{"report_id":"7523871a-3651-49f6-9313-afc6c08c6482","version":6,"status":"done","tags":[],"date":"2026-01-03T13:21:04Z","url":{"schema":"http","addr":"darino.vip/pages/login/register?promo_code=6B4AB323","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"104.21.41.90","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"darino.vip/pages/index/index","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"title":"LinkRewards Earn money so easy!","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"darino.vip/pages/login/register?promo_code=6B4AB323","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"104.21.41.90","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-07T13:21:04Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"api.darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"darino.vip","ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-09-24","domain_rank":0,"first_seen":"2026-01-03T11:17:10.720092Z","last_seen":"2026-01-03T11:17:11.244814Z","alert_count":52,"request_count":52,"received_data":1433069,"sent_data":23892,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"api.darino.vip","ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-09-24","domain_rank":0,"first_seen":"2026-01-01T10:58:56.410213Z","last_seen":"2026-01-01T10:58:57.558444Z","alert_count":16,"request_count":16,"received_data":24931,"sent_data":8274,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"at.alicdn.com","ip":{"addr":"47.246.44.178","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"domain_registered":"2008-06-25","domain_rank":96084,"first_seen":"2013-11-28T05:03:29Z","last_seen":"2025-12-29T07:58:42.872619Z","alert_count":0,"request_count":1,"received_data":56823,"sent_data":513,"comment":"","tags":null,"fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}]},{"fqdn":"cdn.dcloud.net.cn","ip":{"addr":"118.25.42.241","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"domain_registered":"2013-07-17","domain_rank":296858,"first_seen":"2018-09-15T09:18:08Z","last_seen":"2025-12-29T10:40:39.031637Z","alert_count":0,"request_count":1,"received_data":578,"sent_data":441,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"challenges.cloudflare.com","ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":11393,"first_seen":"2021-10-20T05:02:03Z","last_seen":"2025-12-28T22:36:13.046248Z","alert_count":0,"request_count":3,"received_data":101078,"sent_data":1694,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"darino.vip/assets/u-popup.efd305fc.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"abae03e4193832cfd936a841854a7270","sha1":"13defe0d9deab66857731c72f80e09dc5e998208","sha256":"d7952847a129c86ce828a6e664d999a5c0c5ba31c2290737e0a6bc3f2f635208","sha512":"24d50dd17f2bf26969cecabfb8f7b75f998062ad1770bded0cccb3ac1be95d8fe5c1b383fb1f6c0590d79f2e8a833357d7104ede2c8d347dec1deb67170e3396","ssdeep":"192:b/t5laK7ATzdBGv+AuSkDcTfiv6olgNAzzt4vAw:bV5vATzdSTT6tMMpg","tlshash":"e8e18454f406b935099be19541500600923e990cff78abfc7fee51e787ef458725ab38","size":7214,"data":"","first_seen":"2026-01-01T10:59:03.000651Z","last_seen":"2026-01-17T14:34:28.245811Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/pages/index/index","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"c3033f934b17840d8f2443dcfdc4f4e8","sha1":"23389a653875b402c718931c5fa15bb5ff58db79","sha256":"4dbbc054b1814682ea810bd50406569aae8d183f1061e20ec5fb444cb8e0f421","sha512":"f5a2a76b9fb2158ffbbc51986e7a6e75166523b6c768956cb9eea60b99b41fd088e3cefced091bd5604142df84447a654c41f5b1d01d58a34912bc293ba594c0","ssdeep":"","tlshash":"80c08cc6a0c62d205602a65120ff36e4a0348026704c2b028c94d8983e230f09233f98","size":151,"data":"","first_seen":"2025-04-02T12:15:09.143734Z","last_seen":"2026-03-14T05:19:40.952008Z","times_seen":16,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/pages/index/index","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"1d6ff86f592c7f4f67b3ad7c5933e6bf","sha1":"1b8f6276b229a76f0211045e6fcf7c1b7e9c3072","sha256":"be4306dfacb0ff8a12a54e89ca61ec2aaf8ccdc28ad03b32316a89478fda4877","sha512":"99c07fb00a787fb0ac216674109f3c0f7c5b03742df816d6df238e79f904afd73260f285450693414ada8558c20ca79902991e1224e523ee711daaf822e6fa3f","ssdeep":"","tlshash":"b4c08cc8a0c63d001622651068af35e49024802af0481b528d94d8482e230f08233e98","size":144,"data":"","first_seen":"2025-06-08T19:05:52.590311Z","last_seen":"2026-04-04T10:40:53.379072Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/pages/index/index","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"73eb0d96f79c749cf25545cc1e5f8995","sha1":"9f9aa08348bcc076b93b603768e56193c9169eea","sha256":"854b6744160ef8623d2c895b28db0031f085540482fb3d337b2b82ed08bc2c41","sha512":"4b96b2ef4c4e4f0432b71f131e15ad54a93803b88bb2ec53b350eaa098236c2fc0316f8c1f29be09c177b279720b4575ca44a6ee87560f3945eec4cfef1b0900","ssdeep":"","tlshash":"eec08cc8a0c22d24661a6a1520ef38e49024402a70482b13cdd4d8482e635b08233e99","size":152,"data":"","first_seen":"2025-06-08T19:05:52.588224Z","last_seen":"2026-04-04T10:40:53.370293Z","times_seen":37,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/pages/index/index","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"d9d67c10bd3017db12a9f49c8a4534b6","sha1":"c378b43495c1077bfa0dedc6324c8eecce56b30f","sha256":"512ffcfd9eeb3aebb82dfca5d5480a7f71f4f82389cecda156a2ce67a68839e8","sha512":"4038c57134356ec815da8c5e22af5184875974e58d54319906ada8df585213facb8980fb4940f1ed5cb2b6f9fd225c918c03e2ca6dfec4289de734a91e48d6bb","ssdeep":"","tlshash":"bac08cc5a0c23d101602641420af34e49024412670485b069d94d8882e220f48233e98","size":139,"data":"","first_seen":"2024-08-21T06:11:12.730428Z","last_seen":"2026-04-04T10:40:53.380882Z","times_seen":56,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/BottomNav.0ec3491d.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"7b0f17cfaf9c9828d371c6becee47a22","sha1":"76bce8472f02920c3c807a52c9e1283a30ce04c4","sha256":"c5d6ba5bdf2b6c0441b9aed9af34596c68271843f85db639692ec1f361041238","sha512":"83329dd71e27e2e7c1223409ed9b240a5612ca9062ed74a468c43727d9d14add77d636eb7a91ce6606b874ceb3fcfe2a040d6c157cdc95166e97f84dd4458dd1","ssdeep":"","tlshash":"2b31020d7d7ad931442176ed1c6948e8821e2698d13cbcc8a1f4cd1a13dac98422ef3f","size":1817,"data":"","first_seen":"2026-01-01T10:59:02.974134Z","last_seen":"2026-01-17T14:34:28.235162Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/api.js","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"dd141df1db41d439d7706c298a369a4c","sha1":"a80c5f6a6fec4acbc3d6d81b9865287b0dd705ea","sha256":"46a2126ccb16841040f55934627c444b0eb965e51f2a7ea90e24e504a56eb56c","sha512":"d2587c387339467aad182f239d9609aa3ec097709e4bef2547cfa5bd2a662bb469bd3cedba19a062021f35b7fd8b6a22d28e9325912e70c491b77ae8ca70a539","ssdeep":"768:2ZCnhL0z2vMpjLUU6mLU10SLgC2GdJj2sg0D5THPN5HKpXEAsG91C+8APDfhv6Yg:2wQ2UpjLUU6mLB22uJd1HAsse","tlshash":"50232a583166397227d980e4617b63437329753ae94ccc50e823d936277cecad237bba","size":50001,"data":"","first_seen":"2025-12-16T18:08:49.681876Z","last_seen":"2026-03-22T10:55:38.115758Z","times_seen":22970,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/index-f60204ba.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f0b3579cb9b48415311a217e041fe380","sha1":"5180ca04809d9bfdea2b31f5cf0344146a6efc9a","sha256":"d1607686cbcf7544c49c05427bf8d32678daef1df1f829f5a08ef1ea53a2152b","sha512":"92b8c0ee3fb4eebfd6af2ed15e43c7f550018400c814fc4311ffad89bed43a7ff04e2898ee29f51930162684a0670e899aa9b55838d94aea980095fa4054a619","ssdeep":"12288:WSvA37oRyvN2Bya7nLSep/myq1G+5sozw92KCe9ByWV6KqC21UHAj2gVIXK3EI3:WSvA37oRyvN2Bya7nLSep/myq1G+5so3","tlshash":"ebe47d89325dfc310be119c2202f3731a2751e51f58bc1c8ec6da95835aee7916abb7c","size":682812,"data":"","first_seen":"2026-01-01T10:59:03.025495Z","last_seen":"2026-01-17T14:34:28.295341Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/pages/login/register?promo_code=6B4AB323","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"6396fe8e98398ebe58597483276ede0c","sha1":"f57d9ab205290025eedda477f39abc79d8c71aac","sha256":"a38ef57b9f087aea153f0b384b2e1cf5465239a1ac84ca1bf008b71725952546","sha512":"895ee045ad1b3b1b1e260f9d2956d3f9e46dc872a21b28b0df2775204ae1cff1f35095c051cfc8b399eadcc649b36385db93c2e38dbb7b3fe36be36be0697051","ssdeep":"","tlshash":"07c08cc9b0c22e112602a61010bf38e4a034802774485b028da8dd483e670f08233e9c","size":149,"data":"","first_seen":"2023-10-29T04:01:47Z","last_seen":"2026-03-31T14:02:05.472632Z","times_seen":45,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/pages/index/index","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"645166273b59d17ef15d0998a0708161","sha1":"d5b8da2e40dd522ba0483a94ee1c34400e024712","sha256":"0e7b89b16e6177beb70ce08d7fc076303df5f0cc1cdb43fe4efd9d4d8d781048","sha512":"d1680b522e71938cbd0ec629d5a29e043201fa17c0e249616b4038c8f1317cd658693ffdedcf7a9b9e9e80a4371599105181f9ea946012463b9e1ee4553ba97d","ssdeep":"","tlshash":"d5c08cc4e0c23d001612641028af34e490244026b04c1b428dd4d8482e230f08233e98","size":139,"data":"","first_seen":"2023-04-13T00:16:19Z","last_seen":"2026-04-04T20:35:14.531653Z","times_seen":482,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/pages/index/index","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"5cddd239ab06f0030632f8dfcccda712","sha1":"97567f1bdb24fc323f5e4206e6e3b2e322e0cf25","sha256":"aa64ec42758484d52be0ecf0df37f6287ca331bef3a74e37d4177ec54d723ae6","sha512":"decf09795040948dd5aa72e410682841bba155363f3cba45e00e626d5ecb1d1961c5ecab1ee31e96c1681ef42f59637f4e888cc375ca38dfc8cb1c4cdd832fc7","ssdeep":"","tlshash":"5dc08cc4a0c22d001612641050af24e4a0344026704c2b038d94d8482e220b09233e98","size":140,"data":"","first_seen":"2023-04-18T07:54:32Z","last_seen":"2026-04-04T10:40:53.377006Z","times_seen":110,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/pages/index/index","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"0f40806f855fc503ec7fe0e2cdc6da5f","sha1":"ad59d99993690064ee6565eea713ee4c5260f572","sha256":"954bc1931a5584c910a5391a0e2c05ba7190f3c672433a85c162ac948a74a44f","sha512":"7ea9c1cffaf640bc7083f2306a134368aa54ae775230a1f1990c43817594d950ecbf94412ea7ab6262bb8add4715ab6fffe7579f85b0a1c07f6acc4f8207cd9e","ssdeep":"","tlshash":"1fc08cc4a0c2ad001a12649010af24e49034402770481b029c94e8492e220b08237e98","size":137,"data":"","first_seen":"2023-04-13T00:16:19Z","last_seen":"2026-04-04T23:55:44.740225Z","times_seen":4418,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/pages/index/index","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"3f23ef503c5da17f8981e2db20ec5365","sha1":"cbf9e9075c4fbe1bb6979164db0c3d55561ff06c","sha256":"3bbf7b5c862f9b6dba34c5d7fff6cfb1b904abe7492dad29122b047089502685","sha512":"33af714cc124e13af1b11e79257f511e24f161bb6faf590cf28baa97c31fbe1ac905eaf171e4eff1645040b48df08244267488f54c898a2b3bb89b9fca783fd7","ssdeep":"","tlshash":"c9c08cc4a0c26e101706641010bfa4e4a024802770881b028c94d8482e220b09233e98","size":139,"data":"","first_seen":"2023-10-22T00:48:10Z","last_seen":"2026-04-04T10:40:53.372079Z","times_seen":89,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/pages/login/register?promo_code=6B4AB323","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d316453d5aa6e24b48678b4f536b1e7b","sha1":"69d1a1b7503fff076b920c90015d79634ac31c76","sha256":"9d704b9e7c1554f294ccb5699f43561233f2cd8de7651c5a2515df733c6dd5d1","sha512":"cdb0bbf88506741fce560346c263b8d5ab0afb6bfdab0db42592716b2f7500b4328f0d60fb1f55a9fdb807b16de8efb068b78ee0fe47a095d0ab91da8af41498","ssdeep":"","tlshash":"fde061c250a7295c06118166345dc5031f6505739e814d513c8c6775cff9f5bc06d858","size":419,"data":"","first_seen":"2025-03-03T13:21:42.107378Z","last_seen":"2026-04-04T10:40:53.379812Z","times_seen":103,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/login.67c6bbf9.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"3f56cfafb7b5e5cf8ac6f122fae10bfb","sha1":"e6a520405bef719edb96e3b4735f963661cb556c","sha256":"045a5b371e52a77c5fb71a74b6f0e01547fb77f6e740bff358d0b4aaa96ed32d","sha512":"b12f91d5ccac22568ffeec165786b2988831ade611d4e85c97ebee16f7a1c7dd087b0e2d72f6b0d34e9bff97fcbc4962a06892ffc4b01535dbad4fbc3f9fb2eb","ssdeep":"","tlshash":"eae0865d98294ab503b355cc1080308a4e3327f85ab871a40e083571c7b298383efa25","size":312,"data":"","first_seen":"2026-01-03T13:21:09.348297Z","last_seen":"2026-01-03T13:21:09.348297Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/pages-login-register.a70fe4f6.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"20d55702da48d79ab95a4480400fc321","sha1":"a6f8318b6c0ca472bcceee436e83d9defbd26c6d","sha256":"fac2bb038123b321941ef6e69dd4a8f340554ee653e4997071d85c63b3ceb81c","sha512":"80fc69d4b3e4e6cac45de660b95b3e92c6596f7a6aff79c5944dc3a70799cbb27fb9215f3343495058415d0134fb5b8d18e9fb58473f83b4f80d88e5668ab996","ssdeep":"","tlshash":"4de0720bcc01a5f388a488e8ea0bc0b00237802623c1e7e4f7de47300a806aae84ac03","size":332,"data":"","first_seen":"2026-01-03T13:21:09.415346Z","last_seen":"2026-01-03T13:21:09.415346Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/pages/index/index","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"726a39db668f78c13c0ce66a5f8d2da9","sha1":"810053f85f193dc9ccc30405ec0147751e705f1e","sha256":"050f3d31aa6bfd4354b7af5304f037b6b1cc3840e2e9531dc91e203c3bb9777e","sha512":"edd86e95ada9b895ebd84120575f81f87003e96545f673437a45c9e9e5482e1d60bf27ff5f7039a128ce160efc1b1ecb1e0307b9158239899754c0ad13a12486","ssdeep":"","tlshash":"3dc08cc5a0c63e006616655190af26e49024802bb0885b439dacd9883f230b49233e98","size":154,"data":"","first_seen":"2025-06-08T19:05:52.594166Z","last_seen":"2026-04-04T10:40:53.373003Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/u-loading-icon.d63a1961.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"a716324a549c127b972e2d506502ac90","sha1":"4338e32212f8792726c72e0f2c9bed7bec9f256b","sha256":"4ed4a49cd4b3998166b2aaf9b40528e11f8c3b4e05ae4e466fb0524e48aef052","sha512":"8f6400ed6732dbf7949a081ce44768a258a3fd90a2ca341a6172d7eb4544064d287fcfae42ad75cc0505e462cf7c931297b23d6eadc0ecf45f09487ff7647813","ssdeep":"","tlshash":"8971a7687016fdbf1bc709e800440065e2653d89aaa5bef9a7ba40264b3359432aff35","size":3781,"data":"","first_seen":"2026-01-01T10:59:02.979442Z","last_seen":"2026-01-17T14:34:28.251715Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/u-status-bar.5328c266.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"7a7987beef69bda056af626987fd1d52","sha1":"c96dc3a668e3edff0e77ebbb7f8e54998977e9d5","sha256":"77595da98ea182b322703179c821220616192c7eb6d6cbd830c0403c31bda674","sha512":"fac8af3f884bbffdc346220e87d241a40dea914147e7ed0f8d5a0809feb13f4c488d6376bf1f4ba01c12d0e22b5a15cb45974101f7306cd4d1b9e31d7e54ec8d","ssdeep":"","tlshash":"9f012d4df402d1b0ad478ccea4120220872b2d2c47bde9e146fba5b6d3104adf21fb21","size":702,"data":"","first_seen":"2026-01-01T10:59:02.989356Z","last_seen":"2026-01-17T14:34:28.234498Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/pages-index-index.6267c313.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2cc248b4e4593ecfa098e47c6423d90b","sha1":"f5fe443051522acfd0bcce4bddea2a08f7bc076f","sha256":"a886958d5d42285d2d4cf036f89c91082f6641702d24ea79de7ce36ac843582f","sha512":"9ee4d71bad13d4617409932f9a66d928679477c0fef8d5df406cc26ed78e44d71ed2225a640d98b7313bbe618c506f8692ebd0bda3a9ae1c4a0c3a41c38aad95","ssdeep":"","tlshash":"46e0220bc912a4b48558ccf8c2569571917304eb5be9d6f8d2ce0b3093a02a7e11e923","size":425,"data":"","first_seen":"2026-01-03T13:21:09.311442Z","last_seen":"2026-01-03T13:21:09.311442Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/pages/index/index","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"751093f341c73cb555ba030fa25e40af","sha1":"489346d8d2199edc86b0cf6f2b03f9196524c97c","sha256":"acfad071fb5778e7d43214329de4ea08cf79dc3a55e3302fef7a8e806678c4d1","sha512":"d0b1a013d8cb9ee6a341b6e8eb7928eb1cacadac1a89115d606ff762cf86a05fb889e33f1eb1c928d4e10da85e23f1cbf22a1730cfbd380d364cf3d0aad23790","ssdeep":"","tlshash":"62c08cc4a0c72d101a52745014bf24e4b034402a70489b438d94d8492e230b08237ea8","size":141,"data":"","first_seen":"2023-04-30T07:46:29Z","last_seen":"2026-04-04T10:40:53.373868Z","times_seen":118,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/pages/index/index","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"a123dc28f4e22219acc9172277042466","sha1":"aefd462c031e25445a81169858601bd35267b6a5","sha256":"d6a75324d79bb6cb28a118db6313bb94277f39e686ce8858541543c02f84c988","sha512":"a1434e8ac7a184307c9cc1a90dd08cbf1fdad5b2e27be1af8761fbfd17b814bbd1131b33db063d379552fbee3d45b8dcd05d4cecbdbbc0dc708b87242d9a666b","ssdeep":"","tlshash":"8fc08cc4a0c26d105602641014af24e49024402670481b428cd4d8482e620b08233e98","size":136,"data":"","first_seen":"2023-07-14T18:50:50Z","last_seen":"2026-04-04T10:40:53.374366Z","times_seen":344,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/pages/index/index","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"56a20e87a1995192d7b7d1504a8b82e1","sha1":"16b9ba91fb87e9ce2634e068f741b65c547666ce","sha256":"338e07b6dc7332d7bf97d2d6d42bc712bbf26321d7da4c72e2b51e0b60855022","sha512":"c1a6351128500f19360b3af1dd45ad1faec65f1ccd40436b68ca9f97f209191ee3f715247d6c81daf221c459bba68860ce9bd03ec537bc07769ba4154c825098","ssdeep":"","tlshash":"b1c08cc5b0c22d00564a641154af25e490244026b0481b428ce8d8483e220b09233e98","size":141,"data":"","first_seen":"2025-06-08T19:05:52.605798Z","last_seen":"2026-04-04T10:40:53.37534Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/facebookService.279a2385.