{"report_id":"76060e67-6b89-4f35-96a7-688865869fb9","version":6,"status":"done","tags":[],"date":"2026-06-01T06:51:04Z","url":{"schema":"http","addr":"verify-liwell.site","fqdn":"verify-liwell.site","domain":"verify-liwell.site","tld":"site"},"ip":{"addr":"185.158.133.1","port":0,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"final":{"url":{"schema":"https","addr":"liwell.site/","fqdn":"liwell.site","domain":"liwell.site","tld":"site"},"title":"Liwell — Management Control System","dom":{"size":61371,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (43235)","md5":"1c99e9dc94ca45509dc9dda448732943","sha1":"f3e9b47f86b0e15c6f1ec6b9049966cad33ce5e4","sha256":"86b8c7b3ac3e82f43d6608293545d62ffcd86fa829f1b082de7c4112f9ba14ee","sha512":"2db170ce4f7c56548c2b3d0f3387b98bfc48f3e0b79a3c041461a560e83bfd08f0c884fae12b64d5117333c1b4f6b71aa7b8777d46a50e6244c1f13ef889d529","ssdeep":"1536:oDNFXx/c64Jysq7vGRW8Xplqg60bNSQRT+rm293i70YEBS:o/A3+6293+0YEBS","tlshash":"2c53c8313144157d6a3b87faf1d1f72950aad209d4a78272f3ad02668bc2fd1ba636c4","dom_hash":"domhash8cfc622bd6f6dc08feb8f4ead53d4fb6","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"verify-liwell.site","fqdn":"verify-liwell.site","domain":"verify-liwell.site","tld":"site"},"ip":{"addr":"185.158.133.1","port":0,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-06T06:51:04Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"verify-liwell.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"liwell.site","ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"domain_registered":"2026-05-02","domain_rank":0,"first_seen":"2026-06-01T06:50:39.993983Z","last_seen":"2026-06-01T06:50:39.993983Z","alert_count":0,"request_count":15,"received_data":3955487,"sent_data":9266,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}]},{"fqdn":"verify-liwell.site","ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"domain_registered":"2026-05-30","domain_rank":0,"first_seen":"2026-06-01T06:50:40.009993Z","last_seen":"2026-06-01T06:50:40.009993Z","alert_count":1,"request_count":1,"received_data":4055,"sent_data":487,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"liwell.site/assets/crypto-verifiers-oy0XuTuC.js","fqdn":"liwell.site","domain":"liwell.site","tld":"site"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"introduction_type":"importedModule","is_inline":false,"md5":"c8ea401de4cc0b8beded0e7ea5262bfd","sha1":"8e39f577bd1752040d7fbf050dd07151ed456bda","sha256":"92b507fcabdb08ca8cfa692ccf7db4f39517014827e02a59ab0ef5f23a9373a9","sha512":"88f51042707f71eb6baa8bcabcde3c931bafe77192023e012c8d87504cdddc9a702c9ae2449f5ff70401fb79c39723d771b46e6c7059b23a68dadaca6183461f","ssdeep":"96:V4X+kg/JU9BdqoFKfdZnmOvyahB+s65/SoA0p7Tzrc7rzHHQwXRoVCmhAR7Y4Lhw:c+kgxU9fTTOaDh/A0Bg3zhXR2FiR7YUq","tlshash":"ceb109f252ec943408c24ad5735ab613f93eddb6b19da4a0d17d4e03210d9e381e7e28","size":5368,"data":"","first_seen":"2026-06-01T06:50:44.016156Z","last_seen":"2026-06-01T06:51:08.146195Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"liwell.site/assets/crypto-signing-DRhZjcQD.js","fqdn":"liwell.site","domain":"liwell.site","tld":"site"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"introduction_type":"importedModule","is_inline":false,"md5":"77020b9a2f6b7c59ee43742201ce4342","sha1":"e1a8ba1469b7e797bc7f97ab95d7ed823aded8cd","sha256":"582287f72d604634b82379a46fd8c6d7c1b02950f339ae694695617aab084231","sha512":"389954176c04702a1cfc2418d61d7ce0ee28b82dc85e0a9ffcd451f25c32527c83b4c31ff40742d16d95dd17d4391f15b9d697763e21ca7eb01c7e9c9eb753b4","ssdeep":"","tlshash":"19515489f5e1be010f0d49f9a05b507388a68ea039dd6662fb594b4625dc0d1c277f27","size":2779,"data":"","first_seen":"2026-06-01T06:50:44.000602Z","last_seen":"2026-06-01T06:51:08.151966Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"liwell.site/assets/crypto-zk-qINPIAQ5.js","fqdn":"liwell.site","domain":"liwell.site","tld":"site"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"introduction_type":"importedModule","is_inline":false,"md5":"e4aa76f8755eb5f6a95da5449d709924","sha1":"ddc6d1d4af34c14d54507822baeddf25bd4418ca","sha256":"430377589ce8e3302860031b41e58c3be92bc1fc89a8367b6561b415b22cbb39","sha512":"fdd60e3e35a83951f435c4cb8aa7bb1ba0b0b166ff49e2dfa8463b3ae5cb206cab718bafa97661263b07afcf1f237c9f49d28f46f4cd610ecc4e376506d44a3a","ssdeep":"3072:AmPZiuSxWeLia12a+Suoh/J2ClsZfntaYCaccG74GJJGBuv1RQJziJKJ3OiJ1OJq:A0ZqxW412a+Slh/HifCcG74GJJGRAMNf","tlshash":"a9041bc4b3b6587205c198e1d4361603f2387909b86e806cb67d1edb6ed8e05eb3be75","size":177156,"data":"","first_seen":"2026-06-01T06:50:44.020639Z","last_seen":"2026-06-01T06:51:08.149513Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"liwell.site/assets/crypto-noble-CpS-VRVh.js","fqdn":"liwell.site","domain":"liwell.site","tld":"site"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"introduction_type":"importedModule","is_inline":false,"md5":"42aa47c4e4d99fccdbf3c2c02e96d280","sha1":"d80309c0af711adbc1c0943b7e3883b1bcfe9098","sha256":"a75c9d99d340c55926617acb99a863d31b7c965d0f1e8dd0728799221fd8438d","sha512":"643576bb3f9355f88ef673cf103dfe07be214e4510e8cc1c3df93abcd0a2507944e9d4d25505f57f44b8b00a08f5ca9214438eb5a55ef15eaa8e64d3d45b67fc","ssdeep":"768:JWRO6TlKX9WIXgzTuO8/9nk7jUSjRP9bjhLN3yCnc2THyHDs7MnSGJGBb5AZvsIv:sH9zPpLit2gX2k","tlshash":"31d2fc