{"report_id":"7a57d343-4d73-48cd-a33c-b62d3c7931f7","version":6,"status":"done","tags":[],"date":"2026-02-12T11:33:07Z","url":{"schema":"http","addr":"vzwpxr.com/","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"104.21.16.134","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"vzwpxr.com/#/home","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"title":"welcome欢迎","dom":{"size":57755,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (14282)","md5":"348d069a6206eb7e513b68eebb0c82b6","sha1":"632e4fc57dbef424ba10a2f67abe6bd236846c97","sha256":"ea46054ddd1cd33618375d649d2b920ac9ba4b89be0a27f58d8b2c84e2f59049","sha512":"3c1e692bf1df990d1dbc851153eaea7b423810b1550cda4bf65e11de1532babd32257d7ba96b80f28e96ae7cf3bde5f4a53c32aab9bc2ca4ca5928c02326bdf8","ssdeep":"1536:kdMuhVlgIDHcYcpCyrhqJf4vJ59g0ACKjq27/2W0u9K0SiUGWsbtlg7hDxchoFzB:s+ID6","tlshash":"2f43a44060d98e6b05b3c5e0a913ff64a5afe30bc169ca1178ee06c05ff7d79742e16a","dom_hash":"domhash451827ba4786d337f884985e39fa3fcc","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"vzwpxr.com/","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"104.21.16.134","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-19T11:33:07Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"static.shxaot.com","ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":50,"received_data":9603441,"sent_data":22575,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"vzwpxr.com","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-03-28","domain_rank":0,"first_seen":"2026-02-12T11:33:11.422665Z","last_seen":"2026-02-12T11:33:11.422665Z","alert_count":200,"request_count":50,"received_data":3857145,"sent_data":29468,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Tag Manager","description":"Google Tag Manager is a tag management system (TMS) that allows you to quickly and easily update measurement codes and related code fragments collectively known as tags on your website or mobile app.","website":"https://www.google.com/tagmanager","common_platform_enumeration":"","icon":"Google Tag Manager.svg","categories":["Tag managers"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.251.142.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-02-08T22:20:44.026892Z","alert_count":0,"request_count":1,"received_data":303854,"sent_data":429,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn.matomo.cloud","ip":{"addr":"3.167.2.19","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2017-09-08","domain_rank":124973,"first_seen":"2019-09-27T14:00:38Z","last_seen":"2026-02-11T14:31:27.381337Z","alert_count":0,"request_count":1,"received_data":140016,"sent_data":427,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"9170.matomo.cloud","ip":{"addr":"3.126.133.169","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2017-09-08","domain_rank":0,"first_seen":"2024-10-18T01:02:04.432395Z","last_seen":"2026-02-06T15:05:19.823858Z","alert_count":0,"request_count":1,"received_data":230,"sent_data":761,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"vzwpxr.com/","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d651aaa20951243f7ae8846591e81d66","sha1":"8857b694db085b66478d81fbcbc796e120cefec0","sha256":"b9db81666f61ade07fe83d3efc6531328c990302158d7b809440914d5afb9ff6","sha512":"b930af6f3a615bd3df46ba0bf5a159963e042b21c8485402d67a52ef6bcc6d811b8019c4eec3d04b8d4f17e8581f98c586afbe6f58dd26f939616dec4003fc57","ssdeep":"","tlshash":"5cf0ab8b39db14702d5ba03e573d8e2420a23217b084d033bcfcd8252f586aa4a75bf8","size":474,"data":"","first_seen":"2025-03-04T12:50:40.41597Z","last_seen":"2026-02-12T11:33:21.014549Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"9e1095714deb7cbdfd7fab5cb83b1bbb","sha1":"5660bb87ce001b7ea75f1e2aad87b01568940b2e","sha256":"edae7dd47e03d6c69c6661d064a2d167c1afc1512d80f9a8ce4f8eaed2ac07dc","sha512":"b2f8fb474bce