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"ecc235a3d16b50cfc6a4d57a1437de6b","sha1":"0257dc06ce1bcdbe811a8f21484c41004c3a7756","sha256":"49ac46cb09911df81ae8184d7e4c3b5cc7409a36101fc56a102b1b0f8bfeddbe","sha512":"b2ddd317b91e53cabee11f2baaa78cbb8e559df1ff80d00510bae68548acc447e234c337b6756728e31c7d563cfdc3dddf5f8593a1497f5bfcad79fa6ec8bbd3","ssdeep":"","tlshash":"17f055090c9ba4730778a8ecb33bda1520462602258246a4eadb94743871cc7988af8c","size":442,"data":"","first_seen":"2025-09-07T02:54:04.922822Z","last_seen":"2026-02-19T14:53:49.130251Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/eye-close.8122306d.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"6c62c23c5a84b5d602148b6217101948","sha1":"083a89841695fb4a9f81181a4a3507d8c3384eb6","sha256":"4d2727b2c3223e027db2b0839982508ca9a6b3e2dacc60f1169b6f1c51b186db","sha512":"26924dc7c3af77831913cd044fbf59c43af7f0864ac469e74811613e9e23b14a980a38373ce2ed65bcea14721e7e6390a90ae244af7c96ef6e345fd003741614","ssdeep":"","tlshash":"3eb0121044804be00064344077c6c5f121a40102b024c1aeb530cc46b0314908037c30","size":93,"data":"","first_seen":"2026-01-03T13:21:09.382133Z","last_seen":"2026-01-03T13:21:09.382133Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/pages/login/register?promo_code=6B4AB323","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"bce5ba25172c0f3da65a41a67a130ea1","sha1":"6b4bf5aa17a61f828e19cb2277463162a10d34a2","sha256":"06f0390ded3c977cefbc6ae01f181a1f8e759d30e11463479f4af9c59a1a6b64","sha512":"e87ae0f954a27116fc294a83034204e5a33e90f27d92b2d19b773b99cb4a55f6026f520f387761682714ad2982d69c111f23137874d7ebdd5e5eddbf7eb9c6b6","ssdeep":"","tlshash":"7dc08cc4b0c22e002a02641028bf38e8a024402674481b028dd4e8492e230f48237ea8","size":147,"data":"","first_seen":"2023-10-25T23:06:30Z","last_seen":"2026-03-23T09:15:22.234558Z","times_seen":232,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/pages/login/register?promo_code=6B4AB323","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"4f78d6244d4e5ad933cb36623b541957","sha1":"2c2d217f47889e9e22a3deaad21bd7ddb0e6752a","sha256":"1cbc0d6d0911afd725d3ae8f9cb213db309d57f9314ccac675566e2dbce310e6","sha512":"7283be44fd8e5abd2dc441020221d9e16ae6cde4c096efcc1f130c0f4b84eba52b0b2b7c6dd4f2465b8daba06c4a1f13050ed25eeb761b2e102f3ee5b4a06377","ssdeep":"","tlshash":"6bc08cc4a0c6ad005602a91018bf24e890244026b8481b52cc94fc493f230f48337edc","size":151,"data":"","first_seen":"2025-06-08T19:05:52.59296Z","last_seen":"2026-04-04T10:40:53.377649Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/u-text.5e62f92d.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"e4ac62678f554819b22963ef51f76105","sha1":"beb6bb5416e42eaaec8e9d6b9ed5cb057ea296a6","sha256":"325afa85a65ad8eebed971bc9408cd22538b575cd1fedfd1846b3791607050cd","sha512":"48179bcbca63154f49b36b42d3612481d60a6238457045d961d79e405ddbd11209ee0dedb51f2f4163b3ab75e17ce404978a5a319e58ebc6b8b4d62da6503cfc","ssdeep":"96:RMFZN2acDw7gNUOH07KHk9b5HfYqI4SuIlF8xxax0p43+YxryKVLUpxEMJ:w2acDemH07KQtEopaVy8LwPJ","tlshash":"d1c17200751dabbbd9c609e964580100f1458f9f6b74fdf3dbd6047a83aad64b206b3c","size":5681,"data":"","first_seen":"2026-01-01T10:59:02.985356Z","last_seen":"2026-01-17T14:34:28.243208Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/pages/index/index","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"f4465b64446aa0a44abade4070c5e547","sha1":"5b3bcf7037439bfd3bb31a961ad435b78e636094","sha256":"959967dc8a880ff6bfcedd62cc696461a8e1ade9d0027177110465035792c056","sha512":"aaa934f931ab8695a7f6abc349580f95f6302464c3bc931912c379ce20b79df3e5de3e834aa48d11e98cac8ced16680a9005683d304b4bd65bc03a836d408e28","ssdeep":"","tlshash":"b3c08cc4a0c62d001612641010bf24e490248026b0481b02cd94d8482e220b08233e98","size":137,"data":"","first_seen":"2023-04-30T07:46:29Z","last_seen":"2026-03-26T11:48:31.641099Z","times_seen":2001,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/pages/index/index","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"6ac9071d9932331d6f13c28662df3eaa","sha1":"f6eb1baa0bd1ae6f59ae6aceb867f897511aeee1","sha256":"b4c3e0db43ddfac91e82f4f458144da6e4066d57aa41fed04d86cd9b3c0e368d","sha512":"cefe8e65fa5d8690b53f96ad56320e72dba887c3ccd4df0d4eb9000a5bc903b77d1b7ae8b1ad7ec25ec0443e8fd41327e3deb9238f38884b08549579c918e3ca","ssdeep":"","tlshash":"25c08cc4a0c22d201606682014af24e490244026704c2b028dd4d8492ea34b48233e98","size":140,"data":"","first_seen":"2023-04-13T00:16:19Z","last_seen":"2026-03-29T21:06:02.779897Z","times_seen":341,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/pages/index/index","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"3e352e40da965a477c73b85f45fcbcfe","sha1":"3e723988fae01e9002cd221d32d0b80fc932dc85","sha256":"5437083c1c0938d596758b071b379432c6722f887cbe2dca49cc5dd12e4f48bc","sha512":"36bd9ae9981675720b34b16739e5bd73967018d36cffaf325c4415dede978a5c8950cd9ee99567264cef03b5020fc26def12f1274befcfba2f680291e9f34580","ssdeep":"","tlshash":"e2c08cc4b0c22d003a02a41024bf34e89024402670481b028cd4e8582e230b08233e98","size":140,"data":"","first_seen":"2023-05-19T17:54:23Z","last_seen":"2026-04-04T10:40:53.378604Z","times_seen":573,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/pages/index/index","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"b2a83c9728cb27f0b6bcf5141b3c340b","sha1":"171c2aafd1c6350e8911f0081ebeddb9ee22d775","sha256":"f74eaa21b2a22dd2feb30c828d691ae04354478bf3a93402f850908acb0739af","sha512":"b582ebd6df7627c16157e1e09d6c447f34cb5fc8f3362b5d1bfc252dd60bd4720a97373aedf488c21219579a16c9c364829a5676d85e12f3842ace7d5e85312d","ssdeep":"","tlshash":"62c08cc5a0c22d106606651010af36e49024402670481b028cd4d8482e230b08233e98","size":138,"data":"","first_seen":"2023-12-21T06:50:41Z","last_seen":"2026-04-02T08:36:50.496493Z","times_seen":88,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/pages/login/register?promo_code=6B4AB323","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"34cbc41b0086fe874d04609e28ae3270","sha1":"020d83bc0a45ee54310b163f12f9d4b24b50b5d9","sha256":"d80412740eb63aab1c8bb741675f50c6f3f3c0f18d6502c0b7fe43dced11d00e","sha512":"553668b1c79e681cc3c7471ff4117e0fd0597bc9bd0f48776031ff27afbc8310e6ad0e869ec213028f25ed91701ac375c98d6f08efaf642968668af72a07a8ae","ssdeep":"","tlshash":"eec08cc4b0c2ad011612692110bf24e490244026b48c2b028de4d8682e230b49233e98","size":145,"data":"","first_seen":"2024-07-18T01:10:46Z","last_seen":"2026-03-27T05:56:12.399454Z","times_seen":112,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/pages/login/register?promo_code=6B4AB323","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"2284646268ac334c8b854ec876f03198","sha1":"c4db41023c5cc930d1868bcb8e83334e82a9efa1","sha256":"b382719631871364d9c3319a55e1e61a5138205bde7f6ef7ed6fe5cc6bfd4faa","sha512":"52aba4e91f2bffc9fd2b536e363ec5b8fba85ca4b7759085403eb2563ca9a07cebfe47f16e8fd4d18c657f15241603333dcd83ebe423a121b869182232c6fecf","ssdeep":"","tlshash":"adc08cc5f0c62e006a02a81029bf36e89034802a70882b868cdcec983e230f48337e9c","size":156,"data":"","first_seen":"2023-06-08T15:13:23Z","last_seen":"2026-04-04T18:47:16.095296Z","times_seen":39,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/pages/index/index","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"ac5fe1ef95febd38a502fea1f73529e3","sha1":"f7da0f2e6969d0093d766f9d8b2741f485513c80","sha256":"9aa68f38daa92deba91a31caa3e89ba84d40b269c3677d92f0051edd81ec6b4a","sha512":"a734e4ea7154815d547b54d4ab8311c7d428bfa90d1bfba2b00122f2bf83cddb704750cdb75f43bb23c77305ca1392bac7ce0caf2db23cfe2e6356ea2743fbc3","ssdeep":"","tlshash":"5cc08cc4a0c26d001622641014af25e49024402670482b428c94d8482e220b08233ea8","size":138,"data":"","first_seen":"2023-11-19T14:26:30Z","last_seen":"2026-04-04T10:40:53.369433Z","times_seen":46,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/pages-index-indexContent.39164349.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"a9fd24231635ae37e160156297b97d9f","sha1":"8bf4c9021b2c6c2fdb2342b2a1f7b641bcf7694b","sha256":"e06ca42449df187fc210d4069cdb5d179368fc2673905ac9e3ea4e53bfb65ea5","sha512":"11d3eb3757d6d9802055d31dfa8534f3a152941d453c8f7d9cbb71d010251d4ab8896529477e562645ba3c22c392160ae92d62e1264a0e479f18b504aeaf5964","ssdeep":"768:L7hWYUXVzmPejDIHCZhWtsa5zDkkmCgRizANC8n9IJPxjH41F/SJVuJHdGmQ2mtv:LUBmobyAZeJPdqwM2OcWw00UaB","tlshash":"2253d56876dca33a5987526860e8854031773dced6107c69a2f8983e63f7c9477ac33e","size":62060,"data":"","first_seen":"2026-01-01T10:59:02.975253Z","last_seen":"2026-01-17T14:34:28.246627Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/u-icon.c24486a1.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"736964c8cfd3731e387dab1ee6202df1","sha1":"3d1cd13eeb8cd595c5657291c71702fbf562c845","sha256":"d03aee581a1be62ef55498637e357c70fa567f9765da25104da3a4c00732e7b5","sha512":"5ed64bb2a33ba747d000a4bb005fc886bdceb7fc33ffcaf2514b97ede6b46a77766d26b3eb94d5f864fa5b9e5c770bad0b1732cd62c76883a0e503e1c849ca84","ssdeep":"1536:fiN+OCeDbQbEJ+W/7h8XuC0uBk0XRXTLR7NJJDSBLye3y57Movd:f8BCeDsbEJ+ih8ZBk0XRX3R7NyyEoV","tlshash":"b6537d6db2c9bc3f3e5735dc10c88005a36f35a4dade2da0f258ce61a97e129161f728","size":63720,"data":"","first_seen":"2026-01-01T10:59:02.984138Z","last_seen":"2026-01-17T14:34:28.257917Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/pages/index/index","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"28a11d8b0c318bf740c3324c0b239ed9","sha1":"1c3e7fccbc594815f672c81ec425105841d3d243","sha256":"f320c70eab581a39e76c74b362d88b1772608ff6e05ad6c6c779e2bcecc9cd09","sha512":"616cb2d2977d78fa67a56ab90f613ae870698eb5092e2b20fa5245cb84a00b8f162219acb0d81403566add2a04c091df71231df1c79bdace8a35c57c123ac7d6","ssdeep":"","tlshash":"aac08cc4b0c22d001a06645120af24e89034402670481b029c94d8583ea20b09233e98","size":141,"data":"","first_seen":"2025-06-08T19:05:52.602932Z","last_seen":"2026-04-04T10:40:53.368546Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/pages/index/index","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"135ae4b55f8e64684ba5d243eaee46bd","sha1":"778b3b77420a740a08b261229c2f0afae7ab70bb","sha256":"878d8489024f284938a2547fb328815365386ca8cb873b52a6391e0ed2dc470d","sha512":"19ef96e3a8a338dc5d2bd59bde62b76acb4fff7d039f2570410eabbde490d87cc0b56b6e88c1bb488fb3896328cd69b4e1fca277298f20b2ded2fa2c370ae025","ssdeep":"","tlshash":"47c08cc8e0da7d002a06651551af26e490244426b0481b038c98d8593ea30b08233ed8","size":148,"data":"","first_seen":"2025-06-08T19:05:52.609584Z","last_seen":"2026-04-04T10:40:53.376215Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/pages/index/index","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"f7eb96d99dd9eb17619659ed0fdfd99d","sha1":"6a8751851ceb05ea73246a3fee2835338fce4c85","sha256":"7fcd05a7d93e7171a050c7415cdecea4e2a46528f3e8ff05e2e6a0447fa3ca71","sha512":"c660330c5b0c69e14993427e08b58890a662b5e2d4baf2e71642fb4e7704036c4212f3e219d68e0d5cc87d37b8f27171da18fab02697cb169807d490e7d82294","ssdeep":"","tlshash":"53c08cc8a0d22d005a12a49010af24e4a0344426b44c5b038cd4d8492e630f08233ea8","size":146,"data":"","first_seen":"2025-12-22T09:31:22.454388Z","last_seen":"2026-03-14T05:19:40.955565Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/pages/index/index","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"ccd150b26b19436bf630d3e55d886c56","sha1":"b1b0a07a69d04c4d3fd477f645bdf45520f62f80","sha256":"c24d2e1417d4808466ba562ca2a899798ce86afc46131750f60e27caee231f57","sha512":"10c397a1dfd5c74118cfe0e9e2ebd5eaff92efb8aa9790b59149d433b53ed52b58f56be0a4ba2700f418bf659071fe8e9a854c0b42ae798f805c1c77cb64f4c9","ssdeep":"","tlshash":"3dc08cc4b0c26e105a02651014bf3ae490244036b4481b128cd4e8482e230b08233ed8","size":139,"data":"","first_seen":"2023-04-13T07:32:13Z","last_seen":"2026-04-05T01:00:21.846915Z","times_seen":2630,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/pages-login-registerContent.d67802ee.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"bf355a1c4bed58b791fd1b978ed6dde3","sha1":"abbaa86caa18af5e80f16511f668308c1c427bad","sha256":"c1392ba97a5d5f98c8604ed7bd183c0b052d0071ec1c38926dcad6c70ebb45e8","sha512":"be4835975b5683bb2c8aabd96f3b00268a4169ecdcdb117b11e53bdb8103a97aa01a881159b11a150fb74e56d6ca66f91452b9cf7d0940d046ec5b9ff059758f","ssdeep":"192:485wBEfflBCLmH2/EgH6Q6e7JgHRFIJvJDkx99heCwGwew7k+6vpbQFhGBmxGRcD:4BBYe1beFWvJDkuv6k3","tlshash":"cbf1410db67cdf375f83a76ca8a6406131366dbec0013449a3f80b6d057bfa6819476a","size":8070,"data":"","first_seen":"2026-01-03T13:21:09.351807Z","last_seen":"2026-01-03T13:21:09.351807Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/pages/index/index","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"a26090ca75a6bd5ae3a30e1a89a6380d","sha1":"a33e374166da5f124daeb73bf2ba5d80adb1902b","sha256":"367a855f74bdfe74158d5760307b237a9d842d05a1b05f58a2eabfcf1b8004ee","sha512":"fe5820a8b4ec8ee72beb8b46f7489786cf4f455d5b4d9ee2dd9038e56a551bcd142deba9f900f9a689874630dd110dab3165064090db6e9fb3bf3cc3a2309582","ssdeep":"","tlshash":"82c08cc6b0c62e205a03a61024ff36e8d0348026708d1b068c94d8993e630f08237f98","size":155,"data":"","first_seen":"2026-01-01T10:59:03.017961Z","last_seen":"2026-03-14T05:19:40.952556Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/_plugin-vue_export-helper.1b428a4d.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"41bf66d156aac38dbf7a45b53cb4db18","sha1":"4aa693a2afcc34b6a577e1bfc4be3ef5a458dce0","sha256":"a7dbb0eaed9de79041d555c4563be4bb0514099b8d169a2b548ab2d07102cb55","sha512":"64e1a5c2939052c93692338bf78b66723ae6673121d2915a9fb0848449e4b2657c1a31c8940bc7c9ec77554fd4c04ffae1b787297f0fba23983a987e85caee15","ssdeep":"","tlshash":"40b012e500824138432175c796f444649e08005c394756d144480d52c143080541bc3c","size":91,"data":"","first_seen":"2023-03-26T04:51:44Z","last_seen":"2026-04-04T10:40:53.315668Z","times_seen":1258,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/pages/login/register?promo_code=6B4AB323","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"f325222a758aeaf467ffd9902267b129","sha1":"ebb95b3866ab29d0ee9bb0755384b81ab12e000e","sha256":"cb11ef6823d7949b57e01ab9d6bb5c829be6b14322aa0dd5897a6d2d209d0672","sha512":"aa743a98e2ffb65897bee06760376bb5dbb7c2f10613ca12c8cc462ae79e1d3351855f14b3ea70088d449656bb4167061ab22d99f0eb628b9b63dc2a94131292","ssdeep":"","tlshash":"46c08cc4a0d26d001602641020af34e89024802674481b028c94d8482e220b09233ee8","size":138,"data":"","first_seen":"2023-04-14T14:41:51Z","last_seen":"2026-04-05T01:00:21.868079Z","times_seen":1865,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"3d5272693eb411e5b8b13a243f76c720","sha1":"6a586ab8e0a4bf12bbc60eea6ca9f2418625a22c","sha256":"9582f31f9eb892b8823a780e579d464d54e26d97d65dc327d2b2bdd92d47c4b8","sha512":"03fc5614f48fc9a2e3c4a30626fdbacde74c1fda09ffa9d1cde0393d31cd5fe1588e270c241f4cedb473c6e5cc224ff16c141468a29519ea6159accf3e3a18f1","ssdeep":"","tlshash":"a4c08c8350e2080c8210861b848880050b8808b04f9308a22cd85b7ecc9ae88c8f804c","size":148,"data":"","first_seen":"2023-03-07T01:10:06Z","last_seen":"2026-04-05T01:54:46.579482Z","times_seen":14273,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"https","addr":"darino.vip/assets/_plugin-vue_export-helper.1b428a4d.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:43.203Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/_plugin-vue_export-helper.1b428a4d.js HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/assets/pages-login-register.a70fe4f6.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:43 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Sat, 03 Jan 2026 23:16:52 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\nage: 7430\r\ncf-cache-status: HIT\r\netag: W/\"6938e6df-5b\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eZIsYGnTUqe%2FkaN163QU%2BPcKt6I1qmRqcB%2FvLcW4bTcf7ZHZpDExTE5xgY4rTLUlN3c0e6KDwMNiHas8CfpZRXNCDczYH%2FNS\"}]}\r\npriority: u=3,i=?0\r\ncf-ray: 9b82cb8dfb3f5684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":91,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"41bf66d156aac38dbf7a45b53cb4db18","sha1":"4aa693a2afcc34b6a577e1bfc4be3ef5a458dce0","sha256":"a7dbb0eaed9de79041d555c4563be4bb0514099b8d169a2b548ab2d07102cb55","sha512":"64e1a5c2939052c93692338bf78b66723ae6673121d2915a9fb0848449e4b2657c1a31c8940bc7c9ec77554fd4c04ffae1b787297f0fba23983a987e85caee15","ssdeep":"","tlshash":"40b012e500824138432175c796f444649e08005c394756d144480d52c143080541bc3c","first_seen":"2023-03-26T04:51:44Z","last_seen":"2026-04-04T10:40:53.315668Z","times_seen":1258,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/u-status-bar.5328c266.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:43.432Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/u-status-bar.5328c266.js HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://darino.vip/pages/index/index\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:43 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Sat, 03 Jan 2026 23:16:52 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\nage: 7430\r\ncf-cache-status: HIT\r\netag: W/\"6938e6df-2be\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hSC2puZBX%2Fsy4gr2tk1vVEbWC7nx9wN0vERrbdv%2BL%2FEDpShkniZNaq6NgE4XIXm317S6yfSpWm%2BAxTJ9mAe8UKwQYRcM7sA4\"}]}\r\npriority: u=4,i=?0\r\ncf-ray: 9b82cb8f4b815684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":702,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (701)","md5":"7a7987beef69bda056af626987fd1d52","sha1":"c96dc3a668e3edff0e77ebbb7f8e54998977e9d5","sha256":"77595da98ea182b322703179c821220616192c7eb6d6cbd830c0403c31bda674","sha512":"fac8af3f884bbffdc346220e87d241a40dea914147e7ed0f8d5a0809feb13f4c488d6376bf1f4ba01c12d0e22b5a15cb45974101f7306cd4d1b9e31d7e54ec8d","ssdeep":"","tlshash":"9f012d4df402d1b0ad478ccea4120220872b2d2c47bde9e146fba5b6d3104adf21fb21","first_seen":"2026-01-01T10:59:02.989356Z","last_seen":"2026-01-17T14:34:28.234498Z","times_seen":4,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/pages-index-index.6267c313.