9022d2b07243b758e211778406e239d8a4748d4c58f1edcdff39a645acab6f7e","size":30886,"data":"","first_seen":"2026-06-01T06:50:44.006995Z","last_seen":"2026-06-01T06:51:08.147289Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"liwell.site/~flock.js","fqdn":"liwell.site","domain":"liwell.site","tld":"site"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"introduction_type":"scriptElement","is_inline":false,"md5":"ed557a78d5301fbb961abfe911a42b62","sha1":"d11a2a4e9fee28c4b1abc38cd8136bffec7e325b","sha256":"a86e084b4f82709814be6c15fd6305daa783fda87ad95402da9a4d3a1dd6d748","sha512":"18dd1525e2b4d89e3c46d92367fca020cf99fb07856acfd96a25dc7410611eea83b438c91691683983495945eb04a9427bc63e2a383cbe93449f4df0eb1ddb51","ssdeep":"384:FtUCBXTpeaFEo5TTThri1t/mCsOCXiTNZruJ4vKFlcEhRCDxOcX/YM2Vybyq/kmt:n7XTpeauI/Thri1CKWM4ldRzurwkTO0D","tlshash":"cea2b6d61007243d57ead1a13929f7d63177ea98a0caec8a7de91f84d414c83f3f294a","size":21296,"data":"","first_seen":"2025-07-30T15:25:28.733337Z","last_seen":"2026-06-06T16:52:10.603595Z","times_seen":10052,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"liwell.site/assets/index-CucjDoMw.js","fqdn":"liwell.site","domain":"liwell.site","tld":"site"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"introduction_type":"scriptElement","is_inline":false,"md5":"3b8b8ae362b70a604e90806d786a3dcb","sha1":"6fcf45bf48ad11519b9f336dd6b0ce78085feeb3","sha256":"c3deb93e2aad25995d01869dcac63859d2551ead66542928ea98eb9affe115fc","sha512":"a22324e6201fea55a95f99ee883fa10c64df117ff4e36043137e71af3248316a10e7840fefb9c3c09ae02a6085924c107f9d5271b948bb7d084f2e8d37290377","ssdeep":"49152:gbWZZTh8UhJyltFMOsvc3/+MuTq27Ah+A8wZ/XCoP/A7HhKhkZRh:4QUo","tlshash":"06c54a00b141bbadff770aed54bf9009b12f5f48d91f88a0f0bc98651964186b637be9","size":2609614,"data":"","first_seen":"2026-06-01T06:50:44.022913Z","last_seen":"2026-06-01T06:51:08.153647Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"liwell.site/","fqdn":"liwell.site","domain":"liwell.site","tld":"site"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-01T06:50:41.850Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"liwell.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 02 May 2026 22:12:04 GMT","end":"Fri, 31 Jul 2026 23:11:55 GMT"},"fingerprint":{"sha1":"92:FD:8B:BF:AF:9F:24:50:2D:F2:1F:ED:61:91:5A:78:59:9D:F8:29","sha256":"98:1F:37:85:14:FD:CE:55:38:36:FC:54:D7:A2:25:70:30:F6:DB:3C:BC:19:7F:29:4C:02:BA:4C:9E:59:BA:1D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: liwell.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 01 Jun 2026 06:50:41 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: no-cache, must-revalidate, max-age=0\r\nset-cookie: __dpl=3325c73b-df91-4f03-b602-6ac1f1446efb; Path=/; Max-Age=604800; SameSite=Lax; Secure\n__cf_bm=T_iO1eUQsCOBtDpnRg4H_WMQZNNj9jzqixk1FNDA8eM-1780296641.8722098-1.0.1.1-Yz0WsHEiGchEIE9Idui4HA9.kWFILTOSWpa6r3HoHp0FmYY0wRzA2ARH.8hu0shjIoSeKKkwtyg9NLyF1Kj.fsPoFF8z4WTB3ZigAsDKt2Ha7joy0Cx3TyZrijnDTwMe; HttpOnly; SameSite=None; Secure; Path=/; Domain=liwell.site; Expires=Mon, 01 Jun 2026 07:20:41 GMT\r\nx-deployment-id: 3325c73b-df91-4f03-b602-6ac1f1446efb\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: a04c491bbe8bb4fa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3402,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"170b44076788ad058d1ed2cc63883976","sha1":"ad8edcd66d3ada9a89ee69602ad326c2034dd68d","sha256":"92d01613f325c584a1e4ba9890adb79e1a9d1d1fba2e3712684f4b6649223120","sha512":"181b59e6d41d371760898b708433f8e6cc1d21bab51513250398ace756c08df9a9bbb6bbd50c9de0c3c061265349ebb84ae851366171cc746d7de34548e19510","ssdeep":"","tlshash":"24615363a694c925135842217ad6f4089a51f10fc5c8b851f6ec90be8fc5ff6cfb3229","first_seen":"2026-06-01T06:50:44.01105Z","last_seen":"2026-06-01T06:51:08.143856Z","times_seen":2,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":19,"dns":0,"connect":1,"send":0,"wait":57,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"liwell.site/assets/index-CucjDoMw.js","fqdn":"liwell.site","domain":"liwell.site","tld":"site"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://liwell.site/","date":"2026-06-01T06:50:42.124Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"liwell.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 02 May 2026 22:12:04 GMT","end":"Fri, 31 Jul 2026 23:11:55 GMT"},"fingerprint":{"sha1":"92:FD:8B:BF:AF:9F:24:50:2D:F2:1F:ED:61:91:5A:78:59:9D:F8:29","sha256":"98:1F:37:85:14:FD:CE:55:38:36:FC:54:D7:A2:25:70:30:F6:DB:3C:BC:19:7F:29:4C:02:BA:4C:9E:59:BA:1D"}}},"request":{"raw":"GET /assets/index-CucjDoMw.js HTTP/1.1\r\nHost: liwell.