8acdf1747b70a1febfe62ef066d8bc193bd8f00ac49a3dc4e57d4750fa20fa921c107eb2efe530261eb567f6e4fbc840967b7661f133bb686c28","ssdeep":"","tlshash":"3221368c4583a23f3616b4792b9a7595667b504b480dec00be0c8241bfd9b2ec2e7fd6","size":1128,"data":"","first_seen":"2025-09-27T04:17:39.77315Z","last_seen":"2026-02-12T11:33:21.0157Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"a28361e40415c05cc2c90a75dd6d3fc8","sha1":"3d47ac81e2c5d1203775799d70f03e9f4e61784b","sha256":"8a9872df15b62f65774661ea909ad4b9d2d7f9ea087103cb4d62889e4b6ae42f","sha512":"0a7907abbce6150ee69e55ac1a54c34e512c08984eb231c2378455b9bff3d89a18ce661de813b9be2e2175a732b224ce170f12a676c3d8cce920be8d034d6d55","ssdeep":"","tlshash":"2b9002cd7141710412966115456b2255756704f50904600042014455362830f8166ac9","size":44,"data":"","first_seen":"2023-03-08T01:27:27Z","last_seen":"2026-05-30T22:18:35.458381Z","times_seen":2150,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-54GH4KW","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.142.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"de67d3180da72a1771ade226003cc173","sha1":"960132927d72851e4bbbffb3a73862bd19fb9527","sha256":"cdc98b95522fe323d65cb86af120457971f0f64895e0ba305560dc54aec4b545","sha512":"493c14ba93116813c85706ddd7f54997672db9192a3ef8c5dbbc401bcc937963291cf3873883d8fe07981b2c66073912b1b52c8d5a5bf618c1c1337702dc2fdf","ssdeep":"6144:6/Oyt3h3cUoEh8EV8bteBe19vgMU0taKbQ:MZt3R2Eh853e0ta0Q","tlshash":"b45407cdb7da706683a3a478503f114bb23b7992f84cd894e186d8d42d70a6a4277f7c","size":303204,"data":"","first_seen":"2026-02-12T11:33:20.881927Z","last_seen":"2026-02-12T11:33:20.881927Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/static/js/manifest.29c055f88a232c5aa488.js","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a9ef8a82cba4fde37ab6f120a5a2fdb9","sha1":"51075ea51f13d12462269d75824c997c2232096d","sha256":"e13cf033090422c2b24b2383fa70971fc7e662e45b168068a0ff7ba6e4e1eeeb","sha512":"4953059176a3994e3c641780bc5d0920a55d3d26c11b5857c4869d674d26b48cf1b8bdde9dc23a93f488191a3cff804e198e515a8e6ce301c8285cbd5307cb58","ssdeep":"","tlshash":"4651b6eea3a6f4d927fb08ac073fa161613d2502783acc94e3c5e4d27d35c8495226b9","size":2493,"data":"","first_seen":"2026-02-12T11:33:20.809438Z","last_seen":"2026-02-12T11:33:20.809438Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/static/js/common-api.592e1b1bd362212ae158.js","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9a8148a05617353727c11ab94f98aef3","sha1":"d852d2007ef055cb2883944cdb7cf60ef80f11fd","sha256":"807a8ba89884263a56224dbed4b28527289aaea8d0b203ecdec911c5f002517f","sha512":"49cba44f0cdb437385f9148bba035609a6a3021a0a11d57da4cb1b61e95be8c8ca0e082872f7ab6b6eb3c75d1b8e2b6008e07d5d7b6c4b4011873b3532099780","ssdeep":"1536:8kJ5+ZZ/291d6b/chs5N4AehjevRdBZPBW76CuOAFgo5U9CD9sYPBH29:zJMe91ZrpoJC6DmoZpsYPBHu","tlshash":"0ea3754d7686b5ae1297707c305f310d607fb5d0e8cd8014ada9e2d67f78a8ea217e2c","size":107171,"data":"","first_seen":"2026-02-12T11:33:20.703082Z","last_seen":"2026-02-12T11:33:20.703082Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/#/home","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"fcaea4b8885ca5c1fb3ddd5c490da5c6","sha1":"35745f87b37210d992a9ed534a593ae500b7adaa","sha256":"934c2008743c36db746a9d6ebd9f1b84ff11477edc55fbf7b599bbfa687f7272","sha512":"65e3bda5b8bd909b2fed0a25e3d6d3d7d2984601de4a906783c783097fcd8902ea1c2fa05d33619126415bc5000a72e8459eb81c971a85e2ddb374f9fd9231aa","ssdeep":"","tlshash":"889002c520d965518ad321a061261a46615a04f914a48c5091589c56287303092695bc","size":54,"data":"","first_seen":"2023-04-12T08:25:39Z","last_seen":"2026-05-31T05:12:42.909142Z","times_seen":22433,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/static/js/build43.29e696b96f3491d8ed57.js","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7c11dd2d3e62fa4924b8a61ba6c292b0","sha1":"de44a18ca87fe