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:43.465Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/pages-index-index.6267c313.js HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/assets/index-f60204ba.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:43 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Sun, 04 Jan 2026 01:20:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\nage: 0\r\ncf-cache-status: HIT\r\netag: W/\"6938e6df-1a9\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=voP%2BMsTAYBmwr%2FRpAvf9nM26AY0PhWVO5W9wyEBf22jS2YRP9Rwje6mxNKAG1KG1IhKikxeo7XMHmZ1RDWQCvv3AhP4XidUF\"}]}\r\npriority: u=3,i=?0\r\ncf-ray: 9b82cb8fab845684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":425,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (424)","md5":"2cc248b4e4593ecfa098e47c6423d90b","sha1":"f5fe443051522acfd0bcce4bddea2a08f7bc076f","sha256":"a886958d5d42285d2d4cf036f89c91082f6641702d24ea79de7ce36ac843582f","sha512":"9ee4d71bad13d4617409932f9a66d928679477c0fef8d5df406cc26ed78e44d71ed2225a640d98b7313bbe618c506f8692ebd0bda3a9ae1c4a0c3a41c38aad95","ssdeep":"","tlshash":"46e0220bc912a4b48558ccf8c2569571917304eb5be9d6f8d2ce0b3093a02a7e11e923","first_seen":"2026-01-03T13:21:09.311442Z","last_seen":"2026-01-03T13:21:09.311442Z","times_seen":1,"resource_available":true,"data":null}},"time_used":524,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":524,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.darino.vip/h5/taskBase/banner","fqdn":"api.darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:44.042Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"OPTIONS /h5/taskBase/banner HTTP/1.1\r\nHost: api.darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: h5-platform,x-token\r\nReferer: https://darino.vip/\r\nOrigin: https://darino.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 204 No Content\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:44 GMT\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token, Authorization, Token, x-token, H5-Platform\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE, PATCH, PUT\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BBOCrEgczUCbyDAasrT%2B2tsSFBLtXzK%2FJONzxVZhxs6PtLmE1bxfS5725tjS39kM5%2BRLxC%2B%2F7RuLcHQ307EbLxJVKX%2Bh3DcJV3dyUQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb934baf5684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T01:47:03.978699Z","times_seen":13354468,"resource_available":true,"data":null}},"time_used":614,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":613,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"api.darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/invite-63a2675d.png","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:44.124Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/invite-63a2675d.png HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/pages/index/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:44 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6938e6df-c28b\"\r\nexpires: Sat, 31 Jan 2026 10:58:36 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 181327\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=e5bNBKwRbcIQvoxA%2BnMx%2BZZNLwqU4sRt2QT5Jszy7lfGjjyvCzol0GlZN7f%2BYCoFEXm%2BLt6NuCg%2FTPM8P%2BQxWZgwK3qH%2BoVj\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb93cbb45684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":49803,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"98c76d136692e12df8589a149ed86a12","sha1":"578cc8d2690b95b99f8f6d97188f5f0dcb70bbbe","sha256":"63a2675dd14202a44c01f794d8ac58448c8c22df68c5ab0fd4ef1ae30e677eab","sha512":"d93e4d23bb8e2efc7ba9d3397794bbeece016fc23b276ea0c4c39ea417c97592715ee2ae1e6ac744b3d326d6160103ef222de1a19818d0a85080eb6d3de21b64","ssdeep":"768:3pB/fATBIdH2lkKnLwI5YvpMY1jwhR0dEi72I3TOknyzWkGK5CJWlm5b:3PgTBIFbExGviY5P72ATLPKMJWlm5b","tlshash":"9e23f1d2f392408ee6365fecbc91e56acb1130be9f1500f65a9f4bd12315b5254eec09","first_seen":"2026-01-01T10:59:02.998243Z","last_seen":"2026-03-14T05:19:40.945892Z","times_seen":5,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/india-baea5e40.png","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:44.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/india-baea5e40.png HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/pages/index/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:44 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6938e6df-156e\"\r\nexpires: Sat, 31 Jan 2026 10:58:36 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 181327\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=H3qyEkn4uBHzSEpAdk2RmPTOkGAoa%2FCJHnvoSZ0Qe9fgisWIC92E9kKP8NWmj14QDW8UtPU5ycfZjep17vAM%2FArQbYlSMYb9\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb941bc65684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5486,"size_decoded":0,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 750x500, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"6b9fb49c0a51360ddf49ca3fdcd8abcb","sha1":"3c7872d012b55d818f4e7307c2df5994baf55312","sha256":"baea5e409712d5c12f4a416511fb47a93ca5e16bfef72c9b6efa504164739a49","sha512":"e0ef224399c8b415b8466637b74883b7dc2a0ff20a9c60933edd2c1473b4fe8c8cb86d4ce81edd032767dba9326c4263b1dc1aa87ff1564f7fd68f1346162e95","ssdeep":"96:N7tXuCg+x0Dxdh7HwwwATQd64YQKdXTh1GZkFi3eT9eD8WUEkQSuwkx4edUV:NEO0DlZMo4YQKNh1GepQDHUEkuJx4sU","tlshash":"3cb16e46f4086cfdc65d39783ebe7d88ec3b42938917a2b835510a0fdaf55c2e561b02","first_seen":"2025-07-08T13:55:40.348928Z","last_seen":"2026-04-04T10:40:53.330402Z","times_seen":35,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.darino.vip/h5/taskBase/taskList?promo_code=6B4AB323","fqdn":"api.darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:46.388Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /h5/taskBase/taskList?promo_code=6B4AB323 HTTP/1.1\r\nHost: api.darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nx-token: \r\nh5-platform: darino.vip\r\nOrigin: https://darino.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:46 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token, Authorization, Token, x-token, H5-Platform\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE, PATCH, PUT\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=j6Dsjy0ygDlxiRX2b0r2hASNSHKRey3sIwaJF2fpCHe6FKnMu3vCQ1QR19uz4lbRpAey7X5%2FYfExWae4aymekvo4eY2Kl1Ha0koH4Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cba1ec9c5684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5183,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"71617df631444279f0ae6801ecbe9d1d","sha1":"885e828e923afef043dcfca72afd886d1dd83131","sha256":"9699ea5717e267ee94d50ab43ef1291963695b448707596d03f0c8d050becb1a","sha512":"842c25946d82815339ba22fa76ac60ad44d0419ab4319c3ad729bfef36aac8a9c4e550822877f09956b6f9742b2adc4f257da5e77a2d8d2d0020c567be0d47a0","ssdeep":"96:efMNYV8MBM2MUMLZqMTe9MFnbMyMqMxMAjsdMWMbMkSM4Q41MKreMdMzMlMAhFmt:efaYegh30U39Onbh7KrsdzeaDQ41Fre9","tlshash":"7fb12a6c6b3cb27d94ba288e96577353a5d8e3aa0c440fd0ffd686080801c77268bfd5","first_seen":"2026-01-03T13:21:09.327603Z","last_seen":"2026-01-03T13:21:09.327603Z","times_seen":1,"resource_available":false,"data":null}},"time_used":204,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":204,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"api.darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/registerContent-aaf2b7da.css","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:42.537Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/registerContent-aaf2b7da.css HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/pages/login/register?promo_code=6B4AB323\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:43 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nvary: Accept-Encoding\r\netag: \"6938e6df-1565\"\r\nexpires: Sun, 04 Jan 2026 01:20:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=d725uenbhNd8f7iBIfM81MQ%2BcXnfkxGiHuA3vyaBl72ajIU0Ug1GU7ro2vdMuCN6MpS%2FEm66b9Og76JTGeyg3yC6thauxmut\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb89dafe5684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5477,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (5476)","md5":"ceae14d12e53d2eb7c8ec808ce539d3a","sha1":"8536deeffaf536c7bda82f7d4d42cc3ef6e48100","sha256":"aaf2b7da4d674dee873a00112e405c6b563e774a56c6904562921ae1024d741d","sha512":"cec7207dc930d88f56eb01ec2aa170eeb5aadf59ac155a45c46e46ad45686328bce6c67dd71d820fe9fcb674b66ef132f9b1901f7f5e942350352146f1bfb18b","ssdeep":"96:0JWe0W6x7npVyjYwajSGZxItSTJIqBcZRG6xK+ncJP:0ce0W6x7nScldZxItSTJIHQ6BSP","tlshash":"a8b11125e007b13f79a3d77da4e4414e7a907233c753db2fa66ad0148aab0d72732d98","first_seen":"2026-01-03T13:21:09.332353Z","last_seen":"2026-01-03T13:21:09.332353Z","times_seen":1,"resource_available":false,"data":null}},"time_used":577,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":577,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.darino.vip/h5/taskBase/platformConfig","fqdn":"api.darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:43.315Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /h5/taskBase/platformConfig HTTP/1.1\r\nHost: api.darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nx-token: \r\nh5-platform: darino.vip\r\nOrigin: https://darino.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 13:20:43 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token, Authorization, Token, x-token, H5-Platform\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE, PATCH, PUT\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BYZ1lc%2FU5u1l6F9IoY%2FiMrgkCYhpLiZh2oZ0aJvKdGPIipS0pw2tyDo3sRYIrEqXlr5fN033fZgUrItmf3HrpH8cYku2juxhrdW24Z17\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9b82cb8ebc7e0daa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":490,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"b677e24ee71f4a699c6042490c39d7d7","sha1":"6500aabba25526aaf2c303599741c54baac8c5dc","sha256":"0ad6fcbfd207e4e76ccb84c124d3f99db5800d53d939aa3855e02f87b0cc53c4","sha512":"153349c091194c520211d48b148bee373fe2d1268aa30833598e6bd4189f303e121eb96ff4ae5046db48651b6066eea06f8b871e9838d85d6ee3f101bfbe9a81","ssdeep":"","tlshash":"dff09e0b597d2d5978b53d85c10c7398b9cdb15bc5218d87efd8d628870d1f91142a10","first_seen":"2026-01-01T10:59:03.00801Z","last_seen":"2026-01-03T13:21:09.336647Z","times_seen":3,"resource_available":false,"data":null}},"time_used":584,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":584,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"api.darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.darino.vip/h5/taskBase/channel","fqdn":"api.darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:43.918Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /h5/taskBase/channel HTTP/1.1\r\nHost: api.darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nx-token: \r\nh5-platform: darino.vip\r\nOrigin: https://darino.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 13:20:44 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token, Authorization, Token, x-token, H5-Platform\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE, PATCH, PUT\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Zy1MZznSnt%2FlIQZ76R2s%2FyqlQU3YouBdppuafpIczlh9rlEf9jYbcdTvA34ESB1ELaTIkMnUgBNnDSveTzZk83TDExidpq1TOB6eaNw0\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9b82cb927e160daa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":44,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"c737efe2a240d2b3d90adde1b3296dce","sha1":"ca406f2e4cb2295f09916789b133c3b6c24771cc","sha256":"3b7acd81b0d47137d30e5101a48c276bdbbfbafc39f6d709ab7f2a181f8be719","sha512":"5419f6ce327026661a0fa2c0d20c314dfcaa4437ad4175997f8f5a3ecc210e4512c5ee05ed3cc799e2041ab44e42af42cc698c269123940de2c98cc7d6c5b18c","ssdeep":"","tlshash":"53900471d50c7d330c13c4c4154d1303d15450c0c40013054c7dd154c01c0dc1174d70","first_seen":"2025-09-07T02:54:04.969752Z","last_seen":"2026-02-19T14:53:49.118599Z","times_seen":15,"resource_available":false,"data":null}},"time_used":196,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":196,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"api.darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"at.alicdn.com/t/font_2225171_8kdcwk4po24.ttf","fqdn":"at.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"47.246.44.178","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:46.963Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 16 Jun 2025 09:41:05 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"64:77:72:8B:BB:58:44:79:90:C3:B0:8D:35:BC:EC:6C:D6:35:BD:83","sha256":"3D:49:49:78:42:46:FF:F7:52:9B:6B:82:DF:7E:54:4B:F9:BA:D8:34:14:1D:21:67:63:4E:5B:62:A1:D8:85:B5"}}},"request":{"raw":"GET /t/font_2225171_8kdcwk4po24.ttf HTTP/1.1\r\nHost: at.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://darino.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: application/octet-stream\r\ncontent-length: 55940\r\ndate: Fri, 19 Dec 2025 06:19:37 GMT\r\nx-oss-request-id: 6944EE7917028E3334073415\r\nvary: Origin\r\naccept-ranges: bytes\r\netag: \"B716002BF601F727176AE7901BDF4E4F\"\r\nlast-modified: Fri, 24 Dec 2021 20:51:06 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 10201830100077572647\r\nx-oss-storage-class: Standard\r\ncache-control: max-age=63072000\r\ncontent-md5: txYAK/YB9ycXaueQG99OTw==\r\nx-oss-server-time: 2\r\nvia: cache35.l2fr1[0,0,200-0,H], cache17.l2fr1[1,0], ens-cache8.se2[0,0,200-0,H], ens-cache13.se2[2,0]\r\nage: 1321270\r\nali-swift-global-savetime: 1766125177\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 26 Dec 2025 20:01:58 GMT\r\nx-swift-cachetime: 30449859\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\neagleid: 2ff62ca117674464471123391e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":55940,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 11 tables, 1st \"GSUB\", 18 names, Macintosh,            ","md5":"b716002bf601f727176ae7901bdf4e4f","sha1":"e87c1130c27fa42d822c198f5ea8b633b5118b94","sha256":"4bc8cc97559c0a52ea4f5ce0563e1bf3a7f89d660f74792e662e76d49eae4707","sha512":"cd4d86bc27a8055bf4ba21730991acb71e32d1d8c3176b6aada3c8fcfbaacfabe3cf1c813665b4434b16c757587d38afb8fd61f3a84a440053a96b545187e672","ssdeep":"768:00Yo6KrRwXJDv2mjQ5PMWCUPQnNqcoocj9MNb5+kYfcUFO++wEMjQYVEh/gG+VeV:xY1dCpj8+kYfcUUXwjjQYV8/gBVE","tlshash":"3c437c2b835e4fb3d16a86f90c4f011b5fefd7206636f99664ca5c1e4402afd085cb9a","first_seen":"2023-04-09T15:26:02Z","last_seen":"2026-04-04T20:21:16.261778Z","times_seen":3288,"resource_available":false,"data":null}},"time_used":386,"timings":{"blocked":159,"dns":51,"connect":21,"send":0,"wait":23,"receive":45,"ssl":84},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.darino.vip/h5/taskBase/platformConfig","fqdn":"api.darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:42.570Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"OPTIONS /h5/taskBase/platformConfig HTTP/1.1\r\nHost: api.darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: h5-platform,x-token\r\nReferer: https://darino.vip/\r\nOrigin: https://darino.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sat, 03 Jan 2026 13:20:43 GMT\r\nserver: cloudflare\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token, Authorization, Token, x-token, H5-Platform\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE, PATCH, PUT\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9AEyzY0jY3%2FO7IzLb9g7VdCGAY%2F2%2FygTLQ6VhuP7Q0FDsRFA9wKM7fbE7h2UCTZsi9mRC%2FuuSDALrqAkg9%2Bd7DbHL8en74N6SwCHbQR%2F\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb8a5fc20daa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T01:47:03.978699Z","times_seen":13354468,"resource_available":true,"data":null}},"time_used":805,"timings":{"blocked":42,"dns":40,"connect":1,"send":0,"wait":697,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"api.darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/login.67c6bbf9.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:43.201Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/login.67c6bbf9.js HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/assets/pages-login-register.a70fe4f6.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:43 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Sun, 04 Jan 2026 01:20:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\nage: 0\r\ncf-cache-status: HIT\r\netag: W/\"6938e6df-138\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gpmtHx8CpFdKywirTFDLrQwwROpCWAZ4M9MaGYzGPBvLXvYspOrlaj9DRxnYGiGkh3bFphNkWhRfEaaNrV6tT%2FpuuyaBcACp\"}]}\r\npriority: u=3,i=?0\r\ncf-ray: 9b82cb8dfb3d5684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":312,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (311)","md5":"3f56cfafb7b5e5cf8ac6f122fae10bfb","sha1":"e6a520405bef719edb96e3b4735f963661cb556c","sha256":"045a5b371e52a77c5fb71a74b6f0e01547fb77f6e740bff358d0b4aaa96ed32d","sha512":"b12f91d5ccac22568ffeec165786b2988831ade611d4e85c97ebee16f7a1c7dd087b0e2d72f6b0d34e9bff97fcbc4962a06892ffc4b01535dbad4fbc3f9fb2eb","ssdeep":"","tlshash":"eae0865d98294ab503b355cc1080308a4e3327f85ab871a40e083571c7b298383efa25","first_seen":"2026-01-03T13:21:09.348297Z","last_seen":"2026-01-03T13:21:09.348297Z","times_seen":1,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/pages-login-registerContent.d67802ee.