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://liwell.site/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __dpl=3325c73b-df91-4f03-b602-6ac1f1446efb; __cf_bm=T_iO1eUQsCOBtDpnRg4H_WMQZNNj9jzqixk1FNDA8eM-1780296641.8722098-1.0.1.1-Yz0WsHEiGchEIE9Idui4HA9.kWFILTOSWpa6r3HoHp0FmYY0wRzA2ARH.8hu0shjIoSeKKkwtyg9NLyF1Kj.fsPoFF8z4WTB3ZigAsDKt2Ha7joy0Cx3TyZrijnDTwMe\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 01 Jun 2026 06:50:42 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncache-control: public, max-age=31536000, immutable\r\nx-deployment-id: 3325c73b-df91-4f03-b602-6ac1f1446efb\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\netag: W/\"3b8b8ae362b70a604e90806d786a3dcb\"\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: a04c491d3838b4fa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2609614,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (37675)","md5":"9982b706866d3ccdbfd09896d312ca3d","sha1":"c1f2b8f4e695f0a435798d4e8ce02ef5a2abcace","sha256":"0d5a87942fbf9d131d86d667a2ac5bfd74fab5f60bbb730fdd06fcc7ff9ebd64","sha512":"e298c5f3fe757777ff78c58b197a6fa480a20ec625375f0b2c02ff298c8a51833669d7f2790690faff39fca4dd4ab7cee37c7cbf95bfa23bd6d45f74815ff3c0","ssdeep":"12288:gbWW2EwHVVgcg19r6f5jAUhJkxltFMOs9Nc3Uw+qju71DE:gbWZgca6hjAUhJyltFMOsvc3/+Mu714","tlshash":"d0256d887185b67aa7b745f9006f900eb23e2e18f80e8460f07cdda53974546e277fe9","first_seen":"2026-06-01T06:50:44.013391Z","last_seen":"2026-06-01T06:51:08.145034Z","times_seen":2,"resource_available":false,"data":null}},"time_used":144,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":144,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"liwell.site/assets/crypto-verifiers-oy0XuTuC.js","fqdn":"liwell.site","domain":"liwell.site","tld":"site"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://liwell.site/","date":"2026-06-01T06:50:42.696Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"liwell.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 02 May 2026 22:12:04 GMT","end":"Fri, 31 Jul 2026 23:11:55 GMT"},"fingerprint":{"sha1":"92:FD:8B:BF:AF:9F:24:50:2D:F2:1F:ED:61:91:5A:78:59:9D:F8:29","sha256":"98:1F:37:85:14:FD:CE:55:38:36:FC:54:D7:A2:25:70:30:F6:DB:3C:BC:19:7F:29:4C:02:BA:4C:9E:59:BA:1D"}}},"request":{"raw":"GET /assets/crypto-verifiers-oy0XuTuC.js HTTP/1.1\r\nHost: liwell.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://liwell.site/assets/index-CucjDoMw.js\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __dpl=3325c73b-df91-4f03-b602-6ac1f1446efb; __cf_bm=T_iO1eUQsCOBtDpnRg4H_WMQZNNj9jzqixk1FNDA8eM-1780296641.8722098-1.0.1.1-Yz0WsHEiGchEIE9Idui4HA9.kWFILTOSWpa6r3HoHp0FmYY0wRzA2ARH.8hu0shjIoSeKKkwtyg9NLyF1Kj.fsPoFF8z4WTB3ZigAsDKt2Ha7joy0Cx3TyZrijnDTwMe\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 01 Jun 2026 06:50:42 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncache-control: public, max-age=31536000, immutable\r\nx-deployment-id: 3325c73b-df91-4f03-b602-6ac1f1446efb\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\netag: W/\"c8ea401de4cc0b8beded0e7ea5262bfd\"\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: a04c4920dc64b4fa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5368,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (5365)","md5":"c8ea401de4cc0b8beded0e7ea5262bfd","sha1":"8e39f577bd1752040d7fbf050dd07151ed456bda","sha256":"92b507fcabdb08ca8cfa692ccf7db4f39517014827e02a59ab0ef5f23a9373a9","sha512":"88f51042707f71eb6baa8bcabcde3c931bafe77192023e012c8d87504cdddc9a702c9ae2449f5ff70401fb79c39723d771b46e6c7059b23a68dadaca6183461f","ssdeep":"96:V4X+kg/JU9BdqoFKfdZnmOvyahB+s65/SoA0p7Tzrc7rzHHQwXRoVCmhAR7Y4Lhw:c+kgxU9fTTOaDh/A0Bg3zhXR2FiR7YUq","tlshash":"ceb109f252ec943408c24ad5735ab613f93eddb6b19da4a0d17d4e03210d9e381e7e28","first_seen":"2026-06-01T06:50:44.016156Z","last_seen":"2026-06-01T06:51:08.146195Z","times_seen":2,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"liwell.site/assets/crypto-noble-CpS-VRVh.js","fqdn":"liwell.site","domain":"liwell.site","tld":"site"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://liwell.site/","date":"2026-06-01T06:50:42.700Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"liwell.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 02 May 2026 22:12:04 GMT","end":"Fri, 31 Jul 2026 23:11:55 GMT"},"fingerprint":{"sha1":"92:FD:8B:BF:AF:9F:24:50:2D:F2:1F:ED:61:91:5A:78:59:9D:F8:29","sha256":"98:1F:37:85:14:FD:CE:55:38:36:FC:54:D7:A2:25:70:30:F6:DB:3C:BC:19:7F:29:4C:02:BA:4C:9E:59:BA:1D"}}},"request":{"raw":"GET /assets/crypto-noble-CpS-VRVh.js HTTP/1.1\r\nHost: liwell.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://liwell.site/assets/index-CucjDoMw.js\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __dpl=3325c73b-df91-4f03-b602-6ac1f1446efb; __cf_bm=T_iO1eUQsCOBtDpnRg4H_WMQZNNj9jzqixk1FNDA8eM-1780296641.8722098-1.0.1.1-Yz0WsHEiGchEIE9Idui4HA9.kWFILTOSWpa6r3HoHp0FmYY0wRzA2ARH.8hu0shjIoSeKKkwtyg9NLyF1Kj.fsPoFF8z4WTB3ZigAsDKt2Ha7joy0Cx3TyZrijnDTwMe\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 01 Jun 2026 06:50:42 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncache-control: public, max-age=31536000, immutable\r\nx-deployment-id: 3325c73b-df91-4f03-b602-6ac1f1446efb\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\netag: W/\"42aa47c4e4d99fccdbf3c2c02e96d280\"\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: a04c4920dc6fb4fa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":30886,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (30885)","md5":"42aa47c4e4d99fccdbf3c2c02e96d280","sha1":"d80309c0af711adbc1c0943b7e3883b1bcfe9098","sha256":"a75c9d99d340c55926617acb99a863d31b7c965d0f1e8dd0728799221fd8438d","sha512":"643576bb3f9355f88ef673cf103dfe07be214e4510e8cc1c3df93abcd0a2507944e9d4d25505f57f44b8b00a08f5ca9214438eb5a55ef15eaa8e64d3d45b67fc","ssdeep":"768:JWRO6TlKX9WIXgzTuO8/9nk7jUSjRP9bjhLN3yCnc2THyHDs7MnSGJGBb5AZvsIv:sH9zPpLit2gX2k","tlshash":"31d2fc9022d2b07243b758e211778406e239d8a4748d4c58f1edcdff39a645acab6f7e","first_seen":"2026-06-01T06:50:44.006995Z","last_seen":"2026-06-01T06:51:08.147289Z","times_seen":2,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"liwell.site/~api/analytics","fqdn":"liwell.site","domain":"liwell.site","tld":"site"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://liwell.site/","date":"2026-06-01T06:50:43.283Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"liwell.