"hurxpFJ1hzJm8rhSSUCMgpelT2E\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-amz-cf-id: YgB6o_OPwtQatjQy0mnqLCbie02Wq7jylaiQ13aEKouj26m9xI2Iwg==\r\nage: 5638\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":33442,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (33109)","md5":"ef5a1ccf6a53cc40021bfd4647f82b4a","sha1":"86eaf1a45275873266f2b85249408c8297a54f61","sha256":"57281521094dd6fe0d1997e31eab51a203b0f338d39e730d260fdfecce621905","sha512":"16923eaa089ee9d2d5a4e7a02cdbd31da35c8ce7d61e0d7e1bc8a6aa0648c358ad5d5f9ce5aaec4c5247475b8192af167e7fa6941d4fe181c5e01f28ff8537d7","ssdeep":"384:fQQYf1KNHRJijKLE6wXegKHqHTBMmwZCKQLFKA5+pCqNFaiE8E0QIQfJJcChs9RW:fR1HRxf6Hc9NwlJJAbc1GPgJN","tlshash":"9be2f6d8b2c3b02a227368b6497f6007b63bbd54241d4843d57bd4c17ca5e9a813bfb9","first_seen":"2023-07-07T06:15:03Z","last_seen":"2026-04-21T06:04:54.957731Z","times_seen":4477,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":19,"dns":13,"connect":1,"send":0,"wait":2,"receive":0,"ssl":6},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.org/js/telegram-widget.js?4","fqdn":"telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.xmrth.lol/auth/login","date":"2025-08-18T17:27:06.207Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Mon, 11 Aug 2025 13:36:48 GMT","end":"Sat, 12 Sep 2026 13:36:48 GMT"},"fingerprint":{"sha1":"85:08:98:2F:A3:60:90:21:E8:78:21:C8:A4:96:E1:A2:E6:9D:2C:64","sha256":"49:35:FF:BC:17:D1:E9:B3:15:37:E4:67:C2:3A:A0:69:6C:37:DC:52:3F:7C:02:D6:30:C4:6E:45:7C:CA:F0:D2"}}},"request":{"raw":"GET /js/telegram-widget.js?4 HTTP/1.1\r\nHost: telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.xmrth.lol/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Mon, 18 Aug 2025 17:27:06 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 03 Apr 2023 11:46:12 GMT\r\netag: W/\"642abc84-4ff5\"\r\nexpires: Fri, 22 Aug 2025 17:27:06 GMT\r\ncache-control: max-age=345600\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20469,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (423)","md5":"1ff8b98c72268de58837846f2056c65a","sha1":"e77fcc14f1efd17d319c9f82627e5789333b9dbe","sha256":"0f6cdd09b3bbebf50c4e1679aff6f021f5e183a4ba2dea3a0801394599ff6afd","sha512":"1a680a7e87f16520da934f4034cdc601ebef9c306c7f5e3ea165588f044142cadcf5eb06cefedc8ea7768ff63830586a2776351c7b9429f1e33b639adca5f1ed","ssdeep":"384:+vLsc8o/o9o7IFdWDoCzh3o4t6/7c8cBoYgNqPb:YLfwu7SU0CF3gLcHPb","tlshash":"2492819e1af72224a567713a4b5fa1093232e163700ddc503e6c5b90bf90a6767b0fdd","first_seen":"2023-04-05T01:44:44Z","last_seen":"2026-04-21T10:42:44.376647Z","times_seen":2539,"resource_available":true,"data":null}},"time_used":300,"timings":{"blocked":140,"dns":14,"connect":18,"send":0,"wait":19,"receive":0,"ssl":106},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrth.lol/assets/npm/bootstrap@4.1.3/dist/css/bootstrap.min.css","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.xmrth.lol/auth/login","date":"2025-08-18T17:27:03.965Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrth.lol","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 16:32:34 GMT","end":"Mon, 27 Oct 2025 16:32:33 GMT"},"fingerprint":{"sha1":"62:A6:D5:DD:63:8A:10:56:D6:EB:FD:0A:2D:C8:DC:C7:7A:2C:5F:76","sha256":"E8:22:42:87:33:85:31:06:46:78:2F:88:D9:CF:A1:16:57:E9:7E:64:F0:0D:AF:61:5C:72:6C:AD:24:E9:C3:1A"}}},"request":{"raw":"GET /assets/npm/bootstrap@4.1.3/dist/css/bootstrap.min.css HTTP/1.1\r\nHost: www.xmrth.