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:43.197Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/pages-login-registerContent.d67802ee.js HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/assets/pages-login-register.a70fe4f6.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:43 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6938e6df-1f86\"\r\nexpires: Sun, 04 Jan 2026 01:20:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JI26D%2B9oX9eOCqC%2BnfBCPSGu%2BLMx%2BVfwkbyuOUsbxu3yFFQgwlNIcODiev9Nix%2F2sckcTjkbrgStgQy1cWampIR1O1ydH23j\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb8dfb3b5684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8070,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (8069)","md5":"bf355a1c4bed58b791fd1b978ed6dde3","sha1":"abbaa86caa18af5e80f16511f668308c1c427bad","sha256":"c1392ba97a5d5f98c8604ed7bd183c0b052d0071ec1c38926dcad6c70ebb45e8","sha512":"be4835975b5683bb2c8aabd96f3b00268a4169ecdcdb117b11e53bdb8103a97aa01a881159b11a150fb74e56d6ca66f91452b9cf7d0940d046ec5b9ff059758f","ssdeep":"192:485wBEfflBCLmH2/EgH6Q6e7JgHRFIJvJDkx99heCwGwew7k+6vpbQFhGBmxGRcD:4BBYe1beFWvJDkuv6k3","tlshash":"cbf1410db67cdf375f83a76ca8a6406131366dbec0013449a3f80b6d057bfa6819476a","first_seen":"2026-01-03T13:21:09.351807Z","last_seen":"2026-01-03T13:21:09.351807Z","times_seen":1,"resource_available":true,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/u-loading-icon.d63a1961.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:43.419Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/u-loading-icon.d63a1961.js HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://darino.vip/pages/index/index\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:43 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nvary: Accept-Encoding\r\netag: \"6938e6df-ec5\"\r\nexpires: Sat, 03 Jan 2026 23:16:52 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 7430\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OnuR2fUkGCli%2B6Afm2Hrysw3zSp5CvZlNPdP%2Fsj4oWqUPzaCBJhMcryjeZdQCFPqVg0Vr9qXrq7QY6P%2FaIPgHS%2FKS31Bv2tw\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb8f3b7d5684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3781,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (3780)","md5":"a716324a549c127b972e2d506502ac90","sha1":"4338e32212f8792726c72e0f2c9bed7bec9f256b","sha256":"4ed4a49cd4b3998166b2aaf9b40528e11f8c3b4e05ae4e466fb0524e48aef052","sha512":"8f6400ed6732dbf7949a081ce44768a258a3fd90a2ca341a6172d7eb4544064d287fcfae42ad75cc0505e462cf7c931297b23d6eadc0ecf45f09487ff7647813","ssdeep":"","tlshash":"8971a7687016fdbf1bc709e800440065e2653d89aaa5bef9a7ba40264b3359432aff35","first_seen":"2026-01-01T10:59:02.979442Z","last_seen":"2026-01-17T14:34:28.251715Z","times_seen":4,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/u-text.5e62f92d.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:44.005Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/u-text.5e62f92d.js HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/assets/pages-index-index.6267c313.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:44 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nvary: Accept-Encoding\r\netag: \"6938e6df-1631\"\r\nexpires: Sat, 03 Jan 2026 23:16:52 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 7431\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0gcoCFO0KAl2wL154EFOvbl%2Bx7Jcl5Bi0%2BEXfDfkrPvLSMTnXrQzHBum1uJThUpVRG5JtRvXe4hcxJeYauuq300FxPyDjZJw\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb92fbaa5684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5681,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (5678)","md5":"e4ac62678f554819b22963ef51f76105","sha1":"beb6bb5416e42eaaec8e9d6b9ed5cb057ea296a6","sha256":"325afa85a65ad8eebed971bc9408cd22538b575cd1fedfd1846b3791607050cd","sha512":"48179bcbca63154f49b36b42d3612481d60a6238457045d961d79e405ddbd11209ee0dedb51f2f4163b3ab75e17ce404978a5a319e58ebc6b8b4d62da6503cfc","ssdeep":"96:RMFZN2acDw7gNUOH07KHk9b5HfYqI4SuIlF8xxax0p43+YxryKVLUpxEMJ:w2acDemH07KQtEopaVy8LwPJ","tlshash":"d1c17200751dabbbd9c609e964580100f1458f9f6b74fdf3dbd6047a83aad64b206b3c","first_seen":"2026-01-01T10:59:02.985356Z","last_seen":"2026-01-17T14:34:28.243208Z","times_seen":4,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.darino.vip/h5/taskBase/getHomeAnnouncement?type=3","fqdn":"api.darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:44.157Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"OPTIONS /h5/taskBase/getHomeAnnouncement?type=3 HTTP/1.1\r\nHost: api.darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: h5-platform,x-token\r\nReferer: https://darino.vip/\r\nOrigin: https://darino.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 204 No Content\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:44 GMT\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token, Authorization, Token, x-token, H5-Platform\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE, PATCH, PUT\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FjupbGrFVFI0nSV4nHl4T3N%2FbtQ%2FqWtzTxKr5ZJzxqlCbPiEfoA9s5ZRyEpBlBFGk49uAmfqggEgjcZUfXgEVGAc2qtsi7%2BRoIKF4Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb93ebc45684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T01:47:03.978699Z","times_seen":13354468,"resource_available":true,"data":null}},"time_used":696,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":696,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"api.darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.dcloud.net.cn/img/shadow-grey.png","fqdn":"cdn.dcloud.net.cn","domain":"dcloud.net.cn","tld":"net.cn"},"ip":{"addr":"118.25.42.241","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:45.353Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.dcloud.net.cn","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 26 Aug 2025 11:47:17 GMT","end":"Fri, 25 Sep 2026 11:47:16 GMT"},"fingerprint":{"sha1":"47:A7:6C:09:6B:1D:CA:2D:7D:39:2E:C1:7F:15:DE:5D:F2:C4:0F:77","sha256":"EA:73:37:83:D0:38:44:D9:3C:0B:26:F0:DD:D1:22:2F:36:F7:F2:86:A1:B0:58:52:DE:4E:0A:21:D6:89:E7:3E"}}},"request":{"raw":"GET /img/shadow-grey.png HTTP/1.1\r\nHost: cdn.dcloud.net.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 03 Jan 2026 13:20:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 136\r\nlast-modified: Thu, 06 Jun 2019 06:42:07 GMT\r\netag: \"5cf8b5bf-88\"\r\nexpires: Sat, 03 Jan 2026 15:20:47 GMT\r\ncache-control: max-age=7200\r\nset-cookie: __uni__uid=rBEQMWlZF69ct+sdA0hcAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dcloud.net.cn; path=/; secure; httponly; samesite=none\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":136,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1 x 6, 4-bit colormap, non-interlaced","md5":"5a962adf74d92ae702467b3f47976547","sha1":"36f74049375584e3fa69b5ef87e9572336ff9e7a","sha256":"ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f","sha512":"4ace23fe7ec6c7271710030fd423aace13eafac68ac3e76366ce4ce9bdc702caf71c9bdc2fb6a32c8e9791546098617cc0259decd8bb8489afdbce43e1b53a73","ssdeep":"","tlshash":"47c09bf3a615dc754a0d153b42e98271f429511e07046d0e5a13c216741e3448d56793","first_seen":"2023-04-15T10:50:30Z","last_seen":"2026-04-05T01:08:03.419311Z","times_seen":14532,"resource_available":false,"data":null}},"time_used":4393,"timings":{"blocked":1770,"dns":340,"connect":284,"send":0,"wait":852,"receive":0,"ssl":1144},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/u-text.5e62f92d.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:43.430Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/u-text.5e62f92d.js HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://darino.vip/pages/index/index\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:43 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nvary: Accept-Encoding\r\netag: \"6938e6df-1631\"\r\nexpires: Sat, 03 Jan 2026 23:16:52 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 7430\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OrVUJQTJXTaahgN1IRdDE2P3NHO2EVgZrDj5%2FFLhkBHGQJzdukIyZpyJCuMiWiB3DSbNhs%2Fe8%2Bs3GAvo%2BLGh%2FT1X0DKJ76MN\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb8f3b7f5684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5681,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (5678)","md5":"e4ac62678f554819b22963ef51f76105","sha1":"beb6bb5416e42eaaec8e9d6b9ed5cb057ea296a6","sha256":"325afa85a65ad8eebed971bc9408cd22538b575cd1fedfd1846b3791607050cd","sha512":"48179bcbca63154f49b36b42d3612481d60a6238457045d961d79e405ddbd11209ee0dedb51f2f4163b3ab75e17ce404978a5a319e58ebc6b8b4d62da6503cfc","ssdeep":"96:RMFZN2acDw7gNUOH07KHk9b5HfYqI4SuIlF8xxax0p43+YxryKVLUpxEMJ:w2acDemH07KQtEopaVy8LwPJ","tlshash":"d1c17200751dabbbd9c609e964580100f1458f9f6b74fdf3dbd6047a83aad64b206b3c","first_seen":"2026-01-01T10:59:02.985356Z","last_seen":"2026-01-17T14:34:28.243208Z","times_seen":4,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/u-popup.efd305fc.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:43.431Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/u-popup.efd305fc.js HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://darino.vip/pages/index/index\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:43 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nvary: Accept-Encoding\r\netag: \"6938e6df-1c2e\"\r\nexpires: Sat, 03 Jan 2026 23:16:52 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 7430\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SayMgSCpH%2FtWKk13MKO0zdavQlD60IFgiDa16hEJvmYt7YxrAYa6YRlinJUH6gUpI8K7DRPHq822nxkJLIQoS%2FmGntYUDILR\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb8f4b805684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7214,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (7213)","md5":"abae03e4193832cfd936a841854a7270","sha1":"13defe0d9deab66857731c72f80e09dc5e998208","sha256":"d7952847a129c86ce828a6e664d999a5c0c5ba31c2290737e0a6bc3f2f635208","sha512":"24d50dd17f2bf26969cecabfb8f7b75f998062ad1770bded0cccb3ac1be95d8fe5c1b383fb1f6c0590d79f2e8a833357d7104ede2c8d347dec1deb67170e3396","ssdeep":"192:b/t5laK7ATzdBGv+AuSkDcTfiv6olgNAzzt4vAw:bV5vATzdSTT6tMMpg","tlshash":"e8e18454f406b935099be19541500600923e990cff78abfc7fee51e787ef458725ab38","first_seen":"2026-01-01T10:59:03.000651Z","last_seen":"2026-01-17T14:34:28.245811Z","times_seen":4,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/kefu_1-8aa61e9a.png","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:44.136Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/kefu_1-8aa61e9a.png HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/pages/index/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:44 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6938e6df-c59e\"\r\nexpires: Sat, 31 Jan 2026 10:58:36 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 181327\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YS4ontT8cZcElPqs8vd%2F0Gunq%2Fh9hnsEFoAS6SwECnXdLsbMS7jtLBh95R6IUk8XUW218VG1PJ%2FeS5Wvip3047Nq3QsqztTR\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb93cbb95684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":50590,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"b0dca1538a110dd5ee860db55e6ea2e7","sha1":"c5f72e296b566e7aba2d433f2861fb3a5f74b54a","sha256":"8aa61e9a52e165e2929645bb90ad2238a7ec8cb3149f1da5a3ef746160435625","sha512":"66d38bffbe094c0ea972e4b055a600b41677b3ce974d517679669079f1f0000875ca39891aaeeb712a1a809fa12220c411fd2c444df108a30c0b676869cf9d0d","ssdeep":"768:dAhluHvbgcyUodvryWzd6ix+HIdnSmtP5IpKJgMVAYMBHelOAhohdN7+fk:dAhlTc3odvft+HIdnSmlFpMChoXN79","tlshash":"d533f2ef39cce672cb0b09c8be77608561d4e5d8575a52df2980cb89bd11cf40cab64a","first_seen":"2025-03-18T22:56:05.677911Z","last_seen":"2026-04-04T19:48:53.326883Z","times_seen":12,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/3hw1b/0x4AAAAAAB6hVJfbRg63fTeS/auto/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:43.344Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Dec 2025 19:12:58 GMT","end":"Sat, 21 Mar 2026 20:12:54 GMT"},"fingerprint":{"sha1":"DA:45:58:DD:B7:34:05:65:E2:26:69:9C:69:2A:91:C3:DB:C6:80:5E","sha256":"BE:E0:7F:BA:DB:DB:66:EA:EC:1A:A8:D1:E5:7F:8C:DE:5B:EF:55:8F:52:90:0D:D5:42:CE:5D:A6:B4:21:39:FB"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/turnstile/f/ov2/av0/rch/3hw1b/0x4AAAAAAB6hVJfbRg63fTeS/auto/fbE/new/normal?lang=auto HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/\r\nCookie: _cfuvid=Lps9hE9LC.6Ol6XrzZtS5FJknTj7TxSvzcqW1tPFxaA-1767446442293-0.0.1.1-604800000\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T01:47:03.978699Z","times_seen":13354468,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/pages-index-index.6267c313.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:43.414Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/pages-index-index.6267c313.js HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://darino.vip/pages/index/index\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:43 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Sun, 04 Jan 2026 01:20:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"6938e6df-1a9\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=n%2BBn6HwRO2%2BAAWmLxe4jRsUZlbAlF2Eb1g6AOhR5QQqUQueo7O04HHvgUp4j9XssM6LbMSGlVlGyTrz74q08KYeev3Nv3a5z\"}]}\r\npriority: u=4,i=?0\r\ncf-ray: 9b82cb8f3b7b5684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":425,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (424)","md5":"2cc248b4e4593ecfa098e47c6423d90b","sha1":"f5fe443051522acfd0bcce4bddea2a08f7bc076f","sha256":"a886958d5d42285d2d4cf036f89c91082f6641702d24ea79de7ce36ac843582f","sha512":"9ee4d71bad13d4617409932f9a66d928679477c0fef8d5df406cc26ed78e44d71ed2225a640d98b7313bbe618c506f8692ebd0bda3a9ae1c4a0c3a41c38aad95","ssdeep":"","tlshash":"46e0220bc912a4b48558ccf8c2569571917304eb5be9d6f8d2ce0b3093a02a7e11e923","first_seen":"2026-01-03T13:21:09.311442Z","last_seen":"2026-01-03T13:21:09.311442Z","times_seen":1,"resource_available":true,"data":null}},"time_used":592,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":592,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/pages-index-indexContent.39164349.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:43.417Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/pages-index-indexContent.39164349.js HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://darino.vip/pages/index/index\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:43 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nvary: Accept-Encoding\r\netag: \"6938e6df-f26c\"\r\nexpires: Sat, 03 Jan 2026 23:16:52 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 7430\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3HRKrmkCmakvq3aSvwMj9Kn3MOfyqFUFRm8yB%2FEYbx4yoA2qpnVsCW6VvVw4FTHgdyVXhHE1dx6f6LnQ5rCWX3j%2BXL6mlUwm\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb8f3b7c5684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":62060,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (61678)","md5":"a9fd24231635ae37e160156297b97d9f","sha1":"8bf4c9021b2c6c2fdb2342b2a1f7b641bcf7694b","sha256":"e06ca42449df187fc210d4069cdb5d179368fc2673905ac9e3ea4e53bfb65ea5","sha512":"11d3eb3757d6d9802055d31dfa8534f3a152941d453c8f7d9cbb71d010251d4ab8896529477e562645ba3c22c392160ae92d62e1264a0e479f18b504aeaf5964","ssdeep":"768:L7hWYUXVzmPejDIHCZhWtsa5zDkkmCgRizANC8n9IJPxjH41F/SJVuJHdGmQ2mtv:LUBmobyAZeJPdqwM2OcWw00UaB","tlshash":"2253d56876dca33a5987526860e8854031773dced6107c69a2f8983e63f7c9477ac33e","first_seen":"2026-01-01T10:59:02.975253Z","last_seen":"2026-01-17T14:34:28.246627Z","times_seen":4,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/u-icon.c24486a1.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:43.429Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/u-icon.c24486a1.js HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://darino.vip/pages/index/index\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:43 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nvary: Accept-Encoding\r\netag: \"6938e6df-f8f8\"\r\nexpires: Sat, 03 Jan 2026 23:16:52 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 7430\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7IQ3NYLOMwU2cQ1f0MEsjZ5T1LJSiGZBxFe7v%2F9%2FYc5Xn0UjYEbuhAh%2BY6A%2Fx%2FUYj6duwxOmPnYVcvuITVIKggaGvO%2FCNIGi\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb8f3b7e5684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":63736,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (62847)","md5":"736964c8cfd3731e387dab1ee6202df1","sha1":"3d1cd13eeb8cd595c5657291c71702fbf562c845","sha256":"d03aee581a1be62ef55498637e357c70fa567f9765da25104da3a4c00732e7b5","sha512":"5ed64bb2a33ba747d000a4bb005fc886bdceb7fc33ffcaf2514b97ede6b46a77766d26b3eb94d5f864fa5b9e5c770bad0b1732cd62c76883a0e503e1c849ca84","ssdeep":"1536:fiN+OCeDbQbEJ+W/7h8XuC0uBk0XRXTLR7NJJDSBLye3y57Movd:f8BCeDsbEJ+ih8ZBk0XRX3R7NyyEoV","tlshash":"b6537d6db2c9bc3f3e5735dc10c88005a36f35a4dade2da0f258ce61a97e129161f728","first_seen":"2026-01-01T10:59:02.984138Z","last_seen":"2026-01-17T14:34:28.257917Z","times_seen":4,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/u-loading-icon.d63a1961.