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 02 May 2026 22:12:04 GMT","end":"Fri, 31 Jul 2026 23:11:55 GMT"},"fingerprint":{"sha1":"92:FD:8B:BF:AF:9F:24:50:2D:F2:1F:ED:61:91:5A:78:59:9D:F8:29","sha256":"98:1F:37:85:14:FD:CE:55:38:36:FC:54:D7:A2:25:70:30:F6:DB:3C:BC:19:7F:29:4C:02:BA:4C:9E:59:BA:1D"}}},"request":{"raw":"POST /~api/analytics HTTP/1.1\r\nHost: liwell.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://liwell.site/\r\nContent-Type: application/json\r\nContent-Length: 332\r\nOrigin: https://liwell.site\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __dpl=3325c73b-df91-4f03-b602-6ac1f1446efb; __cf_bm=T_iO1eUQsCOBtDpnRg4H_WMQZNNj9jzqixk1FNDA8eM-1780296641.8722098-1.0.1.1-Yz0WsHEiGchEIE9Idui4HA9.kWFILTOSWpa6r3HoHp0FmYY0wRzA2ARH.8hu0shjIoSeKKkwtyg9NLyF1Kj.fsPoFF8z4WTB3ZigAsDKt2Ha7joy0Cx3TyZrijnDTwMe; session-id=72738b31-9918-4a9d-86e0-8115ccfb74d3\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":332,"data":"{\"timestamp\":\"2026-06-01T06:50:43.181Z\",\"action\":\"page_hit\",\"version\":\"1\",\"session_id\":\"72738b31-9918-4a9d-86e0-8115ccfb74d3\",\"payload\":\"{\\\"user-agent\\\":\\\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\\\",\\\"locale\\\":\\\"en-US\\\",\\\"referrer\\\":\\\"\\\",\\\"pathname\\\":\\\"/\\\",\\\"href\\\":\\\"https://liwell.site/\\\"}\"}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 01 Jun 2026 06:50:43 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\ncontent-length: 4\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: a04c492488a9b4fa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"f92965e2c8a7afb3c1b9a5c09a263636","sha1":"e9b450d14bc2363d292c84f17cfad5cfbd58a458","sha256":"11a6767d5674c7e45f7e00dc525762275b3a48491ad6045427d2609cc496c516","sha512":"25775ba3c567970fc3df3f8107f2a78a67c5619d54bfb37704423acceec253316949eee77b81100a01b91c742e475b4f6157dd2427a9f9fafd87a4078f2d65df","ssdeep":"","tlshash":"54300000000000000000c00c00000000000000000c0000000000000000000000000000","first_seen":"2023-04-09T18:20:08Z","last_seen":"2026-06-06T16:52:10.604131Z","times_seen":10146,"resource_available":true,"data":null}},"time_used":405,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":405,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"liwell.site/~flock.js","fqdn":"liwell.site","domain":"liwell.site","tld":"site"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://liwell.site/","date":"2026-06-01T06:50:42.130Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"liwell.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 02 May 2026 22:12:04 GMT","end":"Fri, 31 Jul 2026 23:11:55 GMT"},"fingerprint":{"sha1":"92:FD:8B:BF:AF:9F:24:50:2D:F2:1F:ED:61:91:5A:78:59:9D:F8:29","sha256":"98:1F:37:85:14:FD:CE:55:38:36:FC:54:D7:A2:25:70:30:F6:DB:3C:BC:19:7F:29:4C:02:BA:4C:9E:59:BA:1D"}}},"request":{"raw":"GET /~flock.js HTTP/1.1\r\nHost: liwell.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://liwell.site/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __dpl=3325c73b-df91-4f03-b602-6ac1f1446efb; __cf_bm=T_iO1eUQsCOBtDpnRg4H_WMQZNNj9jzqixk1FNDA8eM-1780296641.8722098-1.0.1.1-Yz0WsHEiGchEIE9Idui4HA9.kWFILTOSWpa6r3HoHp0FmYY0wRzA2ARH.8hu0shjIoSeKKkwtyg9NLyF1Kj.fsPoFF8z4WTB3ZigAsDKt2Ha7joy0Cx3TyZrijnDTwMe\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 01 Jun 2026 06:50:42 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncache-control: max-age=1500\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: a04c491d383db4fa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":21296,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (21296), with no line terminators","md5":"ed557a78d5301fbb961abfe911a42b62","sha1":"d11a2a4e9fee28c4b1abc38cd8136bffec7e325b","sha256":"a86e084b4f82709814be6c15fd6305daa783fda87ad95402da9a4d3a1dd6d748","sha512":"18dd1525e2b4d89e3c46d92367fca020cf99fb07856acfd96a25dc7410611eea83b438c91691683983495945eb04a9427bc63e2a383cbe93449f4df0eb1ddb51","ssdeep":"384:FtUCBXTpeaFEo5TTThri1t/mCsOCXiTNZruJ4vKFlcEhRCDxOcX/YM2Vybyq/kmt:n7XTpeauI/Thri1CKWM4ldRzurwkTO0D","tlshash":"cea2b6d61007243d57ead1a13929f7d63177ea98a0caec8a7de91f84d414c83f3f294a","first_seen":"2025-07-30T15:25:28.733337Z","last_seen":"2026-06-06T16:52:10.603595Z","times_seen":10052,"resource_available":true,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"liwell.site/assets/crypto-zk-qINPIAQ5.js","fqdn":"liwell.site","domain":"liwell.site","tld":"site"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://liwell.site/","date":"2026-06-01T06:50:42.692Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"liwell.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 02 May 2026 22:12:04 GMT","end":"Fri, 31 Jul 2026 23:11:55 GMT"},"fingerprint":{"sha1":"92:FD:8B:BF:AF:9F:24:50:2D:F2:1F:ED:61:91:5A:78:59:9D:F8:29","sha256":"98:1F:37:85:14:FD:CE:55:38:36:FC:54:D7:A2:25:70:30:F6:DB:3C:BC:19:7F:29:4C:02:BA:4C:9E:59:BA:1D"}}},"request":{"raw":"GET /assets/crypto-zk-qINPIAQ5.js HTTP/1.1\r\nHost: liwell.