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.xmrth.lol/auth/login\r\nCookie: sl-session=gNYiRN6zpGi5d0HpyChIXQ==; sl-challenge-server=cloud; sl-challenge-jwt=; sl_jwt_session=ApHpKHdwo2hn4VR6+zn4Uw==; sl_jwt_sign=\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ndate: Mon, 18 Aug 2025 17:27:04 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 28 Jul 2022 04:40:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"62e2133e-22688\"\r\nexpires: Tue, 19 Aug 2025 05:27:04 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":140936,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65324)","md5":"04aca1f4cd3ec3c05a75a879f3be75a3","sha1":"675fcf28f9fbf37139d3b2c0b676f96f601a4203","sha256":"7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11","sha512":"890415fa75ed065992dd7883aed98bfbdfd9fa26eec7e62ea30263238adca4eecd6204f37d33a214d9b4f645ad7d9cc407d7d0e93c0e55cf251555a8a05b83ff","ssdeep":"1536:un1QWSUPBT+QYYDnDEBi82NcuSEz/NvT/gIENM6HN26e:q1L7PDxYIENM6HN26e","tlshash":"bdd373a7f5a0312da467c61864d0bafe156f8285d7221ffaf42737644b895cb0a73e0c","first_seen":"2023-04-05T03:23:19Z","last_seen":"2026-04-21T15:35:19.125384Z","times_seen":20001,"resource_available":false,"data":null}},"time_used":546,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":546,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrth.lol/assets/npm/jquery@3.2.1/dist/jquery.min.js","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.xmrth.lol/auth/login","date":"2025-08-18T17:27:03.976Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrth.lol","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 16:32:34 GMT","end":"Mon, 27 Oct 2025 16:32:33 GMT"},"fingerprint":{"sha1":"62:A6:D5:DD:63:8A:10:56:D6:EB:FD:0A:2D:C8:DC:C7:7A:2C:5F:76","sha256":"E8:22:42:87:33:85:31:06:46:78:2F:88:D9:CF:A1:16:57:E9:7E:64:F0:0D:AF:61:5C:72:6C:AD:24:E9:C3:1A"}}},"request":{"raw":"GET /assets/npm/jquery@3.2.1/dist/jquery.min.js HTTP/1.1\r\nHost: www.xmrth.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.xmrth.lol/auth/login\r\nCookie: sl-session=gNYiRN6zpGi5d0HpyChIXQ==; sl-challenge-server=cloud; sl-challenge-jwt=; sl_jwt_session=ApHpKHdwo2hn4VR6+zn4Uw==; sl_jwt_sign=\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ndate: Mon, 18 Aug 2025 17:27:04 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 28 Jul 2022 04:40:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"62e2133e-15283\"\r\nexpires: Tue, 19 Aug 2025 05:27:04 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":86659,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32058)","md5":"c9f5aeeca3ad37bf2aa006139b935f0a","sha1":"1055018c28ab41087ef9ccefe411606893dabea2","sha256":"87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de","sha512":"dcff2b5c2b8625d3593a7531ff4ddcd633939cc9f7acfeb79c18a9e6038fdaa99487960075502f159d44f902d965b0b5aed32b41bfa66a1dc07d85b5d5152b58","ssdeep":"1536:YNhEyjjTikEJO4edXXe9J578go6MWX2xkj8e4c4j2ll2AckaXEP6n15HZ+FhFcQ7:uxc2yjx4j2uX/kcQDU8Cu9","tlshash":"4483e6d9b2c67062977730b950bf410bb17a98dab44c8c60f158d9d47eb8a8d907bf2c","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-21T16:19:28.656378Z","times_seen":79953,"resource_available":true,"data":null}},"time_used":863,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":863,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrth.lol/assets/npm/popper.js@1.14.4/dist/umd/popper.min.js","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.xmrth.lol/auth/login","date":"2025-08-18T17:27:03.978Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrth.lol","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 16:32:34 GMT","end":"Mon, 27 Oct 2025 16:32:33 GMT"},"fingerprint":{"sha1":"62:A6:D5:DD:63:8A:10:56:D6:EB:FD:0A:2D:C8:DC:C7:7A:2C:5F:76","sha256":"E8:22:42:87:33:85:31:06:46:78:2F:88:D9:CF:A1:16:57:E9:7E:64:F0:0D:AF:61:5C:72:6C:AD:24:E9:C3:1A"}}},"request":{"raw":"GET /assets/npm/popper.js@1.14.4/dist/umd/popper.min.js HTTP/1.1\r\nHost: www.xmrth.