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:44.003Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/u-loading-icon.d63a1961.js HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/assets/pages-index-index.6267c313.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:44 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nvary: Accept-Encoding\r\netag: \"6938e6df-ec5\"\r\nexpires: Sat, 03 Jan 2026 23:16:52 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 7431\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dPbRfoa8cDAIVl8z1dxgfioxikXKqkoIy29ulV6zDH4fpbg%2B2YBQ15WE3eTtsuNaEb5XUsCRkqM%2FW8E292dZzc9oVgMglNLg\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb92fba85684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3781,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (3780)","md5":"a716324a549c127b972e2d506502ac90","sha1":"4338e32212f8792726c72e0f2c9bed7bec9f256b","sha256":"4ed4a49cd4b3998166b2aaf9b40528e11f8c3b4e05ae4e466fb0524e48aef052","sha512":"8f6400ed6732dbf7949a081ce44768a258a3fd90a2ca341a6172d7eb4544064d287fcfae42ad75cc0505e462cf7c931297b23d6eadc0ecf45f09487ff7647813","ssdeep":"","tlshash":"8971a7687016fdbf1bc709e800440065e2653d89aaa5bef9a7ba40264b3359432aff35","first_seen":"2026-01-01T10:59:02.979442Z","last_seen":"2026-01-17T14:34:28.251715Z","times_seen":4,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/appIcon_m2-a03cf6d6.jpg","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:44.120Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/appIcon_m2-a03cf6d6.jpg HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/pages/index/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:44 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6938e6df-27a8\"\r\nexpires: Sat, 31 Jan 2026 10:58:36 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 181327\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mbhVuIX46GD9h%2FW1RCF17jdir1MQSv6EKgZhKQhNWDr3RXIe8jP2Q89PcVCXR4n4tLK7BQMltiDEzB6xng3N%2BG%2BvEKuKm4vk\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb93bbb35684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10152,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3","md5":"8e7624639bb69b5eba5c4d004c311038","sha1":"51314f08f2a17d04f6305d482f2884740580740e","sha256":"a03cf6d60549e88244c0d284d3376159aa923bef496e03d72254cc901a3db5d0","sha512":"2771cf1859718b29ef972f9c8bf7aa1438ad2e2a9f8ebeb18f53044848f9ee5178890b7bf8e50b364a149db40a50f82818f3faafce89a8ec5350e7c68ff5bf95","ssdeep":"192:ViRoj7ofFbvzOzCm1nASfzKXrEZa4QQBAgkdctWTLuFlLHYBfBHZKYzgBLEoLUfd:oyUfpzOzCmdbrKXrEZ/QWDtvrYBfTrz7","tlshash":"8422aea56522b3dd8ad15ab1bad313e001647fc9cc3303bb60da67e4e17d314521a75b","first_seen":"2026-01-01T10:59:02.987301Z","last_seen":"2026-03-14T05:19:40.927053Z","times_seen":5,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/bangladesh-0b273dc7.png","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:44.178Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/bangladesh-0b273dc7.png HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/pages/index/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:44 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6938e6df-3178\"\r\nexpires: Sat, 31 Jan 2026 10:58:36 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 181327\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JZAOCISqyvqWR0VeNVqdAMpLNwI0a7z%2BQ6wTgBxOOSp8yLU685PgcEwgtZxpKUprTi3TtpG79dqXzyyRpNgITnPzsExCNSyX\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb941bc75684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12664,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 8-bit/color RGB, non-interlaced","md5":"153b8c19ded4da053d6c18e1ef6f0ac6","sha1":"e5d16196899de5ff66274565a3b53437986be13d","sha256":"0b273dc7955a53b1d76e10bb503efd9839604650c8360988f8ddaf0e61053811","sha512":"d92b44487c108af9186145ff4f89177f47e30b8a2743d98ae622e398607c974f7dbe8ffb42110fa2e8ceac075a5342470f8dc933afeec1db80f61040cef05234","ssdeep":"192:pVGAuA5/sqLHaY4Fbeo+XxK3EkFjVGzpEZ3OdwWT4ND7LLkmRk0l4fEVzBpv1y/:pVGTA53WVefhbEAE+djkXkK4f0VpA","tlshash":"f9422bd91b413d08c4f5c2b900b3d6b8f127a64787e8dc73a2dca391d75d620db088ea","first_seen":"2025-09-07T02:54:04.96216Z","last_seen":"2026-04-04T10:40:53.35027Z","times_seen":32,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/index-f60204ba.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:42.255Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/index-f60204ba.js HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/pages/login/register?promo_code=6B4AB323\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:42 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nvary: Accept-Encoding\r\netag: \"6938e6df-a6b3c\"\r\nexpires: Sat, 03 Jan 2026 23:16:51 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 7430\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wGj%2FNjrk%2FBQLKy4YxGsvoHQ3anBAnGZ9UfyLEW%2Bi878wvbnHn%2F0gwwZez2lUAAXRd6i3lKc%2FaLZ7MXOlwyLp7emcxRk57Slz\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb880af15684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":682812,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"f0b3579cb9b48415311a217e041fe380","sha1":"5180ca04809d9bfdea2b31f5cf0344146a6efc9a","sha256":"d1607686cbcf7544c49c05427bf8d32678daef1df1f829f5a08ef1ea53a2152b","sha512":"92b8c0ee3fb4eebfd6af2ed15e43c7f550018400c814fc4311ffad89bed43a7ff04e2898ee29f51930162684a0670e899aa9b55838d94aea980095fa4054a619","ssdeep":"12288:WSvA37oRyvN2Bya7nLSep/myq1G+5sozw92KCe9ByWV6KqC21UHAj2gVIXK3EI3:WSvA37oRyvN2Bya7nLSep/myq1G+5so3","tlshash":"ebe47d89325dfc310be119c2202f3731a2751e51f58bc1c8ec6da95835aee7916abb7c","first_seen":"2026-01-01T10:59:03.025495Z","last_seen":"2026-01-17T14:34:28.295341Z","times_seen":4,"resource_available":true,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/eye-close.8122306d.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:43.202Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/eye-close.8122306d.js HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/assets/pages-login-register.a70fe4f6.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:43 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Sun, 04 Jan 2026 01:20:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\nage: 0\r\ncf-cache-status: HIT\r\netag: W/\"6938e6df-5d\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nuE5d2ibsoP9ZKffoMisg71Pwi%2BYkRBSKDXx9iFzaaO4wZnZF94tTC6PhE3PjfeW5mnH5fFf3PC1vW2C7XoWhouAywVy%2F3Yn\"}]}\r\npriority: u=3,i=?0\r\ncf-ray: 9b82cb8dfb3e5684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":93,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"6c62c23c5a84b5d602148b6217101948","sha1":"083a89841695fb4a9f81181a4a3507d8c3384eb6","sha256":"4d2727b2c3223e027db2b0839982508ca9a6b3e2dacc60f1169b6f1c51b186db","sha512":"26924dc7c3af77831913cd044fbf59c43af7f0864ac469e74811613e9e23b14a980a38373ce2ed65bcea14721e7e6390a90ae244af7c96ef6e345fd003741614","ssdeep":"","tlshash":"3eb0121044804be00064344077c6c5f121a40102b024c1aeb530cc46b0314908037c30","first_seen":"2026-01-03T13:21:09.382133Z","last_seen":"2026-01-03T13:21:09.382133Z","times_seen":1,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/m_1-716ea88e.png","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:44.138Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/m_1-716ea88e.png HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/pages/index/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:44 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6938e6df-7dae\"\r\nexpires: Sat, 31 Jan 2026 10:58:36 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 181327\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7YugN2%2FXnqz1l%2BN4OnoJeQNfkUVQKMRdGS2TFp%2Ff80uIHtnTBmKAIPsTuWa2pmJU8Vz4QtSpjwZtvAUJd3EGkMKf%2B%2BlExR5Y\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb93dbbd5684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":32174,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"055a91979264664a1ee12b9453610d82","sha1":"4d1244c8cd23f93c1a9d40fe9c4df8756afecddf","sha256":"716ea88eb85f9c744b788b285a58504a9d99f818f45bf9fabc837d3f918e8c7d","sha512":"0e44a505cf0842f58262d95c3c3f7e8dc730343bed68cb41a6c9f215899c6afd9965dc713922fedf5805483ebbb3efc08f842028fe6dd5c2c11127dedd4a6608","ssdeep":"768:pCREXfDwobhrB7OUNLcU1R5m5D/wc/YTGJRTNjRF:pSG9bhrBiC1RJGLNT","tlshash":"6de2f243b6cea8fb613e83245713665490393d734740970afb9e81eb1ea9fe007d5ad0","first_seen":"2023-07-20T13:56:19Z","last_seen":"2026-04-05T00:43:06.16128Z","times_seen":221,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.darino.vip/h5/taskUser/configList?type=2\u0026fixedKey=4","fqdn":"api.darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:46.602Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"OPTIONS /h5/taskUser/configList?type=2\u0026fixedKey=4 HTTP/1.1\r\nHost: api.darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: h5-platform,x-token\r\nReferer: https://darino.vip/\r\nOrigin: https://darino.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 204 No Content\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:46 GMT\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token, Authorization, Token, x-token, H5-Platform\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE, PATCH, PUT\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YLRcFZ6v0Xuz2EuUFzmhJ9W8gnh5hiV%2FcMQ6QCo8DKbdz%2FdAslyyYb4hbKf%2Bnaj%2Bbix9i4hWUfNf5rz%2FxIuWQD4VcbnnfpRgFTdOXQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cba34ca75684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T01:47:03.978699Z","times_seen":13354468,"resource_available":true,"data":null}},"time_used":204,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":203,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"api.darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/u-icon-62195a98.css","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:43.363Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/u-icon-62195a98.css HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/pages/index/index\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:43 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nvary: Accept-Encoding\r\netag: \"6938e6df-6bb\"\r\nexpires: Sat, 03 Jan 2026 23:16:52 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 7430\r\npriority: u=2,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AtPBjYufw2wnNJ%2F2fjArXANxD8b3aSS0m70KuzkNRxne1JXl8ewHDlCOlW7Ppq8AV0FCR4YCeoi1WLO4ba54vHU6Vsofj6I%2B\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb8efb735684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1723,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1722)","md5":"bd89801ac88b3ee8a3cf2fdf177cecc0","sha1":"de45be6614510026b35b12cf06ab7bb092d6f9e6","sha256":"62195a987484416dfdba202c4a52b10e3d1113ec2c4578199f8b1959ce3239d5","sha512":"c85e1e5682e34bef331df407c5b9d2a6bef02823379718eac5c740ee9629226d2affb135f6edb33000967bb80213974f6a217a44c0e3f7a268dbede9e3e92856","ssdeep":"","tlshash":"4c3107293d9877834633e85f22e9a93ce354b2038a6dc644835857284eeb1c32b77f94","first_seen":"2025-09-07T02:54:04.907406Z","last_seen":"2026-04-04T10:40:53.35622Z","times_seen":37,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/indexContent-011cdb47.css","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:43.404Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/indexContent-011cdb47.css HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/pages/index/index\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:43 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nvary: Accept-Encoding\r\netag: \"6938e6df-8f41\"\r\nexpires: Sat, 03 Jan 2026 23:16:52 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 7430\r\npriority: u=2,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6soRIapCzTXmJKsVX8%2B26okXUQQLjXtGUQFsinTXH7Zn3zGpVK%2FuSD25AUY%2B7SkmiugNF8wAsb%2FffW42giIPTPytgy%2BklOUN\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb8f2b7a5684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":36673,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (36672)","md5":"78bf6ab0bba6b89f41611f50af03e553","sha1":"8d1280a228ad469a3e0ed47a52fa4ec46e28e2c8","sha256":"011cdb47dd7dd3a5445a1b8de7f79d0211664a6cfdadbf59525496dac2ef6f06","sha512":"4ff93dc3392f1b75fd49094a80651048da8818e60b38f66ecc37be340e3b50048e61cf20e52eadde1ef7fdbb86a425eb02e75eaa76128f4fdfdba4535254fbc1","ssdeep":"384:g2pUkm6U+N9VZxnuZs13BscXP5NynfNBVhoUwZeotqbGrT:gkxUepnBtP5Na1BFAjtqbGrT","tlshash":"f6f2307d350d3515a53fd1eb69e01ece0478b76b920b429c9993a178cf972833ab1bc8","first_seen":"2026-01-01T10:59:02.991275Z","last_seen":"2026-03-14T05:19:40.942813Z","times_seen":5,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/BottomNav.0ec3491d.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:43.434Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/BottomNav.0ec3491d.js HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://darino.vip/pages/index/index\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:43 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nvary: Accept-Encoding\r\netag: \"6938e6df-719\"\r\nexpires: Sat, 03 Jan 2026 23:16:52 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 7430\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GIBuuhL7V8g7WjD1%2FQbtHtG3S%2BpNoohVG%2BkVxbvek5xVQVTgHDWnfcQQvnIVLqJBThjg4SpALVXiOMLSc1s3PqIHsKb6Tj1Y\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb8f4b825684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1817,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1816)","md5":"7b0f17cfaf9c9828d371c6becee47a22","sha1":"76bce8472f02920c3c807a52c9e1283a30ce04c4","sha256":"c5d6ba5bdf2b6c0441b9aed9af34596c68271843f85db639692ec1f361041238","sha512":"83329dd71e27e2e7c1223409ed9b240a5612ca9062ed74a468c43727d9d14add77d636eb7a91ce6606b874ceb3fcfe2a040d6c157cdc95166e97f84dd4458dd1","ssdeep":"","tlshash":"2b31020d7d7ad931442176ed1c6948e8821e2698d13cbcc8a1f4cd1a13dac98422ef3f","first_seen":"2026-01-01T10:59:02.974134Z","last_seen":"2026-01-17T14:34:28.235162Z","times_seen":4,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/u-popup.efd305fc.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:44.006Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/u-popup.efd305fc.js HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/assets/pages-index-index.6267c313.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:44 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nvary: Accept-Encoding\r\netag: \"6938e6df-1c2e\"\r\nexpires: Sat, 03 Jan 2026 23:16:52 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 7431\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FwD8hkQjvDszL7%2F25yfHPozIMc3TlfBmTnm7vtZ2OmDO5jvZEkuH15IIMN2EasdB%2FqEeeZ6FsZrlBNO%2FL%2FzpSfvGq7nTN746\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb92fbab5684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7214,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (7213)","md5":"abae03e4193832cfd936a841854a7270","sha1":"13defe0d9deab66857731c72f80e09dc5e998208","sha256":"d7952847a129c86ce828a6e664d999a5c0c5ba31c2290737e0a6bc3f2f635208","sha512":"24d50dd17f2bf26969cecabfb8f7b75f998062ad1770bded0cccb3ac1be95d8fe5c1b383fb1f6c0590d79f2e8a833357d7104ede2c8d347dec1deb67170e3396","ssdeep":"192:b/t5laK7ATzdBGv+AuSkDcTfiv6olgNAzzt4vAw:bV5vATzdSTT6tMMpg","tlshash":"e8e18454f406b935099be19541500600923e990cff78abfc7fee51e787ef458725ab38","first_seen":"2026-01-01T10:59:03.000651Z","last_seen":"2026-01-17T14:34:28.245811Z","times_seen":4,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/pages/login/register?promo_code=6B4AB323","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-03T13:20:41.472Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /pages/login/register?promo_code=6B4AB323 HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 13:20:42 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=i4IZsOog8lNEK%2B4MO%2FyQVSzUio5bOe7vSj%2Bh0z6wAejj%2B8i5eTLzByNG%2FKhsIRthDX6HRAOlz%2BfA4nE1i3Cug65%2Bz73d%2Fx0pzvw%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9b82cb837a9949c5-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1134,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"4d27932bc70bde89a8e090b35193114e","sha1":"312b07ad18575b4267c333066dca77d64f433960","sha256":"d73092dd55366f6c48de977901723504c7bae3638085159ec2decb7092129aa3","sha512":"c04ea42efe7ccabadf97ff00a8294351acf0e7d1c14db18e23130b2a617aaee9bd5e0c348d7d4ed826a135832e7d90274bdb271e8dc95807462b1aae946a547d","ssdeep":"","tlshash":"3321428144d59d180330411538b2d42bef73a61b5a88e86138ed55bb1ff5799cc5fca2","first_seen":"2026-01-01T10:59:03.01129Z","last_seen":"2026-01-17T14:34:28.249685Z","times_seen":4,"resource_available":false,"data":null}},"time_used":677,"timings":{"blocked":39,"dns":17,"connect":3,"send":0,"wait":599,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/facebookService.279a2385.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:43.199Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/facebookService.279a2385.js HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/assets/pages-login-register.a70fe4f6.