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://liwell.site/assets/index-CucjDoMw.js\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __dpl=3325c73b-df91-4f03-b602-6ac1f1446efb; __cf_bm=T_iO1eUQsCOBtDpnRg4H_WMQZNNj9jzqixk1FNDA8eM-1780296641.8722098-1.0.1.1-Yz0WsHEiGchEIE9Idui4HA9.kWFILTOSWpa6r3HoHp0FmYY0wRzA2ARH.8hu0shjIoSeKKkwtyg9NLyF1Kj.fsPoFF8z4WTB3ZigAsDKt2Ha7joy0Cx3TyZrijnDTwMe\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 01 Jun 2026 06:50:42 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncache-control: public, max-age=31536000, immutable\r\nx-deployment-id: 3325c73b-df91-4f03-b602-6ac1f1446efb\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\netag: W/\"e4aa76f8755eb5f6a95da5449d709924\"\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: a04c4920dc5fb4fa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":177156,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"data","md5":"e4aa76f8755eb5f6a95da5449d709924","sha1":"ddc6d1d4af34c14d54507822baeddf25bd4418ca","sha256":"430377589ce8e3302860031b41e58c3be92bc1fc89a8367b6561b415b22cbb39","sha512":"fdd60e3e35a83951f435c4cb8aa7bb1ba0b0b166ff49e2dfa8463b3ae5cb206cab718bafa97661263b07afcf1f237c9f49d28f46f4cd610ecc4e376506d44a3a","ssdeep":"3072:AmPZiuSxWeLia12a+Suoh/J2ClsZfntaYCaccG74GJJGBuv1RQJziJKJ3OiJ1OJq:A0ZqxW412a+Slh/HifCcG74GJJGRAMNf","tlshash":"a9041bc4b3b6587205c198e1d4361603f2387909b86e806cb67d1edb6ed8e05eb3be75","first_seen":"2026-06-01T06:50:44.020639Z","last_seen":"2026-06-01T06:51:08.149513Z","times_seen":2,"resource_available":true,"data":null}},"time_used":47,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":47,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"liwell.site/liwell-logo.png","fqdn":"liwell.site","domain":"liwell.site","tld":"site"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://liwell.site/","date":"2026-06-01T06:50:43.014Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"liwell.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 02 May 2026 22:12:04 GMT","end":"Fri, 31 Jul 2026 23:11:55 GMT"},"fingerprint":{"sha1":"92:FD:8B:BF:AF:9F:24:50:2D:F2:1F:ED:61:91:5A:78:59:9D:F8:29","sha256":"98:1F:37:85:14:FD:CE:55:38:36:FC:54:D7:A2:25:70:30:F6:DB:3C:BC:19:7F:29:4C:02:BA:4C:9E:59:BA:1D"}}},"request":{"raw":"GET /liwell-logo.png HTTP/1.1\r\nHost: liwell.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://liwell.site/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __dpl=3325c73b-df91-4f03-b602-6ac1f1446efb; __cf_bm=T_iO1eUQsCOBtDpnRg4H_WMQZNNj9jzqixk1FNDA8eM-1780296641.8722098-1.0.1.1-Yz0WsHEiGchEIE9Idui4HA9.kWFILTOSWpa6r3HoHp0FmYY0wRzA2ARH.8hu0shjIoSeKKkwtyg9NLyF1Kj.fsPoFF8z4WTB3ZigAsDKt2Ha7joy0Cx3TyZrijnDTwMe\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 01 Jun 2026 06:50:43 GMT\r\ncontent-type: image/png\r\ncontent-length: 369026\r\netag: \"b613475f4ce63e20a72868c48b5dee08\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nx-deployment-id: 3325c73b-df91-4f03-b602-6ac1f1446efb\r\nserver: cloudflare\r\ncf-ray: a04c4922debcb4fa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":369026,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1024 x 1536, 8-bit/color RGBA, non-interlaced","md5":"b613475f4ce63e20a72868c48b5dee08","sha1":"69c36a00998f0a84ae63c43db1cd3d324c3d063f","sha256":"68131aa420e62cd237b9730a4d71e2c574042f16aa99ead7fac386cc2caf35d8","sha512":"b48c753beb5c250d41fe0eaba0549e9b98880b6bee3e37b7ad81c7abeab99a2c51ecb3918756684a58c692b76afac2d9bd8a23ff5cdd5dde7b4c0d375e2aff4c","ssdeep":"6144:0ZdAta9M/tQPP4gsnOCpt69StspA6PzZouLGL4M:0zZFRsnTQ9StGAsSEM","tlshash":"4674221ecbd85677fd016540f8516157a8da2c73b1a4ce1a82c7b8af1753f368e3aca0","first_seen":"2026-06-01T06:50:44.00362Z","last_seen":"2026-06-01T06:51:08.150343Z","times_seen":2,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":33,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"liwell.site/assets/crypto-zk-qINPIAQ5.js","fqdn":"liwell.site","domain":"liwell.site","tld":"site"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://liwell.site/","date":"2026-06-01T06:50:42.788Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"liwell.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 02 May 2026 22:12:04 GMT","end":"Fri, 31 Jul 2026 23:11:55 GMT"},"fingerprint":{"sha1":"92:FD:8B:BF:AF:9F:24:50:2D:F2:1F:ED:61:91:5A:78:59:9D:F8:29","sha256":"98:1F:37:85:14:FD:CE:55:38:36:FC:54:D7:A2:25:70:30:F6:DB:3C:BC:19:7F:29:4C:02:BA:4C:9E:59:BA:1D"}}},"request":{"raw":"GET /assets/crypto-zk-qINPIAQ5.js HTTP/1.1\r\nHost: liwell.