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.xmrth.lol/auth/login\r\nCookie: sl-session=gNYiRN6zpGi5d0HpyChIXQ==; sl-challenge-server=cloud; sl-challenge-jwt=; sl_jwt_session=ApHpKHdwo2hn4VR6+zn4Uw==; sl_jwt_sign=\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ndate: Mon, 18 Aug 2025 17:27:04 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 28 Jul 2022 04:40:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"62e2133e-5038\"\r\nexpires: Tue, 19 Aug 2025 05:27:04 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":20536,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (20363)","md5":"84910d80281fc6b554f4ae2d14612494","sha1":"af6f046adaab7e1501adee034fb7c366b8c059fc","sha256":"106b3d4f5c4c1ddbccd6078cf233e9a28f04675575551b26709cfc381c8434b0","sha512":"7462b0c500aa4a276bfcb80f0588d9a09446cd66b0e5a0bfe680878163d0e0f1aa97f854860e6a6a68a1fa165ecae9c1cd053997545adf350f74ca60162dcdb9","ssdeep":"384:fYhLSLf4UzgCyKnxRsyPMbOXrEQAkxHOxvqAQD75zfS5vIXm3YzGp/ARdOgHhgz/:ILSLAUzgCpRMbcxHOxvwD7pS5vezy/A2","tlshash":"e292b3dc3294b0a647ab91a7a07f960eb2335875610e9410f19df2d97c30ef9613bc79","first_seen":"2023-03-07T12:07:09Z","last_seen":"2026-04-19T19:03:31.440162Z","times_seen":489,"resource_available":true,"data":null}},"time_used":640,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":640,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrth.lol/assets/npm/clipboard@2/dist/clipboard.min.js","fqdn":"www.xmrth.lol","domain":"xmrth.lol","tld":"lol"},"ip":{"addr":"47.239.193.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.xmrth.lol/auth/login","date":"2025-08-18T17:27:03.994Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xmrth.lol","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 16:32:34 GMT","end":"Mon, 27 Oct 2025 16:32:33 GMT"},"fingerprint":{"sha1":"62:A6:D5:DD:63:8A:10:56:D6:EB:FD:0A:2D:C8:DC:C7:7A:2C:5F:76","sha256":"E8:22:42:87:33:85:31:06:46:78:2F:88:D9:CF:A1:16:57:E9:7E:64:F0:0D:AF:61:5C:72:6C:AD:24:E9:C3:1A"}}},"request":{"raw":"GET /assets/npm/clipboard@2/dist/clipboard.min.js HTTP/1.1\r\nHost: www.xmrth.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.xmrth.lol/auth/login\r\nCookie: sl-session=gNYiRN6zpGi5d0HpyChIXQ==; sl-challenge-server=cloud; sl-challenge-jwt=; sl_jwt_session=ApHpKHdwo2hn4VR6+zn4Uw==; sl_jwt_sign=\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ndate: Mon, 18 Aug 2025 17:27:04 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 28 Jul 2022 04:40:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"62e2133e-234a\"\r\nexpires: Tue, 19 Aug 2025 05:27:04 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":9034,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (8941)","md5":"ad98572d415d2f2452845a6068a913c0","sha1":"6674f81dd01c76be986cf0a8172d1073e56d7ef4","sha256":"baff7541be9c20f7f977f6993ce39cfa937a7bde69db6e7beebb8f68372682a1","sha512":"3c88ac453f2615f771c7df6032ced6018e46a7e0ad8d86312af17ddf0f32580bd7e78f1404d0031eeed091abe0afac911be6aca1ca9fba4e5cae335de73f6ce9","ssdeep":"192:RJBFlYPHiG9JyHg4LyAahp1v/N/MosfkApXMdgmkpj:R9yKG9JKziVF/MF/XMmmkpj","tlshash":"d7126599b291b0b15ad731a8412f920ff3766869708b90d0d279d4f0acbcdde4463f2d","first_seen":"2023-03-07T12:41:35Z","last_seen":"2026-04-21T00:52:33.705217Z","times_seen":17168,"resource_available":true,"data":null}},"time_used":847,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":847,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}