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:43 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Sun, 04 Jan 2026 01:20:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\nage: 0\r\ncf-cache-status: HIT\r\netag: W/\"6938e6df-1ba\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1HKR9l%2Fs0GI167tdNPPqo1M9iet5MhS7EsSZVfG0sdqjgR1WcQ2kHnyirHpfT8Q%2Bn5MqXyYiy02ZuBTgObc03lTC9KlVX8q1\"}]}\r\npriority: u=3,i=?0\r\ncf-ray: 9b82cb8dfb3c5684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":442,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (441)","md5":"ecc235a3d16b50cfc6a4d57a1437de6b","sha1":"0257dc06ce1bcdbe811a8f21484c41004c3a7756","sha256":"49ac46cb09911df81ae8184d7e4c3b5cc7409a36101fc56a102b1b0f8bfeddbe","sha512":"b2ddd317b91e53cabee11f2baaa78cbb8e559df1ff80d00510bae68548acc447e234c337b6756728e31c7d563cfdc3dddf5f8593a1497f5bfcad79fa6ec8bbd3","ssdeep":"","tlshash":"17f055090c9ba4730778a8ecb33bda1520462602258246a4eadb94743871cc7988af8c","first_seen":"2025-09-07T02:54:04.922822Z","last_seen":"2026-02-19T14:53:49.130251Z","times_seen":15,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/u-text-534cb406.css","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:43.374Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/u-text-534cb406.css HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/pages/index/index\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:43 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nvary: Accept-Encoding\r\netag: \"6938e6df-942\"\r\nexpires: Sat, 03 Jan 2026 23:16:52 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 7430\r\npriority: u=2,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=r1cnIuAz1VjDd5JC2%2FakY9a%2ByJzy6aUDdwHDEiHOLsSGanq46slCvZQBquYfx7e%2FIIHep5t5eE%2FajEYrbtAc9%2FEO%2BcaYLJTM\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb8f0b755684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2370,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2369)","md5":"cccf44b1fb43381f8319e60fc06dcfbc","sha1":"be348e3692c70eb903f5774ffde82db96dff8219","sha256":"534cb406772259ce9629aee5a19b5cd2146d105100c995f54f2fe26bf1d2ebd7","sha512":"cc81c8282d47af11ea973b0fd3baf9dfd4e8941b95ec3d22cf8661906d3a26d04946cf564385418dbd07705f33f983f09265cd684febad49a58e060458e967c8","ssdeep":"","tlshash":"f841c67a306c6643fa27f55c948d7b18b0f1b3331199439884dd281dae177433f75a88","first_seen":"2025-09-07T02:54:04.916719Z","last_seen":"2026-04-04T10:40:53.34542Z","times_seen":37,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/BottomNav-f60b439f.css","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:43.395Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/BottomNav-f60b439f.css HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/pages/index/index\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:43 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nvary: Accept-Encoding\r\netag: \"6938e6df-60e\"\r\nexpires: Sat, 03 Jan 2026 23:16:52 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 7430\r\npriority: u=2,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MED6KssdAzEpypgzBoGPcCA%2FZFc7QpGoXrRsDuwsjwVZOlVzNzwd9mPuJe37OsRkQwYFmrZwASEZ0Xx7mOMC6diGQyE2YzEh\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb8f2b795684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1550,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1549)","md5":"47f7e49946d814c44fa825f7e21a920c","sha1":"1203ec51e658364001b33d191527d0f289a42dab","sha256":"f60b439ff778ec1ef738f33e4cc99419cd6eb1c62f2bec4bc15da37f99958fb3","sha512":"36aa5e6a2c864ce3d056bb94711810783648a5ac1ffdb16f7647079c9baaa6bca7733e3142fc1fac7c587dac022cb5033991de9a3a96a76131075335d093cfd1","ssdeep":"","tlshash":"de3123992689310f85a3f16559e9c54dc03a9e12f22b35cca287011249fb5c72e72fdc","first_seen":"2026-01-01T10:59:02.997376Z","last_seen":"2026-03-14T05:19:40.904588Z","times_seen":5,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/u-status-bar.5328c266.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:44.007Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/u-status-bar.5328c266.js HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/assets/pages-index-index.6267c313.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:44 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Sat, 03 Jan 2026 23:16:52 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\nage: 7431\r\ncf-cache-status: HIT\r\netag: W/\"6938e6df-2be\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6ZIUN7wxItIoU0g8p7A2iWitPg%2F5Iyp8goT5NIhvADSp1YwKGAh4YWWgqJ%2BQ%2FjB4aKT8X5tz0%2BO4MbQZSXTeBOG5UvBzyUlZ\"}]}\r\npriority: u=3,i=?0\r\ncf-ray: 9b82cb930bac5684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":702,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (701)","md5":"7a7987beef69bda056af626987fd1d52","sha1":"c96dc3a668e3edff0e77ebbb7f8e54998977e9d5","sha256":"77595da98ea182b322703179c821220616192c7eb6d6cbd830c0403c31bda674","sha512":"fac8af3f884bbffdc346220e87d241a40dea914147e7ed0f8d5a0809feb13f4c488d6376bf1f4ba01c12d0e22b5a15cb45974101f7306cd4d1b9e31d7e54ec8d","ssdeep":"","tlshash":"9f012d4df402d1b0ad478ccea4120220872b2d2c47bde9e146fba5b6d3104adf21fb21","first_seen":"2026-01-01T10:59:02.989356Z","last_seen":"2026-01-17T14:34:28.234498Z","times_seen":4,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/pages-login-register.a70fe4f6.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:43.119Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/pages-login-register.a70fe4f6.js HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/assets/index-f60204ba.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:43 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Sun, 04 Jan 2026 01:20:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\nage: 0\r\ncf-cache-status: HIT\r\netag: W/\"6938e6df-14c\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jytxOcNHe5AqLQG%2F8PEdHf8F714Ur4c7ce3BD3rvbYCYVoHxacuc7dvxl5Vdw7Cd4IAngyupFSA2r%2FpIoolPV8o0ys%2FdnFHb\"}]}\r\npriority: u=3,i=?0\r\ncf-ray: 9b82cb8d7b215684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":332,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (331)","md5":"20d55702da48d79ab95a4480400fc321","sha1":"a6f8318b6c0ca472bcceee436e83d9defbd26c6d","sha256":"fac2bb038123b321941ef6e69dd4a8f340554ee653e4997071d85c63b3ceb81c","sha512":"80fc69d4b3e4e6cac45de660b95b3e92c6596f7a6aff79c5944dc3a70799cbb27fb9215f3343495058415d0134fb5b8d18e9fb58473f83b4f80d88e5668ab996","ssdeep":"","tlshash":"4de0720bcc01a5f388a488e8ea0bc0b00237802623c1e7e4f7de47300a806aae84ac03","first_seen":"2026-01-03T13:21:09.415346Z","last_seen":"2026-01-03T13:21:09.415346Z","times_seen":1,"resource_available":true,"data":null}},"time_used":62,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":62,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/eye-close-7f914edf.png","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:43.287Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/eye-close-7f914edf.png HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/pages/login/register?promo_code=6B4AB323\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6938e6df-3002\"\r\nexpires: Sat, 31 Jan 2026 21:15:20 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 144322\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FZW58z1gnQlJ0JbsuWtrYS6gbGMR%2Fx5FUxgdSM3WFZfPvNZvOedXYtLHn1bMCsbHkRof9gUZqp40jL9zObseYDRke1qC77Wk\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb8e8b425684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12290,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"39738cc3f3c6d5da18d4f9f1bec27ed5","sha1":"ec6bb5d361b0508e16ee0c6ed08a7615182f8043","sha256":"7f914edf9287d411e7b317aa3f08edf9eaef12199ff09191349865cdbb7b6f05","sha512":"0f1bc238f0c1d982f2a6bf84c7c3ca9c364c965e1450e253e095b58d9642a64b1c7a22f429742410a38aa8371388c5be2f11044bc98caedca459d4d197166c48","ssdeep":"192:DxToMspupN62hccZgsXTnA4PU9+JMUkQnnfhHVVoebzIa5v6v1nXmmfr:WHE02hcc7I9+JMEnfnVZIFv12mfr","tlshash":"8642c01d8a9ff685640c729c99311edfa1eb0a37d4527ec20304a2fad5b46ed195bcf0","first_seen":"2025-07-16T23:33:40.264258Z","last_seen":"2026-01-03T13:21:09.419808Z","times_seen":3,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.darino.vip/h5/taskBase/channel","fqdn":"api.darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:43.309Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"OPTIONS /h5/taskBase/channel HTTP/1.1\r\nHost: api.darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: h5-platform,x-token\r\nReferer: https://darino.vip/\r\nOrigin: https://darino.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sat, 03 Jan 2026 13:20:43 GMT\r\nserver: cloudflare\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token, Authorization, Token, x-token, H5-Platform\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE, PATCH, PUT\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PFu7WFv0733tHU%2BW%2FShiX6cn%2BKlOtyax4N7HectRYm0Ywcxuc%2BrDB7WXqGAyko9k3YuoIHakXTxuQSgnv7KQ6ccZaMOR%2Br5o0%2BVtRCbo\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb8eac680daa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T01:47:03.978699Z","times_seen":13354468,"resource_available":true,"data":null}},"time_used":607,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":606,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"api.darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/h_1-4f370205.png","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:44.132Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/h_1-4f370205.png HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/pages/index/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:44 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6938e6df-279d\"\r\nexpires: Sat, 31 Jan 2026 10:58:36 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 181327\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oY0ESjFc%2BJJQZP%2B9oZck5HF4fANzK7ZK1mT7gtMN58zEO03e8%2FYnm1cIWb6JcwBd3EHLL6zNKZzs2K683KSozoZCuRl6SrqB\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb93cbb55684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10141,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"b2d3c123335c5182ff2f059166adef17","sha1":"251ece0aab5a95ef1ea39499ae14ab320881b727","sha256":"4f37020547cc21d224f7d73047e5bf0afac40e68d99ef8afd1094f9ad8faff03","sha512":"a2f43d6c03666ae54943db66ce627c7fe4def5426276227b73fb5decc973a7105d25b47766081047938f33857a341cacbd4a9a68862216fa0571bc37a0c7459b","ssdeep":"192:7wbLZviQY2vyhFBz+QcCWDxNI2Bep8dJQ3CQmIJStfTpxoN3cufu:7kFvfe+xCWY2ad3mXtqtu","tlshash":"8e225bd7fc2b4feebc0c06a3910f159d72259157a767228cbeb3d78e52148b4221b627","first_seen":"2023-09-26T00:36:07Z","last_seen":"2026-03-15T03:05:10.574624Z","times_seen":14,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.darino.vip/h5/taskUser/configList?type=1\u0026fixedKey=2","fqdn":"api.darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:45.547Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /h5/taskUser/configList?type=1\u0026fixedKey=2 HTTP/1.1\r\nHost: api.darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nx-token: \r\nh5-platform: darino.vip\r\nOrigin: https://darino.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:45 GMT\r\ncontent-type: application/json; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Zhv4LB8r8eDF%2Btua%2Bbz8UG%2FFnoz6pSMdxkYcfHHsw8xOS4bVDSbsFQQn3nT3MzHnbVMhnFmD4EG8DsExE8xm3XQ67cLFk56pnAehGQ%3D%3D\"}]}\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token, Authorization, Token, x-token, H5-Platform\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE, PATCH, PUT\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9b82cb9cac715684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":347,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"82212e4b86e0faba629481209f65cfe9","sha1":"427c795a1d191561893b77fd10428c9b3b812e68","sha256":"1168e3fb9c116ff50ba30ea90256abf7c1fa32b1d5baaf090561cb001f25fc8d","sha512":"539bc51cfd5d88eb5302f437b7273709fd449bebba88f6add2c8044e2c848bd890bae1cf92e4b5c956f0ed4122eb12442094f84c4e12b2c923e18d730b4aa9ed","ssdeep":"","tlshash":"bae0c038bf3cb1180620714f81c23306f0898296c880d581ff9f94540a48012a2dfb63","first_seen":"2025-10-06T08:49:52.867638Z","last_seen":"2026-04-04T10:40:53.319216Z","times_seen":16,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":207,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"api.darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.darino.vip/h5/taskUser/getWithdrawalChannel","fqdn":"api.darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:45.763Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"OPTIONS /h5/taskUser/getWithdrawalChannel HTTP/1.1\r\nHost: api.darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: h5-platform,x-token\r\nReferer: https://darino.vip/\r\nOrigin: https://darino.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 204 No Content\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:45 GMT\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token, Authorization, Token, x-token, H5-Platform\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE, PATCH, PUT\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=R7c9BhjSRUTSZ0kf%2FOqMBDopDMLmzzT0ZD9GZqA8AbsTLY8DLONj5ynAYaOMYJak4LSL%2BsG%2Bsvc%2B5gukAVgSMPbtwnzUy5nlRWqCbw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb9e0c7a5684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T01:47:03.978699Z","times_seen":13354468,"resource_available":true,"data":null}},"time_used":204,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":204,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"api.darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.darino.vip/h5/taskUser/getWithdrawalChannel","fqdn":"api.darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:45.969Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /h5/taskUser/getWithdrawalChannel HTTP/1.1\r\nHost: api.darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nx-token: \r\nh5-platform: darino.vip\r\nOrigin: https://darino.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:46 GMT\r\ncontent-type: application/json; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=d8ZF0iaeO0wk%2F96XYgJe7gdhWZKa1734yKMnvqZ%2FM6p1PpEaq2KdorCA6rRNevVxwRcuSCl%2FhZI7FBhjTG6qV01BseU3Jq4aj7eDNQ%3D%3D\"}]}\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token, Authorization, Token, x-token, H5-Platform\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE, PATCH, PUT\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9b82cb9f4c845684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":401,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"93801ffee067928b66cf180d1c13514a","sha1":"e2c686d2c954ea47c892f8ed1c8dfab1b8b27e60","sha256":"5f996d459cb0e7ec4a9292dc3da185c09cac82861e144fede4fe8dabe9fb5ddc","sha512":"3d618e2c8c46182dc729ebe23d41c83d71725e5312077e9399edf315d45db79d0161d954a45ed60ea3d483715e33dc62cc2b42d735fca68fb9a067fd7fdc500a","ssdeep":"","tlshash":"6ee0923e2b3cec6deb7ea64212c7358910aca3948ec14c4c89848a5c83d16d85a50373","first_seen":"2025-10-06T08:49:52.880795Z","last_seen":"2026-04-04T10:40:53.339304Z","times_seen":16,"resource_available":false,"data":null}},"time_used":206,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":205,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"api.darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/index-d13ed78c.css","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:42.257Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/index-d13ed78c.css HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/pages/login/register?promo_code=6B4AB323\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:42 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nvary: Accept-Encoding\r\netag: \"6938e6df-12753\"\r\nexpires: Sat, 03 Jan 2026 23:16:51 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 7430\r\npriority: u=2,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WCFEU%2BYBoBh3Garnqd0DqbhHOhC%2B%2BD0yGR6mdAFRk3YO%2BkqcAsCyG1szgBWF6bzwNH30TMeeCKRTYKuAKX9bmYUFwSuMnlLs\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb880af25684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":75603,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"2d23ab5feb0736e78b2681524ab0bae8","sha1":"d1641e057ab3a77ea7f286b8d01ebad78a34e8a8","sha256":"d13ed78c59828a3e2feda21a66902bbf6af701509e5d7dae839f81ed0e2f9e3b","sha512":"216be3cf41b52ea970760f7fe91c89ab2faf6734bef9eeb49de025039ae0d9d90277c2cf4f75a00ce4804e4f43ccee71c44e959afd1033dc95a598314890ddc9","ssdeep":"384:OeDzFzaSxLwMtVyBdr7kfzvZKLeeduEmrQaijio+V++NWdRSPDVh0I7S:hDpOSxLwMtqdr7kjnlEmrQIuSb0I7S","tlshash":"c47339877ad5695dc98bae85c1aabefcfef71814a30294d7d41337be8e017c2162105c","first_seen":"2026-01-01T10:59:02.983092Z","last_seen":"2026-03-14T05:19:40.895139Z","times_seen":5,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/pages-login-register.a70fe4f6.