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://liwell.site/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 01 Jun 2026 06:50:42 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncache-control: public, max-age=31536000, immutable\r\nset-cookie: __cf_bm=xD6fTqBnyUL02RunJ9aXyrPZwpbQ3i3JkZrseT84eWM-1780296642.790707-1.0.1.1-SlqM6LdFFdQCjarOvmb34Qw_6tdYzH..jXGbp5U8xjmSGr8A3T2wpuUeJwRSMVaw4.mo6GeYnpHeyKLxwyBKE2JFunOgxIrN.KdEwJ3yBbqg.OcwSenk5ZWQCSTVDKn3; HttpOnly; SameSite=None; Secure; Path=/; Domain=liwell.site; Expires=Mon, 01 Jun 2026 07:20:42 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nx-deployment-id: 3325c73b-df91-4f03-b602-6ac1f1446efb\r\netag: W/\"e4aa76f8755eb5f6a95da5449d709924\"\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: a04c49216d1eb4fa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":177156,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"data","md5":"e4aa76f8755eb5f6a95da5449d709924","sha1":"ddc6d1d4af34c14d54507822baeddf25bd4418ca","sha256":"430377589ce8e3302860031b41e58c3be92bc1fc89a8367b6561b415b22cbb39","sha512":"fdd60e3e35a83951f435c4cb8aa7bb1ba0b0b166ff49e2dfa8463b3ae5cb206cab718bafa97661263b07afcf1f237c9f49d28f46f4cd610ecc4e376506d44a3a","ssdeep":"3072:AmPZiuSxWeLia12a+Suoh/J2ClsZfntaYCaccG74GJJGBuv1RQJziJKJ3OiJ1OJq:A0ZqxW412a+Slh/HifCcG74GJJGRAMNf","tlshash":"a9041bc4b3b6587205c198e1d4361603f2387909b86e806cb67d1edb6ed8e05eb3be75","first_seen":"2026-06-01T06:50:44.020639Z","last_seen":"2026-06-01T06:51:08.149513Z","times_seen":2,"resource_available":true,"data":null}},"time_used":49,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":49,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"liwell.site/assets/liwell-logo-C9iJUIkh.png","fqdn":"liwell.site","domain":"liwell.site","tld":"site"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://liwell.site/","date":"2026-06-01T06:50:42.906Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"liwell.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 02 May 2026 22:12:04 GMT","end":"Fri, 31 Jul 2026 23:11:55 GMT"},"fingerprint":{"sha1":"92:FD:8B:BF:AF:9F:24:50:2D:F2:1F:ED:61:91:5A:78:59:9D:F8:29","sha256":"98:1F:37:85:14:FD:CE:55:38:36:FC:54:D7:A2:25:70:30:F6:DB:3C:BC:19:7F:29:4C:02:BA:4C:9E:59:BA:1D"}}},"request":{"raw":"GET /assets/liwell-logo-C9iJUIkh.png HTTP/1.1\r\nHost: liwell.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://liwell.site/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __dpl=3325c73b-df91-4f03-b602-6ac1f1446efb; __cf_bm=T_iO1eUQsCOBtDpnRg4H_WMQZNNj9jzqixk1FNDA8eM-1780296641.8722098-1.0.1.1-Yz0WsHEiGchEIE9Idui4HA9.kWFILTOSWpa6r3HoHp0FmYY0wRzA2ARH.8hu0shjIoSeKKkwtyg9NLyF1Kj.fsPoFF8z4WTB3ZigAsDKt2Ha7joy0Cx3TyZrijnDTwMe\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 01 Jun 2026 06:50:42 GMT\r\ncontent-type: image/png\r\ncontent-length: 369026\r\ncache-control: public, max-age=31536000, immutable\r\netag: \"b613475f4ce63e20a72868c48b5dee08\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nx-deployment-id: 3325c73b-df91-4f03-b602-6ac1f1446efb\r\nserver: cloudflare\r\ncf-ray: a04c49222e0bb4fa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":369026,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1024 x 1536, 8-bit/color RGBA, non-interlaced","md5":"b613475f4ce63e20a72868c48b5dee08","sha1":"69c36a00998f0a84ae63c43db1cd3d324c3d063f","sha256":"68131aa420e62cd237b9730a4d71e2c574042f16aa99ead7fac386cc2caf35d8","sha512":"b48c753beb5c250d41fe0eaba0549e9b98880b6bee3e37b7ad81c7abeab99a2c51ecb3918756684a58c692b76afac2d9bd8a23ff5cdd5dde7b4c0d375e2aff4c","ssdeep":"6144:0ZdAta9M/tQPP4gsnOCpt69StspA6PzZouLGL4M:0zZFRsnTQ9StGAsSEM","tlshash":"4674221ecbd85677fd016540f8516157a8da2c73b1a4ce1a82c7b8af1753f368e3aca0","first_seen":"2026-06-01T06:50:44.00362Z","last_seen":"2026-06-01T06:51:08.150343Z","times_seen":2,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":47,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"liwell.site/assets/index-CzYUSCeG.css","fqdn":"liwell.site","domain":"liwell.site","tld":"site"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://liwell.site/","date":"2026-06-01T06:50:42.128Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"liwell.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 02 May 2026 22:12:04 GMT","end":"Fri, 31 Jul 2026 23:11:55 GMT"},"fingerprint":{"sha1":"92:FD:8B:BF:AF:9F:24:50:2D:F2:1F:ED:61:91:5A:78:59:9D:F8:29","sha256":"98:1F:37:85:14:FD:CE:55:38:36:FC:54:D7:A2:25:70:30:F6:DB:3C:BC:19:7F:29:4C:02:BA:4C:9E:59:BA:1D"}}},"request":{"raw":"GET /assets/index-CzYUSCeG.css HTTP/1.1\r\nHost: liwell.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://liwell.site/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __dpl=3325c73b-df91-4f03-b602-6ac1f1446efb; __cf_bm=T_iO1eUQsCOBtDpnRg4H_WMQZNNj9jzqixk1FNDA8eM-1780296641.8722098-1.0.1.1-Yz0WsHEiGchEIE9Idui4HA9.kWFILTOSWpa6r3HoHp0FmYY0wRzA2ARH.8hu0shjIoSeKKkwtyg9NLyF1Kj.fsPoFF8z4WTB3ZigAsDKt2Ha7joy0Cx3TyZrijnDTwMe\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 01 Jun 2026 06:50:42 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncache-control: public, max-age=31536000, immutable\r\nx-deployment-id: 3325c73b-df91-4f03-b602-6ac1f1446efb\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\netag: W/\"fbb31cfc7a28d310e0bb5e7b0c90ace2\"\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: a04c491d383ab4fa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":142106,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"fbb31cfc7a28d310e0bb5e7b0c90ace2","sha1":"8eb8642bcb3ca7d3a1623cc79b7446fb4b7300a5","sha256":"ed5cfdd0a9e2f77ee87435dc3bc9c4b9185d827876037d110a445859ef27c299","sha512":"c041bfad452bf0caa3ffbff0bae4c97e55e86ef2a27cb4058a69fc64d7006e65c37faaf6d56337f69ae1fa3faed5c82d04c4d8ddb348ce051640577fc0da5103","ssdeep":"3072:Mh7iXlxkr+VqULIs7D1GMzRb+XvXfKhV6hE27wkIgUU4HF18MUqBeQGGCj378VQ7:Mh7iXlxkr+VqULIs7D1GMzRb+XvXfKhg","tlshash":"0bd35229b618607f3c17a0fc8398b9eda11af2c0ce2a47f5b99a523167d23f61d73514","first_seen":"2026-06-01T06:50:44.018818Z","last_seen":"2026-06-01T06:51:08.15116Z","times_seen":2,"resource_available":false,"data":null}},"time_used":52,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":52,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"liwell.site/assets/crypto-signing-DRhZjcQD.js","fqdn":"liwell.site","domain":"liwell.site","tld":"site"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://liwell.site/","date":"2026-06-01T06:50:42.698Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"liwell.