5bbfe85121e30edad947846b419","sha256":"bc4160e6ade8254b320020b14a12eae60d6ce011c6ed7331dd57e55c334be974","sha512":"1f44718e58a020bec34389c71f464e9bd9a7fc25ba893c6831dd0c12abf5952728124b5ada8d55840f2ecca97a129953b3cbdd3c9b1a33e2f45e887fe24eedfd","ssdeep":"6144:DeIEv91jJCoO0DKqltoXg2kDTgDRezBeqs:DeIY91dZO0DKqlt65o/zBa","tlshash":"b7540a0db1c6b5ad055b6034216f211da07b3ad4a84bc099ba7cd9c5aff8e8d611bf2c","size":281815,"data":"","first_seen":"2026-02-12T11:33:20.751654Z","last_seen":"2026-02-12T11:33:20.751654Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"330433b0b210bd844c92ec926693d778","sha1":"15153e6f593f7def35ebad64c48599a7e6eeb063","sha256":"f169216fe98337b8c8cdcbe7cb287b5c61fc7bf292a59ac791a4cd5b3e3b7c06","sha512":"3ba614f160381da5a6ff1b82397b3e56c3dd8f4319ab192b1611d6ec9bd5731dd989a98020b8e7edf06e527fb4d6da6f1a56c03edb22cd9af656963a66031f97","ssdeep":"","tlshash":"28e02b1f0916ef3f223b21646db18f1eb6cf252d9b9480529687c0283455d9941a934c","size":408,"data":"","first_seen":"2025-03-04T12:50:40.41433Z","last_seen":"2026-02-12T11:33:21.028059Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.matomo.cloud/9170.matomo.cloud/matomo.js","fqdn":"cdn.matomo.cloud","domain":"matomo.cloud","tld":"cloud"},"ip":{"addr":"3.167.2.19","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"cf8b381329cc0aee32cb1b8b039f45a4","sha1":"4c3df5b37efad2433b0ce9797cf616b9054e73f8","sha256":"2aa5b34976102b9b3df357626c749e33cfe37a0e0031edfb40a3471c1d303a1c","sha512":"27024ab0f52f0897e4783d44c281bf863d459b91521402fff79f9e35a33de5705cb4d84e217a279cd68c1b63d472ce4ced4a9f9c70b01f5a974b99bdeca90bf0","ssdeep":"3072:AT+Z2fucXYy1PGJ9d1QkNw0CjBi4jZdV50tqv:ASUucfBGrd1HwBi4jZdV50tqv","tlshash":"e5d3088a72c2753a86db60b5543f110b733a9daa2448c0b8f625d4f63d78e0e553bf78","size":139327,"data":"","first_seen":"2026-02-05T13:16:52.117928Z","last_seen":"2026-05-18T14:30:39.242884Z","times_seen":658,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/static/js/vendor.ecc8e588230aaa517812.js","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6b3fcce2c66701f1b47eb9aa934e31dc","sha1":"8f92f89d68775bec566e5461e046bd93dcba45e0","sha256":"f26da449476db33eae5f9103da064a26dfd40eb95bf70313e49af31396968284","sha512":"c40b89b81fa23bfb56354443305dcc8672de2c2e8a3ba6f0e92240891423dc10d7fc724d78e8f8e7ac0097200ae568c143078c68f738d4d1fa7f7ea97ccf1e08","ssdeep":"6144:30uo7pYo+D+qKcx+nkeAJw5Dqxe9kK7Ri99MGM7+sfWR3Ih1oJCglw9WZ3pusb4b:WdH+DqBkK7wMGM7TNnEu","tlshash":"b6c4f68df2d1b0a112e760a1412f520bf2776859780ec4e8f675e8e6acb894d513bf7c","size":558945,"data":"","first_seen":"2025-03-04T12:50:40.417678Z","last_seen":"2026-02-12T11:33:20.672133Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/static/js/vendor-build43.ab69862ad6ec6bf74063.js","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3d75763eec1fc1110b5c03ea95d23be5","sha1":"4f51da62eb4c45a37be5ef62b1ea90aa684e1cf1","sha256":"08811f4308e27692900f90942b9be1c225ba4a2c9aa18c266f5a2c835e3a8ce8","sha512":"9b0dbecb028ca4f51a4015e39270b0e2b727a7d2382171a2336c97522f7474798eac25e80c89ad8df20c6b4e86fa78c154835c916148ff211f7f5d6ecdf0eccf","ssdeep":"6144:GesXTN1dxHl5ArJCjDXENXM6fDqY/VS60jYn5EHODacBu8is6Z0why:GesXTNhH2AjDXENXM6fDqjtKuHwBQhy","tlshash":"4ef4f98d72c1b57147a360a0403f250bf33b299da809809cf679d8ea6dbd948526ff7d","size":758426,"data":"","first_seen":"2025-03-04T12:50:40.418954Z","last_seen":"2026-02-12T11:33:20.822521Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"static.shxaot.com//gamelist/PCLASSICG/1740553650414.jpg","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:47.040Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET //gamelist/PCLASSICG/1740553650414.jpg HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:47 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 255926\r\nlast-modified: Wed, 26 Feb 2025 07:07:22 GMT\r\netag: \"67bebdaa-3e7b6\"\r\nexpires: Thu, 12 Feb 2026 14:32:47 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":255926,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3","md5":"352430468dcaf78e05546bddb4cf283e","sha1":"21b81a0fd519ff6eb2a043750355cbd052c2fa36","sha256":"455b442c3868e16b5b4563cadc3b19a259beeabe15ef3d3a68c3cc89951cf1a7","sha512":"74cdd5554374fcf892309b89d96d8806e17a1f4f718500525374dbb29432a703b74c89ed03ea93e140480cc5479a19256d32b1a7f6de210f020b42c0ff89312d","ssdeep":"3072:iz7mX4y+viPrLSJaoBKfTfcWgU/1L0m/ZGvFEB7Bl6GU7ou+gw+jewdkU9R7MZqR:izy1GCPmaRbd5qm/3zwoR+dkK7yqcNLM","tlshash":"96441287bea17c038dd91cf016175668c31d4598b4a74baa44ece9e9f4b1e0d1f29d30","first_seen":"2025-03-04T12:50:40.392364Z","last_seen":"2026-02-12T11:33:20.664779Z","times_seen":13,"resource_available":false,"data":null}},"time_used":1042,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":373,"receive":669,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com//gamelist/PCLASSICG/1736402033522.jpg","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:47.042Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET //gamelist/PCLASSICG/1736402033522.jpg HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:47 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 246959\r\nlast-modified: Thu, 09 Jan 2025 05:53:48 GMT\r\netag: \"677f646c-3c4af\"\r\nexpires: Thu, 12 Feb 2026 14:32:47 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":246959,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3","md5":"4e8378b4adc8d6e1a57e82ea3782004b","sha1":"bda27d1070be323a9d720e7ad87ccaa0875eba5e","sha256":"473b9edcf52a4b5a98c32b3fd1dffd8cb5a53d9c3fe2fc059b759fd8d0b8d1ba","sha512":"df8f428f4575cd44c9fae77649ac3f56d83351ed71810aa5cf624a95d28377dd9d659d8eec09329ecb2b4ae62a36a7994614ebf057fd0c79c3c76d7349936b97","ssdeep":"6144:tiKYmONWKQpKxhNZ6OYAA4EOTBfEyR/P7jqheilwglvkZlkZ:tRmNnsMhNAOjA4pBfP/P3RkwgmE","tlshash":"52341248e5ec52938bcc1a31507b4a281ae6e73872e61e278f4ff45fc5d7590a72a0f4","first_seen":"2025-03-04T12:50:40.405079Z","last_seen":"2026-02-12T11:33:20.66804Z","times_seen":13,"resource_available":false,"data":null}},"time_used":1044,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":542,"receive":502,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com//gamelist/PCLASSICG/1736401963709.jpg","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:47.046Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET //gamelist/PCLASSICG/1736401963709.jpg HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:47 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 140253\r\nlast-modified: Thu, 09 Jan 2025 05:52:39 GMT\r\netag: \"677f6427-223dd\"\r\nexpires: Thu, 12 Feb 2026 14:32:47 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":140253,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3","md5":"8d84d739b9b2a1255911c64cbf494d60","sha1":"3212fa60a55bed271796d089c6e81dfc76a32f43","sha256":"4212459967554cdf5b22770e3f1d38edc9b556c518d8d7bc8a81026dc7f0588d","sha512":"45f2d6df1d04a79f0e5b6ca3f9831dd4d26fcafac1dcb1801fd4dd292f2e4faa1153561d5c95b2f5ca981b9da03e0a11488cafc152e3cba6b08aa52760dbbc3e","ssdeep":"3072:0fA31m4uQXR0DwAtUIwO6rIncHlFEzAmZ6mw1VwvhFBZPQZZaZ:yABhcLtwO6ScHlFzmYmw1AhjmZC","tlshash":"b2d3238f209de41a56e64d28479417e07ad500dc0ac1fe7a46abfe23a2cff13b156537","first_seen":"2025-03-04T12:50:40.367071Z","last_seen":"2026-02-12T11:33:20.670177Z","times_seen":13,"resource_available":false,"data":null}},"time_used":964,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":540,"receive":424,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/static/js/vendor.ecc8e588230aaa517812.js","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:43.167Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"GET /static/js/vendor.ecc8e588230aaa517812.js HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:43 