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:42.560Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/pages-login-register.a70fe4f6.js HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://darino.vip/pages/login/register?promo_code=6B4AB323\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:43 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Sun, 04 Jan 2026 01:20:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"6938e6df-14c\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qPCLDoomyKDndpPBZpVCyOUdiCabpaRHwyLN5zWfgsEE2FZwzvC2S1aWk%2FbPOIYLZS6FYRQw%2BKtE4GS4%2Fs9XaOn37IsEXRLF\"}]}\r\npriority: u=4,i=?0\r\ncf-ray: 9b82cb89eb005684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":332,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (331)","md5":"20d55702da48d79ab95a4480400fc321","sha1":"a6f8318b6c0ca472bcceee436e83d9defbd26c6d","sha256":"fac2bb038123b321941ef6e69dd4a8f340554ee653e4997071d85c63b3ceb81c","sha512":"80fc69d4b3e4e6cac45de660b95b3e92c6596f7a6aff79c5944dc3a70799cbb27fb9215f3343495058415d0134fb5b8d18e9fb58473f83b4f80d88e5668ab996","ssdeep":"","tlshash":"4de0720bcc01a5f388a488e8ea0bc0b00237802623c1e7e4f7de47300a806aae84ac03","first_seen":"2026-01-03T13:21:09.415346Z","last_seen":"2026-01-03T13:21:09.415346Z","times_seen":1,"resource_available":true,"data":null}},"time_used":632,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":632,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/g/d39f91d70ce1/api.js","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:42.364Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Dec 2025 19:12:58 GMT","end":"Sat, 21 Mar 2026 20:12:54 GMT"},"fingerprint":{"sha1":"DA:45:58:DD:B7:34:05:65:E2:26:69:9C:69:2A:91:C3:DB:C6:80:5E","sha256":"BE:E0:7F:BA:DB:DB:66:EA:EC:1A:A8:D1:E5:7F:8C:DE:5B:EF:55:8F:52:90:0D:D5:42:CE:5D:A6:B4:21:39:FB"}}},"request":{"raw":"GET /turnstile/v0/g/d39f91d70ce1/api.js HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://darino.vip/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _cfuvid=Lps9hE9LC.6Ol6XrzZtS5FJknTj7TxSvzcqW1tPFxaA-1767446442293-0.0.1.1-604800000\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 03 Jan 2026 13:20:42 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncontent-encoding: br\r\nlast-modified: Fri, 12 Dec 2025 11:56:37 GMT\r\ncache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 9b82cb88ccfeb51e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":50001,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (50000)","md5":"dd141df1db41d439d7706c298a369a4c","sha1":"a80c5f6a6fec4acbc3d6d81b9865287b0dd705ea","sha256":"46a2126ccb16841040f55934627c444b0eb965e51f2a7ea90e24e504a56eb56c","sha512":"d2587c387339467aad182f239d9609aa3ec097709e4bef2547cfa5bd2a662bb469bd3cedba19a062021f35b7fd8b6a22d28e9325912e70c491b77ae8ca70a539","ssdeep":"768:2ZCnhL0z2vMpjLUU6mLU10SLgC2GdJj2sg0D5THPN5HKpXEAsG91C+8APDfhv6Yg:2wQ2UpjLUU6mLB22uJd1HAsse","tlshash":"50232a583166397227d980e4617b63437329753ae94ccc50e823d936277cecad237bba","first_seen":"2025-12-16T18:08:49.681876Z","last_seen":"2026-03-22T10:55:38.115758Z","times_seen":22970,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/login.67c6bbf9.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:42.565Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/login.67c6bbf9.js HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://darino.vip/pages/login/register?promo_code=6B4AB323\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:43 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Sun, 04 Jan 2026 01:20:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"6938e6df-138\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fdAEkPz%2Fj13BpTaKipsiqXnfYtLNpAZDmoFwpPHl1ZwFfZ21%2BIW6q%2F6Gh2oGh4vrm%2FdJqgFvsXJ%2FjBBqgBNnyzLKMTD0vPM7\"}]}\r\npriority: u=4,i=?0\r\ncf-ray: 9b82cb89eb035684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":312,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (311)","md5":"3f56cfafb7b5e5cf8ac6f122fae10bfb","sha1":"e6a520405bef719edb96e3b4735f963661cb556c","sha256":"045a5b371e52a77c5fb71a74b6f0e01547fb77f6e740bff358d0b4aaa96ed32d","sha512":"b12f91d5ccac22568ffeec165786b2988831ade611d4e85c97ebee16f7a1c7dd087b0e2d72f6b0d34e9bff97fcbc4962a06892ffc4b01535dbad4fbc3f9fb2eb","ssdeep":"","tlshash":"eae0865d98294ab503b355cc1080308a4e3327f85ab871a40e083571c7b298383efa25","first_seen":"2026-01-03T13:21:09.348297Z","last_seen":"2026-01-03T13:21:09.348297Z","times_seen":1,"resource_available":true,"data":null}},"time_used":604,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":604,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/eye-close.8122306d.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:42.567Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/eye-close.8122306d.js HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://darino.vip/pages/login/register?promo_code=6B4AB323\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:43 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Sun, 04 Jan 2026 01:20:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"6938e6df-5d\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=o6Pe0qUbvT0bJAoX3P8Q1FQw6JXaaEI9%2B0dcgLeIJZMmApuCWDqwyw4Pmr0qFvTHPWlgDZ0yBkiHhar1tZ0VXFjcReqcQ3g%2B\"}]}\r\npriority: u=4,i=?0\r\ncf-ray: 9b82cb89fb045684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":93,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"6c62c23c5a84b5d602148b6217101948","sha1":"083a89841695fb4a9f81181a4a3507d8c3384eb6","sha256":"4d2727b2c3223e027db2b0839982508ca9a6b3e2dacc60f1169b6f1c51b186db","sha512":"26924dc7c3af77831913cd044fbf59c43af7f0864ac469e74811613e9e23b14a980a38373ce2ed65bcea14721e7e6390a90ae244af7c96ef6e345fd003741614","ssdeep":"","tlshash":"3eb0121044804be00064344077c6c5f121a40102b024c1aeb530cc46b0314908037c30","first_seen":"2026-01-03T13:21:09.382133Z","last_seen":"2026-01-03T13:21:09.382133Z","times_seen":1,"resource_available":true,"data":null}},"time_used":583,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":572,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/pages-index-indexContent.39164349.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:44.002Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/pages-index-indexContent.39164349.js HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/assets/pages-index-index.6267c313.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:44 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nvary: Accept-Encoding\r\netag: \"6938e6df-f26c\"\r\nexpires: Sat, 03 Jan 2026 23:16:52 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 7431\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oySCydEEoL9wr3dkaOcP1XI9tEUdz%2FLcsCn09enJik%2B%2B0v4kA2E8fydHoOtV6z%2FWCEeIeh7Hm6Nz8TbeSK5w1j1zV3g3rfbL\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb92fba75684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":62060,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (61678)","md5":"a9fd24231635ae37e160156297b97d9f","sha1":"8bf4c9021b2c6c2fdb2342b2a1f7b641bcf7694b","sha256":"e06ca42449df187fc210d4069cdb5d179368fc2673905ac9e3ea4e53bfb65ea5","sha512":"11d3eb3757d6d9802055d31dfa8534f3a152941d453c8f7d9cbb71d010251d4ab8896529477e562645ba3c22c392160ae92d62e1264a0e479f18b504aeaf5964","ssdeep":"768:L7hWYUXVzmPejDIHCZhWtsa5zDkkmCgRizANC8n9IJPxjH41F/SJVuJHdGmQ2mtv:LUBmobyAZeJPdqwM2OcWw00UaB","tlshash":"2253d56876dca33a5987526860e8854031773dced6107c69a2f8983e63f7c9477ac33e","first_seen":"2026-01-01T10:59:02.975253Z","last_seen":"2026-01-17T14:34:28.246627Z","times_seen":4,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/pakistan-8a3672f2.png","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:44.179Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/pakistan-8a3672f2.png HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/pages/index/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:44 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6938e6df-41b0\"\r\nexpires: Sat, 31 Jan 2026 10:58:36 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 181327\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4xc%2FIcU33sIWVC7Zf4sLGskLR0%2BjmD482Y4Znqgwqsw2PPuP8ev2Jzb%2Fgc0OhTvqLyAJnn5MOhr45pw6oDM78phLCsI9CXIE\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb941bc85684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16816,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1280 x 853, 8-bit/color RGBA, non-interlaced","md5":"ce1b82b64d878ab569c98193ad1637e0","sha1":"74d30bb14502c2b36e2011fe37b0c7cdda43dd49","sha256":"8a3672f29b2344002c4b947a997067f8d109006f9209dbe853d950175e0ac5cb","sha512":"be299f4695974e7c8a9f2533c217d5abf61b2145de76f2f7f878bf005d98662445eb795a7b6d61e88b72ee3841ec8d823b18713f10874c654f72317306c22a36","ssdeep":"384:hbWJzmHkxRcF68Wagrdp7Jweahy+VkGO+TaZWx:hbcmHkxvxagrRweAq+mZw","tlshash":"e772b46fdc8391dbf55782f2a3dbcb28bb21647980975355d8e48c024eb17b8fd681a0","first_seen":"2025-09-07T02:54:04.965575Z","last_seen":"2026-04-04T10:40:53.301978Z","times_seen":32,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.darino.vip/h5/taskBase/getHomeAnnouncement?type=3","fqdn":"api.darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:44.844Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /h5/taskBase/getHomeAnnouncement?type=3 HTTP/1.1\r\nHost: api.darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nx-token: \r\nh5-platform: darino.vip\r\nOrigin: https://darino.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:45 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token, Authorization, Token, x-token, H5-Platform\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE, PATCH, PUT\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=R0wjyCJbTXuY1ySEzejDdcd4J%2BklxCVE3IaVVsmG%2Fh6Et5aJTnkx9pNvl1dx0UwhR0f4VXG1E3poOvuSENUH1Swz%2B9iwA1EnqCYXdg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb984c465684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1474,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"df31f0d31cd1f8ada8d0d74a6e02a3b6","sha1":"03d3b6162675ad6e793fc464e534b80e371ed01c","sha256":"0ff0289a4e48362a956ff81b2f259575117311a5546b5efa577f17ac9b7277ca","sha512":"5450361daa2a8a55a7cbadaadb0e2755c9b097ad4b07ce4be34f7cc68a832b7ad91cd6893da99b9d9f16e84595c58c790fc1567f74382789aed5c0d810f6fa73","ssdeep":"","tlshash":"b1317d1084fd44b224d79cd0cf36a33da5816d57875be66acf370226e54cd7c0a6e764","first_seen":"2026-01-01T10:59:02.980323Z","last_seen":"2026-01-03T13:21:09.439453Z","times_seen":3,"resource_available":false,"data":null}},"time_used":465,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":465,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"api.darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/pages-login-registerContent.d67802ee.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:42.561Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/pages-login-registerContent.d67802ee.js HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://darino.vip/pages/login/register?promo_code=6B4AB323\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:43 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6938e6df-1f86\"\r\nexpires: Sun, 04 Jan 2026 01:20:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Pw7sFH9GqX3lKE7vEDwgOl%2FR0jEW3PV4FhPXe9uRlsZK8oZxiWvCrbvWevfA5LpYbntBy%2Bk%2BeIujP1NCxFXEyyuojTpB1ans\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb89eb015684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8070,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (8069)","md5":"bf355a1c4bed58b791fd1b978ed6dde3","sha1":"abbaa86caa18af5e80f16511f668308c1c427bad","sha256":"c1392ba97a5d5f98c8604ed7bd183c0b052d0071ec1c38926dcad6c70ebb45e8","sha512":"be4835975b5683bb2c8aabd96f3b00268a4169ecdcdb117b11e53bdb8103a97aa01a881159b11a150fb74e56d6ca66f91452b9cf7d0940d046ec5b9ff059758f","ssdeep":"192:485wBEfflBCLmH2/EgH6Q6e7JgHRFIJvJDkx99heCwGwew7k+6vpbQFhGBmxGRcD:4BBYe1beFWvJDkuv6k3","tlshash":"cbf1410db67cdf375f83a76ca8a6406131366dbec0013449a3f80b6d057bfa6819476a","first_seen":"2026-01-03T13:21:09.351807Z","last_seen":"2026-01-03T13:21:09.351807Z","times_seen":1,"resource_available":true,"data":null}},"time_used":686,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":686,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/scan_1-26940892.png","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:44.135Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/scan_1-26940892.png HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/pages/index/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:44 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6938e6df-5ec1\"\r\nexpires: Sat, 31 Jan 2026 10:58:36 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 181327\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XHAL7Of8DopxsaC13ucdaamBUyQ1H4NimWi40RRJhOL7Bm6Dr1jgrLcKrH3zXMpzaR0UlmrL%2Fw99yfj3cTOiLTymUYls5RXR\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb93cbb75684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":24257,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"ee61de57f322a8da7f2e8ed31e4ff9da","sha1":"77553f0ec8592a811c95f4ecf7973008869cc1ca","sha256":"2694089213f71c55b309ba7fb4da9fa20311a6e5908c291a9d088c014461f2a9","sha512":"c1649942c7be882d8353d86ba4c3f7724dbe2aab6192466a0d31be868ec8400ec3b08031e4bebe75b944eb92dc2e453fcc3f5786b5f1c3f953ecdd59233f1886","ssdeep":"384:rQlZ23FM8G4+h0VwW9Ycs7fxJrY3N9Kc32wA1QOUcH/fMGp8bOGh1/Add4x4RALc:8ln8G4YsbH2fo3N9Yw50rp8bOe1/1Ctd","tlshash":"40b2e14495be9782ed5e7c037bde529874501ccaa86fc89506d74b3ae42e00f9777c23","first_seen":"2026-01-01T10:59:03.004548Z","last_seen":"2026-03-14T05:19:40.887876Z","times_seen":5,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.darino.vip/h5/taskBase/banner","fqdn":"api.darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:44.659Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /h5/taskBase/banner HTTP/1.1\r\nHost: api.darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nx-token: \r\nh5-platform: darino.vip\r\nOrigin: https://darino.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:45 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token, Authorization, Token, x-token, H5-Platform\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE, PATCH, PUT\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DenUSe6L3a67wSTYTTDC5DNE9xNr4qoENVRc0A0lxejjoSmvJrls94CdcVC4Ug9jJzH58nlpd3dn4BXRFcxfulS8BSRP1Vy%2BeURTSQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb971c345684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1337,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"50de7862c2cf7a94c040b8fbfa25b55e","sha1":"03140f27b5a54c773d380bdaac0bdb47cbc596a6","sha256":"a558544fb3474acf9dc6f6a92a9aca2b6e1879e8a0024477c9f53a5ff543162a","sha512":"4156f4b113e8ae1fc77f72e03cd1b698d8f3a0d867897d77430dbde1d752da46607e2df394254513fd018d1f5d057e03cb9f3ad9fa68a5d1b9d12e841fd6531a","ssdeep":"","tlshash":"70214c2d0e68646b16f41087a8d73742b1ec452bd8c1cda8ffeeed1844d569b0a6ff24","first_seen":"2026-01-01T10:59:03.002158Z","last_seen":"2026-03-14T05:19:40.940342Z","times_seen":5,"resource_available":false,"data":null}},"time_used":651,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":651,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"api.darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/api.js","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:42.258Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Dec 2025 19:12:58 GMT","end":"Sat, 21 Mar 2026 20:12:54 GMT"},"fingerprint":{"sha1":"DA:45:58:DD:B7:34:05:65:E2:26:69:9C:69:2A:91:C3:DB:C6:80:5E","sha256":"BE:E0:7F:BA:DB:DB:66:EA:EC:1A:A8:D1:E5:7F:8C:DE:5B:EF:55:8F:52:90:0D:D5:42:CE:5D:A6:B4:21:39:FB"}}},"request":{"raw":"GET /turnstile/v0/api.js HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Sat, 03 Jan 2026 13:20:42 GMT\r\ncontent-length: 0\r\ncf-ray: 9b82cb884b8356c1-OSL\r\naccess-control-allow-origin: *\r\ncache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public\r\ncross-origin-resource-policy: cross-origin\r\nlocation: /turnstile/v0/g/d39f91d70ce1/api.js\r\nvary: Accept-Encoding\r\nset-cookie: _cfuvid=Lps9hE9LC.6Ol6XrzZtS5FJknTj7TxSvzcqW1tPFxaA-1767446442293-0.0.1.1-604800000; path=/; domain=.challenges.cloudflare.com; HttpOnly; Secure; SameSite=None\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":50001,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T01:47:03.978699Z","times_seen":13354468,"resource_available":true,"data":null}},"time_used":74,"timings":{"blocked":29,"dns":1,"connect":1,"send":0,"wait":10,"receive":0,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/u-loading-icon-f08a5242.css","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:43.368Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/u-loading-icon-f08a5242.css HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/pages/index/index\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:43 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nvary: Accept-Encoding\r\netag: \"6938e6df-cbe\"\r\nexpires: Sat, 03 Jan 2026 23:16:52 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 7430\r\npriority: u=2,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gFuIPe8natCLmLOPKtpj0%2BI8jI%2B2DzxGaR58rOChow82Ldtl%2FxENeLvNPMdUSxoVpHPiLW4yuPLLP6n6Y%2FJZTW24dLYg39wF\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb8f0b745684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3262,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3261)","md5":"5733f8184e2e75a72861259493d207e1","sha1":"fce23daf89ac0bfb578992e85d04814a17c7c52b","sha256":"f08a5242aba309b4f4de134cc952a1a4384ae9b53c92a3efa3d4ad03813a1155","sha512":"dafedd8245770fcedd38d0ef12e0c30aeb3bc4c85379eeed7ce2ff5942f0297de8bd52c791815e9adaee7e23c8819c9018200417b1b6489581e1afc6890e7904","ssdeep":"","tlshash":"a16108267a58bc089573dd1e7cf8bb2e408b73434e320d98ab81743b8d5792539172bd","first_seen":"2025-09-07T02:54:04.958487Z","last_seen":"2026-04-04T10:40:53.285513Z","times_seen":38,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/u-status-bar-bbbbad84.css","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:43.380Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/u-status-bar-bbbbad84.css HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/pages/index/index\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:43 