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 02 May 2026 22:12:04 GMT","end":"Fri, 31 Jul 2026 23:11:55 GMT"},"fingerprint":{"sha1":"92:FD:8B:BF:AF:9F:24:50:2D:F2:1F:ED:61:91:5A:78:59:9D:F8:29","sha256":"98:1F:37:85:14:FD:CE:55:38:36:FC:54:D7:A2:25:70:30:F6:DB:3C:BC:19:7F:29:4C:02:BA:4C:9E:59:BA:1D"}}},"request":{"raw":"GET /assets/crypto-signing-DRhZjcQD.js HTTP/1.1\r\nHost: liwell.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://liwell.site/assets/index-CucjDoMw.js\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __dpl=3325c73b-df91-4f03-b602-6ac1f1446efb; __cf_bm=T_iO1eUQsCOBtDpnRg4H_WMQZNNj9jzqixk1FNDA8eM-1780296641.8722098-1.0.1.1-Yz0WsHEiGchEIE9Idui4HA9.kWFILTOSWpa6r3HoHp0FmYY0wRzA2ARH.8hu0shjIoSeKKkwtyg9NLyF1Kj.fsPoFF8z4WTB3ZigAsDKt2Ha7joy0Cx3TyZrijnDTwMe\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 01 Jun 2026 06:50:42 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncache-control: public, max-age=31536000, immutable\r\nx-deployment-id: 3325c73b-df91-4f03-b602-6ac1f1446efb\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\netag: W/\"77020b9a2f6b7c59ee43742201ce4342\"\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: a04c4920dc66b4fa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2779,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (2778)","md5":"77020b9a2f6b7c59ee43742201ce4342","sha1":"e1a8ba1469b7e797bc7f97ab95d7ed823aded8cd","sha256":"582287f72d604634b82379a46fd8c6d7c1b02950f339ae694695617aab084231","sha512":"389954176c04702a1cfc2418d61d7ce0ee28b82dc85e0a9ffcd451f25c32527c83b4c31ff40742d16d95dd17d4391f15b9d697763e21ca7eb01c7e9c9eb753b4","ssdeep":"","tlshash":"19515489f5e1be010f0d49f9a05b507388a68ea039dd6662fb594b4625dc0d1c277f27","first_seen":"2026-06-01T06:50:44.000602Z","last_seen":"2026-06-01T06:51:08.151966Z","times_seen":2,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"liwell.site/assets/crypto-noble-CpS-VRVh.js","fqdn":"liwell.site","domain":"liwell.site","tld":"site"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://liwell.site/","date":"2026-06-01T06:50:42.791Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"liwell.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 02 May 2026 22:12:04 GMT","end":"Fri, 31 Jul 2026 23:11:55 GMT"},"fingerprint":{"sha1":"92:FD:8B:BF:AF:9F:24:50:2D:F2:1F:ED:61:91:5A:78:59:9D:F8:29","sha256":"98:1F:37:85:14:FD:CE:55:38:36:FC:54:D7:A2:25:70:30:F6:DB:3C:BC:19:7F:29:4C:02:BA:4C:9E:59:BA:1D"}}},"request":{"raw":"GET /assets/crypto-noble-CpS-VRVh.js HTTP/1.1\r\nHost: liwell.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://liwell.site/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 01 Jun 2026 06:50:42 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncache-control: public, max-age=31536000, immutable\r\nset-cookie: __cf_bm=crMMwC65.i6NYDteRCI_bJsXhP9TFVph4p.uIN5U9QE-1780296642.791431-1.0.1.1-Nnj1Dc_qCr4XCqEHknrG3zAPUs.4Kj1VyUJp.NuXBarOvKt0bWCgN2NbJ6AQ1UoMjyRSkN3t5vLXfeHc1ayTUHxiiQrEPHW.mFaiEemRayacXPQy3ZVMbWlZQvrScavC; HttpOnly; SameSite=None; Secure; Path=/; Domain=liwell.site; Expires=Mon, 01 Jun 2026 07:20:42 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nx-deployment-id: 3325c73b-df91-4f03-b602-6ac1f1446efb\r\netag: W/\"42aa47c4e4d99fccdbf3c2c02e96d280\"\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: a04c49217d21b4fa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":30886,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (30885)","md5":"42aa47c4e4d99fccdbf3c2c02e96d280","sha1":"d80309c0af711adbc1c0943b7e3883b1bcfe9098","sha256":"a75c9d99d340c55926617acb99a863d31b7c965d0f1e8dd0728799221fd8438d","sha512":"643576bb3f9355f88ef673cf103dfe07be214e4510e8cc1c3df93abcd0a2507944e9d4d25505f57f44b8b00a08f5ca9214438eb5a55ef15eaa8e64d3d45b67fc","ssdeep":"768:JWRO6TlKX9WIXgzTuO8/9nk7jUSjRP9bjhLN3yCnc2THyHDs7MnSGJGBb5AZvsIv:sH9zPpLit2gX2k","tlshash":"31d2fc9022d2b07243b758e211778406e239d8a4748d4c58f1edcdff39a645acab6f7e","first_seen":"2026-06-01T06:50:44.006995Z","last_seen":"2026-06-01T06:51:08.147289Z","times_seen":2,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"liwell.site/assets/crypto-signing-DRhZjcQD.js","fqdn":"liwell.site","domain":"liwell.site","tld":"site"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://liwell.site/","date":"2026-06-01T06:50:42.793Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"liwell.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 02 May 2026 22:12:04 GMT","end":"Fri, 31 Jul 2026 23:11:55 GMT"},"fingerprint":{"sha1":"92:FD:8B:BF:AF:9F:24:50:2D:F2:1F:ED:61:91:5A:78:59:9D:F8:29","sha256":"98:1F:37:85:14:FD:CE:55:38:36:FC:54:D7:A2:25:70:30:F6:DB:3C:BC:19:7F:29:4C:02:BA:4C:9E:59:BA:1D"}}},"request":{"raw":"GET /assets/crypto-signing-DRhZjcQD.js HTTP/1.1\r\nHost: liwell.