GMT\r\ncontent-type: text/css\r\nvary: accept-encoding\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Sat, 03 Jan 2026 23:16:52 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\nage: 7430\r\ncf-cache-status: HIT\r\netag: W/\"6938e6df-2b\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8IfXJLpSmvPEm1Bb2ymdhR0aL6JLXJWjrHMPLd4FFDQBto1To%2F%2BT0o7Uq4hJVfPIxkqmWfRsbmX%2FahM87QVJ8Ynj0cV7FM%2B7\"}]}\r\npriority: u=2,i=?0\r\ncf-ray: 9b82cb8f0b765684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":43,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"d4f30c270b8d7eab39c6b0e179e1f521","sha1":"643fc670206f192123500e48ea3fea010986b7cd","sha256":"bbbbad84a9bea99859cd150266109869265be8b322520af76ce5c13c4c3e4d93","sha512":"b5d382680d8c23ce30846f3d091774f33cebd69402c76ef5506c65087edd16229aa744553fd34a8ea01fee3da4f0edc2e99cc6721a369c69ad233dbfa72b306c","ssdeep":"","tlshash":"46900415140cf03c0c77c01534c3747c1714155d5717c3d4055c70504501f517017101","first_seen":"2025-09-07T02:54:04.923891Z","last_seen":"2026-04-04T10:40:53.34351Z","times_seen":37,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/uni.d83b02fa.css","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:42.253Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/uni.d83b02fa.css HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/pages/login/register?promo_code=6B4AB323\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:42 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nvary: Accept-Encoding\r\netag: \"6938e6df-490e\"\r\nexpires: Sat, 03 Jan 2026 23:16:51 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 7430\r\npriority: u=2,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YrPeXmEMBR3B0XEEBT5zl65k%2Ba1TmO%2FF0X25vNNPubDE6KENEiRKgHLSuHz1xVah6TaKKPk7fXEj7nk1Es6O6WcILflKJXa3\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb880af05684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":18702,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (18701)","md5":"a66029fceddf59e35526a0bf49e6e423","sha1":"5b5feda99f14531986a1e646f27d322e6e41beba","sha256":"d83b02fa038647395eccd452c1066256bcad945b012305cc2ed3851318e5f08f","sha512":"d3e60c8c26d6b8987d08dbbbbc04c5753183874b65fec0b21e394686fa6fcab7fccaf92060be198914cde290a6d2424cda6ee9ea847669c0e250a63cf5829474","ssdeep":"192:Ujj8LGJ0CQLnWL9rNXVA8JzTb741bN2zZ2EDyPhv4rF6y01mWfDncwmE57fIraH:UXpmLWLa8JXHNZVwO70PfDcwp57fhH","tlshash":"2382b4319a01252cf857ca2665d1df8f2231c4b3e5a32f1cebb93568ca9e5c6193e3c4","first_seen":"2025-09-07T02:54:04.909743Z","last_seen":"2026-04-04T10:40:53.303397Z","times_seen":29,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/facebookService.279a2385.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:42.564Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/facebookService.279a2385.js HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://darino.vip/pages/login/register?promo_code=6B4AB323\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:43 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Sun, 04 Jan 2026 01:20:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"6938e6df-1ba\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=U9tCSoRVO%2F8kny5xYQvAfqhL%2FLK67c3TI6Sh5Slk4XJpu59XX90POPq%2F6pCmQeNeY4CiDEaDEXKnnyqiZbYKwsighIpxIzbe\"}]}\r\npriority: u=4,i=?0\r\ncf-ray: 9b82cb89eb025684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":442,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (441)","md5":"ecc235a3d16b50cfc6a4d57a1437de6b","sha1":"0257dc06ce1bcdbe811a8f21484c41004c3a7756","sha256":"49ac46cb09911df81ae8184d7e4c3b5cc7409a36101fc56a102b1b0f8bfeddbe","sha512":"b2ddd317b91e53cabee11f2baaa78cbb8e559df1ff80d00510bae68548acc447e234c337b6756728e31c7d563cfdc3dddf5f8593a1497f5bfcad79fa6ec8bbd3","ssdeep":"","tlshash":"17f055090c9ba4730778a8ecb33bda1520462602258246a4eadb94743871cc7988af8c","first_seen":"2025-09-07T02:54:04.922822Z","last_seen":"2026-02-19T14:53:49.130251Z","times_seen":15,"resource_available":true,"data":null}},"time_used":607,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":607,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/favicon.ico","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:43.862Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/pages/login/register?promo_code=6B4AB323\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:44 GMT\r\ncontent-type: text/html\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=6,i=?0\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wnHUaKuWT9d6pHO0kcyXVEYWIdnXuVX7biVnpI3S3nAwLlE%2FACGO52DsJt5ETBqC%2FIyNyV5TwGW3uetrg1svEVhyVzGsnU4X\"}]}\r\ncf-ray: 9b82cb922ba15684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1134,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"4d27932bc70bde89a8e090b35193114e","sha1":"312b07ad18575b4267c333066dca77d64f433960","sha256":"d73092dd55366f6c48de977901723504c7bae3638085159ec2decb7092129aa3","sha512":"c04ea42efe7ccabadf97ff00a8294351acf0e7d1c14db18e23130b2a617aaee9bd5e0c348d7d4ed826a135832e7d90274bdb271e8dc95807462b1aae946a547d","ssdeep":"","tlshash":"3321428144d59d180330411538b2d42bef73a61b5a88e86138ed55bb1ff5799cc5fca2","first_seen":"2026-01-01T10:59:03.01129Z","last_seen":"2026-01-17T14:34:28.249685Z","times_seen":4,"resource_available":false,"data":null}},"time_used":581,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":581,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/u-icon.c24486a1.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:44.004Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/u-icon.c24486a1.js HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/assets/pages-index-index.6267c313.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:44 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nvary: Accept-Encoding\r\netag: \"6938e6df-f8f8\"\r\nexpires: Sat, 03 Jan 2026 23:16:52 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 7431\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=o1JSj9%2BHsDP6%2FB8u35x47p2Fuoc02jD9%2BjDl%2FfoRKE4fe1NcKYLsnarB%2Fds8XEBPSRMrWKm6Gf0Q%2B9U3%2FlRe%2FMpiHPKqAbRt\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb92fba95684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":63736,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (62847)","md5":"736964c8cfd3731e387dab1ee6202df1","sha1":"3d1cd13eeb8cd595c5657291c71702fbf562c845","sha256":"d03aee581a1be62ef55498637e357c70fa567f9765da25104da3a4c00732e7b5","sha512":"5ed64bb2a33ba747d000a4bb005fc886bdceb7fc33ffcaf2514b97ede6b46a77766d26b3eb94d5f864fa5b9e5c770bad0b1732cd62c76883a0e503e1c849ca84","ssdeep":"1536:fiN+OCeDbQbEJ+W/7h8XuC0uBk0XRXTLR7NJJDSBLye3y57Movd:f8BCeDsbEJ+ih8ZBk0XRX3R7NyyEoV","tlshash":"b6537d6db2c9bc3f3e5735dc10c88005a36f35a4dade2da0f258ce61a97e129161f728","first_seen":"2026-01-01T10:59:02.984138Z","last_seen":"2026-01-17T14:34:28.257917Z","times_seen":4,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.darino.vip/h5/taskUser/configList?type=2\u0026fixedKey=4","fqdn":"api.darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:46.810Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /h5/taskUser/configList?type=2\u0026fixedKey=4 HTTP/1.1\r\nHost: api.darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nx-token: \r\nh5-platform: darino.vip\r\nOrigin: https://darino.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:47 GMT\r\ncontent-type: application/json; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9LI8b%2F91PL9U00Plthh5hv4kIZ9Z1Kx4yAMeIuLeOouwtiy%2FXTSqGfEwVlpzULcko0Ts01shD%2BFr1zowYjc2whun5e9XoYa%2Ft1%2FMoA%3D%3D\"}]}\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token, Authorization, Token, x-token, H5-Platform\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE, PATCH, PUT\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9b82cba48cab5684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":302,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"e5848f63b1c65b18c011a145b01f89e3","sha1":"d04801755775f6178677b9742161beec9c17de33","sha256":"e5228c5711e008ddedd482ac32bfa8ad27cd278eb20dfdc5bb29b31179f9ecc7","sha512":"acef92b13c787e52d3ca171907e867ef5d00f16f2bda338d91422caae5b2d8757146b580d353a6e7ac6da36ffbb2e38dd75afb3fb768c2555c7c30697043200b","ssdeep":"","tlshash":"06e07d35137de8780b94a09504e73300f5ecc351db900045ef6dd9084408573134e23f","first_seen":"2026-01-01T10:59:03.006156Z","last_seen":"2026-01-03T13:21:09.457348Z","times_seen":3,"resource_available":false,"data":null}},"time_used":207,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"api.darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/_plugin-vue_export-helper.1b428a4d.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:42.569Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/_plugin-vue_export-helper.1b428a4d.js HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://darino.vip/pages/login/register?promo_code=6B4AB323\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:42 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Sat, 03 Jan 2026 23:16:52 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\nage: 7430\r\ncf-cache-status: HIT\r\netag: W/\"6938e6df-5b\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2F1mwzsVlb67rWi9%2BqTLCYJs2xMW30hTbkoHwPwaBYB1V35d3gPm0z0RtLRT7p%2BZFluJj%2FIiifA9NUF1uItiwoie9N2YcXkpY\"}]}\r\npriority: u=4,i=?0\r\ncf-ray: 9b82cb89fb055684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":91,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"41bf66d156aac38dbf7a45b53cb4db18","sha1":"4aa693a2afcc34b6a577e1bfc4be3ef5a458dce0","sha256":"a7dbb0eaed9de79041d555c4563be4bb0514099b8d169a2b548ab2d07102cb55","sha512":"64e1a5c2939052c93692338bf78b66723ae6673121d2915a9fb0848449e4b2657c1a31c8940bc7c9ec77554fd4c04ffae1b787297f0fba23983a987e85caee15","ssdeep":"","tlshash":"40b012e500824138432175c796f444649e08005c394756d144480d52c143080541bc3c","first_seen":"2023-03-26T04:51:44Z","last_seen":"2026-04-04T10:40:53.315668Z","times_seen":1258,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/u-popup-1ecb3719.css","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:43.388Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/u-popup-1ecb3719.css HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/pages/index/index\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:43 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nvary: Accept-Encoding\r\netag: \"6938e6df-1596\"\r\nexpires: Sat, 03 Jan 2026 23:16:52 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 7430\r\npriority: u=2,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gP4JxcNpMSG0%2BgLn3uK5B02A8MbvHESClQcur7AzBADaC5GmEKi0XBs5APEAckx0wHprhY%2FmGnhMuuTVMTj0P6lHYmjF9gpL\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb8f1b785684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5526,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (5525)","md5":"1816947f8a6fc79657a0259315918469","sha1":"004f242e3193a46ad90238741ed46ab1fbbcd730","sha256":"1ecb3719e32a7d1806c2ea0fde6f87b49d844a4e3d8b4b17115e7cdfedd0478b","sha512":"d7c17901f0d515d61cc399e16ebc449e703e47a3193cf388ba43aeeac5db0f13f471f9c467cf2d1c9589a91c14d42f5b2448ba9b894e4f1479d48d4640a95644","ssdeep":"96:0B0+6X50R9xXqE1lHdHKsHsHRHUsN6+6f:xolK66x4","tlshash":"c6b15b3cb56ce045a077ec2bb4c8db2882de7373153621d5a18300598fab5dbb6b85ce","first_seen":"2026-01-01T10:59:02.999711Z","last_seen":"2026-03-14T05:19:40.915925Z","times_seen":6,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/BottomNav.0ec3491d.js","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:44.008Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/BottomNav.0ec3491d.js HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/assets/pages-index-index.6267c313.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:44 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nvary: Accept-Encoding\r\netag: \"6938e6df-719\"\r\nexpires: Sat, 03 Jan 2026 23:16:52 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 7431\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Yo3ML6PEeqaOwRCbxmZNbl2ERHmLhxm8KRTX%2FmyXyjBFLz1ualZh%2F1qOdsgSKV5r%2BpXvqO%2F01HGxqKG9fJACi%2BDpPPU6Hbmb\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb930bad5684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1817,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1816)","md5":"7b0f17cfaf9c9828d371c6becee47a22","sha1":"76bce8472f02920c3c807a52c9e1283a30ce04c4","sha256":"c5d6ba5bdf2b6c0441b9aed9af34596c68271843f85db639692ec1f361041238","sha512":"83329dd71e27e2e7c1223409ed9b240a5612ca9062ed74a468c43727d9d14add77d636eb7a91ce6606b874ceb3fcfe2a040d6c157cdc95166e97f84dd4458dd1","ssdeep":"","tlshash":"2b31020d7d7ad931442176ed1c6948e8821e2698d13cbcc8a1f4cd1a13dac98422ef3f","first_seen":"2026-01-01T10:59:02.974134Z","last_seen":"2026-01-17T14:34:28.235162Z","times_seen":4,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"darino.vip/assets/w_1-eb33e005.png","fqdn":"darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:44.133Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"GET /assets/w_1-eb33e005.png HTTP/1.1\r\nHost: darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://darino.vip/pages/index/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:44 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 10 Dec 2025 03:19:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6938e6df-5d1b\"\r\nexpires: Sat, 31 Jan 2026 10:58:36 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 181327\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9X%2FinAHrGgvuC6wN6Li%2FTt1eB0OI43FOJQcDnkQYGZycKiAYtBHGMONDFHbG%2Fm%2BqYvPN1CeAlS1rX6ZsdGXvRxUs2mUbr3hd\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb93cbb65684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":23835,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"9a4b6fc4f57793fa5ce883d3c6de1736","sha1":"934acce899f89608b4e6b5eb6a72c3d51a9b4892","sha256":"eb33e0053d8d508e70b3aeb228391564383f41c138b305b462258be3a0269ba7","sha512":"a085f3be1df51b9a9174d8330ad52cb0378232fb505af2dd2e2127eddae9774296a0b5893388f52c9c05c919a0eb53741d481519024b68606d59f43cab2c9219","ssdeep":"384:WVuKQtc14rNGgQxesI+n1GU9V5pAK7RHVhKSUSs+ZLsrsn8j1kCI7nyzohu6:WVUcaMjxesIOGKAKVKVW8j1kCI7yzYu6","tlshash":"08b2e1e52493b4e147727f8e02b3474a7d9e085c9586aa0144be188fa708c1fac94fbd","first_seen":"2026-01-01T10:59:02.993119Z","last_seen":"2026-03-14T05:19:40.87273Z","times_seen":5,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.darino.vip/h5/taskBase/taskList?promo_code=6B4AB323","fqdn":"api.darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:46.183Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"OPTIONS /h5/taskBase/taskList?promo_code=6B4AB323 HTTP/1.1\r\nHost: api.darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: h5-platform,x-token\r\nReferer: https://darino.vip/\r\nOrigin: https://darino.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 204 No Content\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:46 GMT\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token, Authorization, Token, x-token, H5-Platform\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE, PATCH, PUT\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0MAJ0gbZF4rcskBxB1a%2B%2BVLDc751lKCScdkTYZOOj4UUE31DTZNd2hYF5yUC5mMptu627yKa6yYRKRZ4cJcjuoaFgMZRSS4KAZ0usg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cba0ac8e5684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T01:47:03.978699Z","times_seen":13354468,"resource_available":true,"data":null}},"time_used":203,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":203,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"api.darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.darino.vip/h5/taskUser/configList?type=1\u0026fixedKey=2","fqdn":"api.darino.vip","domain":"darino.vip","tld":"vip"},"ip":{"addr":"172.67.163.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://darino.vip/pages/login/register?promo_code=6B4AB323","date":"2026-01-03T13:20:45.340Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"darino.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 01:22:13 GMT","end":"Tue, 10 Mar 2026 02:22:00 GMT"},"fingerprint":{"sha1":"3D:55:BE:5C:55:34:11:8C:9B:D6:7B:72:16:4F:36:AB:9D:8D:DC:78","sha256":"DD:ED:BA:41:C5:5B:7F:EE:C5:58:73:4E:CB:7F:7E:5D:79:83:68:D9:0B:F3:39:3D:CF:90:B0:6F:DC:6F:C7:A5"}}},"request":{"raw":"OPTIONS /h5/taskUser/configList?type=1\u0026fixedKey=2 HTTP/1.1\r\nHost: api.darino.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: h5-platform,x-token\r\nReferer: https://darino.vip/\r\nOrigin: https://darino.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 204 No Content\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 13:20:45 GMT\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token, Authorization, Token, x-token, H5-Platform\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE, PATCH, PUT\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wFDTQVDXiA5i6S%2FAsGpuTgH4S6b%2FdTg%2BA3zMEgy0X6AYjB5CfMwZxr0U%2B83EhLwVdKcyGeiRFYEcjYZjDtbtn%2FBrAkucOj%2BkO1vv9A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b82cb9b5c615684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T01:47:03.978699Z","times_seen":13354468,"resource_available":true,"data":null}},"time_used":204,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":204,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"api.darino.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}