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://liwell.site/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 01 Jun 2026 06:50:42 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncache-control: public, max-age=31536000, immutable\r\nset-cookie: __cf_bm=tI5NAaz9GmwBc6zIJRz0Zxafn8nDn75t1qudRArlhJ8-1780296642.7919633-1.0.1.1-tazTeS1QBT7hBBqFsQYgne8VV7eW.IRh2xBuIVmyVczexKD8Lv06ywULmqcDQfC_RX9iD8Wp6eVuMgVDvbWo8hq4McqGXsMcaNJgEaLjkVr2JmiDH.CbjsDX7aShJSwq; HttpOnly; SameSite=None; Secure; Path=/; Domain=liwell.site; Expires=Mon, 01 Jun 2026 07:20:42 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nx-deployment-id: 3325c73b-df91-4f03-b602-6ac1f1446efb\r\netag: W/\"77020b9a2f6b7c59ee43742201ce4342\"\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: a04c49217d24b4fa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":2779,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"Java source, ASCII text, with very long lines (2778)","md5":"77020b9a2f6b7c59ee43742201ce4342","sha1":"e1a8ba1469b7e797bc7f97ab95d7ed823aded8cd","sha256":"582287f72d604634b82379a46fd8c6d7c1b02950f339ae694695617aab084231","sha512":"389954176c04702a1cfc2418d61d7ce0ee28b82dc85e0a9ffcd451f25c32527c83b4c31ff40742d16d95dd17d4391f15b9d697763e21ca7eb01c7e9c9eb753b4","ssdeep":"","tlshash":"19515489f5e1be010f0d49f9a05b507388a68ea039dd6662fb594b4625dc0d1c277f27","first_seen":"2026-06-01T06:50:44.000602Z","last_seen":"2026-06-01T06:51:08.151966Z","times_seen":2,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"liwell.site/assets/crypto-verifiers-oy0XuTuC.js","fqdn":"liwell.site","domain":"liwell.site","tld":"site"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://liwell.site/","date":"2026-06-01T06:50:42.794Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"liwell.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 02 May 2026 22:12:04 GMT","end":"Fri, 31 Jul 2026 23:11:55 GMT"},"fingerprint":{"sha1":"92:FD:8B:BF:AF:9F:24:50:2D:F2:1F:ED:61:91:5A:78:59:9D:F8:29","sha256":"98:1F:37:85:14:FD:CE:55:38:36:FC:54:D7:A2:25:70:30:F6:DB:3C:BC:19:7F:29:4C:02:BA:4C:9E:59:BA:1D"}}},"request":{"raw":"GET /assets/crypto-verifiers-oy0XuTuC.js HTTP/1.1\r\nHost: liwell.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://liwell.site/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 01 Jun 2026 06:50:42 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncache-control: public, max-age=31536000, immutable\r\nset-cookie: __cf_bm=qLaqwsOvgWd.G5f8Gd3QDlnpgEg5Fc13up_9wcNCnzg-1780296642.7936244-1.0.1.1-4cSkbnz9ns01Bj5v.xRWXbb9cDrx.6Z6TQOOymsabUkM6RdZpMRsizxihoHpYy6v_wZeAFecwRjrDJsamOhk.Jg9jvbqmvwQl927q0pkW2ZblEcMsoW3dn8RjdMQZ5x.; HttpOnly; SameSite=None; Secure; Path=/; Domain=liwell.site; Expires=Mon, 01 Jun 2026 07:20:42 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nx-deployment-id: 3325c73b-df91-4f03-b602-6ac1f1446efb\r\netag: W/\"c8ea401de4cc0b8beded0e7ea5262bfd\"\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: a04c49217d2cb4fa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5368,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (5365)","md5":"c8ea401de4cc0b8beded0e7ea5262bfd","sha1":"8e39f577bd1752040d7fbf050dd07151ed456bda","sha256":"92b507fcabdb08ca8cfa692ccf7db4f39517014827e02a59ab0ef5f23a9373a9","sha512":"88f51042707f71eb6baa8bcabcde3c931bafe77192023e012c8d87504cdddc9a702c9ae2449f5ff70401fb79c39723d771b46e6c7059b23a68dadaca6183461f","ssdeep":"96:V4X+kg/JU9BdqoFKfdZnmOvyahB+s65/SoA0p7Tzrc7rzHHQwXRoVCmhAR7Y4Lhw:c+kgxU9fTTOaDh/A0Bg3zhXR2FiR7YUq","tlshash":"ceb109f252ec943408c24ad5735ab613f93eddb6b19da4a0d17d4e03210d9e381e7e28","first_seen":"2026-06-01T06:50:44.016156Z","last_seen":"2026-06-01T06:51:08.146195Z","times_seen":2,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"verify-liwell.site/","fqdn":"verify-liwell.site","domain":"verify-liwell.site","tld":"site"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-01T06:50:41.783Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"verify-liwell.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 11:43:44 GMT","end":"Fri, 28 Aug 2026 12:39:28 GMT"},"fingerprint":{"sha1":"DC:31:CF:9D:3F:FE:FA:F9:13:80:92:15:F1:FF:41:0F:F1:59:A4:5D","sha256":"8B:FC:16:09:C4:E1:66:6C:9E:4D:86:C7:6E:F8:77:94:DE:55:89:E7:1C:37:10:DE:FC:EE:C2:BC:72:A8:3B:0F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: verify-liwell.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Mon, 01 Jun 2026 06:50:41 GMT\r\ncontent-length: 0\r\nlocation: https://liwell.site/\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nset-cookie: __cf_bm=NAzn_VlyfadEyMPCk24K8NLEraR0U41V2iOxMv4nGqQ-1780296641.8098667-1.0.1.1-LTsSbssmGNiB1vDkd.QD.XIf.43ucE5ridGGfs7OpaIBtLdfAl_HqvOC5m.wmJOlDK8sO_IkOJa_dEQIK6eLSpoOa14ThhV4O9HTfAntnUWaqzJPuFOZ19PTCNh.bHTd; HttpOnly; SameSite=None; Secure; Path=/; Domain=verify-liwell.site; Expires=Mon, 01 Jun 2026 07:20:41 GMT\r\nserver: cloudflare\r\ncf-ray: a04c491b491fb515-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3402,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T17:09:45.179918Z","times_seen":16184828,"resource_available":true,"data":null}},"time_used":81,"timings":{"blocked":23,"dns":0,"connect":1,"send":0,"wait":36,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"verify-liwell.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}