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 18 Nov 2025 06:23:55 GMT\r\netag: W/\"691c10fb-88761\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lbEBqBh74nNoTSuZIlP1iakd18UfxlhPUZW15zbz9OzyglFJnFgd9VEYJzo5PQ0tE1yA2JulIgd%2F0I7jfwButPODchCuxy%2BvJro%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ccbc4598ea475c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":558945,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (37988)","md5":"6b3fcce2c66701f1b47eb9aa934e31dc","sha1":"8f92f89d68775bec566e5461e046bd93dcba45e0","sha256":"f26da449476db33eae5f9103da064a26dfd40eb95bf70313e49af31396968284","sha512":"c40b89b81fa23bfb56354443305dcc8672de2c2e8a3ba6f0e92240891423dc10d7fc724d78e8f8e7ac0097200ae568c143078c68f738d4d1fa7f7ea97ccf1e08","ssdeep":"6144:30uo7pYo+D+qKcx+nkeAJw5Dqxe9kK7Ri99MGM7+sfWR3Ih1oJCglw9WZ3pusb4b:WdH+DqBkK7wMGM7TNnEu","tlshash":"b6c4f68df2d1b0a112e760a1412f520bf2776859780ec4e8f675e8e6acb894d513bf7c","first_seen":"2025-03-04T12:50:40.417678Z","last_seen":"2026-02-12T11:33:20.672133Z","times_seen":13,"resource_available":true,"data":null}},"time_used":1391,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":575,"receive":816,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/api/guest/queryBonusArticleTypeList","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.142Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"POST /api/guest/queryBonusArticleTypeList HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 10\r\nOrigin: https://vzwpxr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":10,"data":"appType=PC"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:45 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RYIXR8cOlA0dwKslTEvLiUR3j%2BaBZtILYnyNyec%2Fl9kzgDahqglcdjBIFhlwOi8RDyHmXEQRteJzUoek9miyD9uFh3sJUgJPVAg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9ccbc4662f1d75c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1082,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"466570f7a7534fc9ce126308a2122b6d","sha1":"89a62a939b43b46bfc964236d5a47ca438c91cee","sha256":"bafd195f2276edc5627b9ee1bf4ce1bf0865bcfbec50385274c9e59b41a51c8c","sha512":"03ae8921fb56a129d01f1ef19fd2d5bc463f17f0a4ffdc7f94ecbb7df245694f219c27a6328a39371e25c28dddf26337bc98091046b7fc9d2ca869c74db98fb1","ssdeep":"","tlshash":"7b11b954068a5f7fc61a749d7de7a44e70e6312143fd9a29fc8ecf0c5086f053ab8660","first_seen":"2025-09-27T04:17:39.747113Z","last_seen":"2026-02-12T11:33:20.673908Z","times_seen":6,"resource_available":false,"data":null}},"time_used":301,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":301,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/api/guest/frontConfig/getFrontConfig","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.153Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"POST /api/guest/frontConfig/getFrontConfig HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 49\r\nOrigin: https://vzwpxr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":49,"data":"configKey=easy_to_remember_domain_name\u0026appType=PC"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:45 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Qz1UFZY6PEhgXvRJWd1IFQ1DHa6H4YK4kMLm4roEqvqjdK7cQ%2FSFZswXr%2F4LokT%2Bfqri7umkPnKNki3Ft7chenryxHJFHlw9HS4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9ccbc4662f3575c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":75,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"53fcb546a8a447dc64e026d42f794ae2","sha1":"a3abaa5868a784c100e21f9297161760e3abe18e","sha256":"932356a302f3cf80723247f63852f3e0528d585a402b7a644a04d91dd2afa21d","sha512":"65960a94ec07de3b22ebd3bd902a033210cce767f842d75148a442d151cf3040ccb5d50cef79fd15b0dc22c931c5f719ea2ff87f9acf7ef339a345666357948e","ssdeep":"","tlshash":"2aa012920a4c030369c20040500a3111111d29431041d5c4488c5a2000a85f14004821","first_seen":"2025-09-27T04:17:39.758384Z","last_seen":"2026-02-12T11:33:20.680714Z","times_seen":6,"resource_available":false,"data":null}},"time_used":565,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":565,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/api/guest/fetchImgs","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.191Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"POST /api/guest/fetchImgs HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 79\r\nOrigin: https://vzwpxr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":79,"data":"imgCodes=yhPCFloatTop%2CyhPCFloatLeft%2CyhPCFloatRight%2CyhPCFloatQr\u0026appType=PC"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:45 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hXUeOkbExRq81Dzhk9HClZmEJIVhR5PIy46xdvIYoExOqIxaLEys8nFzfcvA%2FCnC6KmOPwyKiDl17szZRgMeJeYY%2FX7YvfbniR0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9ccbc4665fe175c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3294,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"47e8c74e281940f64f3e2252a3c8bba1","sha1":"c062f09c8fddf9a6594bca5200048db1aafb9180","sha256":"9e1c0fde3291b60716e31bab9724c8c46d7137691fcaf5dbeef88849a4ccb584","sha512":"e21c6d105a6b07735cbf0122aeeeb819846aee23048e987c678545b737ec61dc29a37be3739f613eccf764bc33efae9099c4e459aef93294f0a3c7f247768513","ssdeep":"","tlshash":"2c61d2da4610a8791ee4b6c3158761acd2da60ff94eac85acccbcd4c4cf58bd190f089","first_seen":"2026-02-12T11:33:20.684454Z","last_seen":"2026-02-12T11:33:20.684454Z","times_seen":1,"resource_available":false,"data":null}},"time_used":608,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":608,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/static/img/slogan.d9c5a66.png","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.221Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"GET /static/img/slogan.d9c5a66.png HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/static/css/build43.1d3258981b762738ff7941d910b3f7b9.css\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 11894\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 18 Nov 2025 06:23:55 GMT\r\netag: \"691c10fb-2e76\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OfIGTOxEDczQkmsyWikzDZdZh1NBOdJXMXeTM%2B5Br65bfESVFZG%2B3zDCh9qtjlBShR3KgkWdhICMhhF%2B2BN0QbLcanlMx%2F9j42M%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ccbc46688bf75c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11894,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 448 x 85, 8-bit/color RGBA, non-interlaced","md5":"d9c5a663a15926c641d2d3380c114d75","sha1":"e2f1ccd3cd2dc4f9cde30ad6356aac66ead6d9a7","sha256":"93ed732ae73a9ddf0ab5695ab24ab42710414737f03916b08ff9ab48187312b5","sha512":"6462b41e91b489ae0df8b32f48c5cc78a5060d91205a7009cc1aab371e02527b30c7ec7336abc16618c74506b9ab49cae029c21ff4e133b2dd4bb1032f958972","ssdeep":"192:HSHIIHUCD4wamBDsvx6GOgSXLs7j3wUky47U7XY63lD0WMjE0xBQWU:y50wuJ6qSXcwUH447IMlD08WU","tlshash":"2232bfd85493088e1200467635f7c9194b96ab44e3e90d98ffea660f83bd8637c07b3b","first_seen":"2025-03-04T12:50:40.375387Z","last_seen":"2026-02-12T11:33:20.686954Z","times_seen":13,"resource_available":false,"data":null}},"time_used":580,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":580,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/static/img/guide.0930c12.png","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.222Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"GET /static/img/guide.0930c12.png HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/static/css/build43.1d3258981b762738ff7941d910b3f7b9.css\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 21018\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 18 Nov 2025 06:23:55 GMT\r\netag: \"691c10fb-521a\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VGZcrHBgkv6q9MoJETTSRxenKRAWIZcuR5gkJdEixSrkDZbkbelDVXh4TJZSYcpG%2Fy9y%2Fv2gA5cNsOWM7H5xd5mhlV7bv1Jl2S8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ccbc46688c475c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21018,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1000 x 114, 8-bit/color RGBA, non-interlaced","md5":"0930c12a98ba085b687b7b34fa006c80","sha1":"a97532deac304dbd0f3cd75417e2d5fd11221ad9","sha256":"9164b4f401fe90b9376dbd1e352fb6e3fca15623512189831d72ff88b747f7c7","sha512":"7be3d98089ecf5c2cd1885717d920a4eb714a40f93c79fb66c2d064d704a51287f40e2f95337b6c322df24b4baf660e3aea86780211220b7ec6eb1fa8a9e0a43","ssdeep":"384:+50wo8I9/QqlXjz4LBAfrjgks6L6skJTVLedr:kW8I94qlXAFAz8LwoDLWr","tlshash":"8b92bf8d84d2d5205dcc787b6f27c7180776e85713800a2e528b779a7e6013e236aaef","first_seen":"2025-03-04T12:50:40.413107Z","last_seen":"2026-02-12T11:33:20.689146Z","times_seen":13,"resource_available":false,"data":null}},"time_used":810,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":547,"receive":263,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/api/guest/liveSocket/info?t=1770895965230","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.233Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"GET /api/guest/liveSocket/info?t=1770895965230 HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:45 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\ncache-control: no-store, no-cache, must-revalidate, max-age=0\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RstbOpdfy4L%2F51s%2BdtAUYg%2FZJXKQC4a%2B4vxV%2FseBQz0Q980SfhGS4u6SMJF9DUqfcomOCjfsOzoVmHNTd2PM7apOCJtVCKL8cK0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9ccbc466b94975c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":79,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"1ef8a2d242ad6234fd6e84e024845962","sha1":"4e2105fc4a49dd400cb6ba602eb1bbab1faf3602","sha256":"f08e00b102e6a89b70c077e8e49a228f1c79186fbb77980efda366d21703c118","sha512":"d6f8f21b49b8889c2bf9bf2a6fc018b39e62d5552980a052934187193238546ecc693383c72ca1913859014bb99fdee0675b7e0cd7930e26956f707802d0b7eb","ssdeep":"","tlshash":"dba0121f9c2c316444c82b0113001e22a42814bb810060e51139651402a10131410147","first_seen":"2026-02-12T11:33:20.69821Z","last_seen":"2026-02-12T11:33:20.69821Z","times_seen":1,"resource_available":false,"data":null}},"time_used":570,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":570,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com////image/1599612432097308.png","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:46.691Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET ////image/1599612432097308.png HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 4131\r\nlast-modified: Wed, 09 Sep 2020 00:47:12 GMT\r\netag: \"5f582610-1023\"\r\nexpires: Thu, 12 Feb 2026 14:32:46 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4131,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 158 x 108, 8-bit/color RGBA, non-interlaced","md5":"7486b1f1b9455223121f4ad6dcb7a4b4","sha1":"937113f0076476f84b99fc6935f5cfed388ba4aa","sha256":"90ae48a842ffd1d03c3ffb8f4f48b85708a1bd21d520b1d11b74bb6fb2929d15","sha512":"f617961ea9b68a9e86b22edb58e9dbbab8d7d0ddea187185d11ab90cc2881e38e71e9d7c28eafc2ae1165530d566f666150e858600c7d81cfa0a18f5142cbfac","ssdeep":"96:FSeHJAE8lIuhiv0OZqABukN9c+FR8YX2a3CEx0HhsvJayqulMYOn:oQ2XIuU5qABus9c+FR+DywUlSn","tlshash":"ed816d89bd53fd424054f34665b3c32b8e1b96a0d98ff34e3599cc6414150f4dcae6ea","first_seen":"2025-03-04T12:50:40.410979Z","last_seen":"2026-02-12T11:33:20.700714Z","times_seen":13,"resource_available":false,"data":null}},"time_used":905,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":703,"receive":202,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/static/js/common-api.592e1b1bd362212ae158.js","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:43.172Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"GET /static/js/common-api.592e1b1bd362212ae158.js HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:43 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 18 Nov 2025 06:23:55 GMT\r\netag: W/\"691c10fb-1a2a3\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8GuarWrrAmR9KMo1RiGOcV%2BR%2FeIJqB09vroyGvDc8IU%2FPrCGqb2P6%2FQPVl9PqgA0WZYYx9nZkxq4axCSNJX8MSDkkl3M6HPM9DM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ccbc4598ebb75c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":107171,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (62288), with no line terminators","md5":"9a8148a05617353727c11ab94f98aef3","sha1":"d852d2007ef055cb2883944cdb7cf60ef80f11fd","sha256":"807a8ba89884263a56224dbed4b28527289aaea8d0b203ecdec911c5f002517f","sha512":"49cba44f0cdb437385f9148bba035609a6a3021a0a11d57da4cb1b61e95be8c8ca0e082872f7ab6b6eb3c75d1b8e2b6008e07d5d7b6c4b4011873b3532099780","ssdeep":"1536:8kJ5+ZZ/291d6b/chs5N4AehjevRdBZPBW76CuOAFgo5U9CD9sYPBH29:zJMe91ZrpoJC6DmoZpsYPBHu","tlshash":"0ea3754d7686b5ae1297707c305f310d607fb5d0e8cd8014ada9e2d67f78a8ea217e2c","first_seen":"2026-02-12T11:33:20.703082Z","last_seen":"2026-02-12T11:33:20.703082Z","times_seen":1,"resource_available":true,"data":null}},"time_used":810,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":547,"receive":263,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/static/img/logo.2634e91.png","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.214Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"GET /static/img/logo.2634e91.png HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/static/css/build43.1d3258981b762738ff7941d910b3f7b9.css\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 29896\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 18 Nov 2025 06:23:55 GMT\r\netag: \"691c10fb-74c8\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FSi0QcYd3aByC4jg6s68jhpEGI%2BbvB%2Boqxxe7GaW2io2iv6FoFxbrchLdAasLD9RTi4oEK0cQoX9OXtQDlSOyuixfjcMguGQJqk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ccbc466788d75c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29896,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 228 x 74, 8-bit/color RGBA, non-interlaced","md5":"2634e9184ab458ec59a164ee2b8164cb","sha1":"9bfa0f3e700c1febd88a466a16593a57ba99ad92","sha256":"d2dc8614571e377fc3b7c0d0effe8d691d1b1d0c947ca3f54bf56061463fb855","sha512":"87c58252ad63d3f9043bf39f68f3342cffc0ae78b6d33dbd11250bd26c550d117dc68cfa902f97ba792a66f63a104b22f686ebb27ca8386c5c775efb0c2678bf","ssdeep":"768:c6xvESIuPETEzPSfG9KQUMr8cHALF6WSbbQJZ:jxvEpuP8+9KQcqwHJZ","tlshash":"92d2f17366d7a542f848b293cd2a48d082c1301606cf43677b79bdba079bbd1ea17bc5","first_seen":"2025-03-04T12:50:40.377905Z","last_seen":"2026-02-12T11:33:20.705274Z","times_seen":13,"resource_available":false,"data":null}},"time_used":765,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":517,"receive":248,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com/upload/1723455188929937.png","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:46.017Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET /upload/1723455188929937.png HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 389903\r\nlast-modified: Mon, 12 Aug 2024 09:33:09 GMT\r\netag: \"66b9d6d5-5f30f\"\r\nexpires: Thu, 12 Feb 2026 14:32:46 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":389903,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 418, 8-bit colormap, non-interlaced","md5":"f13bbceb7fd0d5697567f4923ce8d50b","sha1":"f511e3b4fcab6ef5733996b77d9a4302de550d3b","sha256":"629d79403cf8d160e1d949fa9db1a7887a5cb85b0810e8a720b630a83e56e567","sha512":"504c85f1288535ab87da8641e8428674da00e68793dfe015d00aa86317338582dbfdaa02e6bdf8269494c2c2628f84dd58a957bb13a61527c4be59926ff500de","ssdeep":"6144:6JxvUVp3WIroMDwGduvZmYN+OpSYH5xvjUeFg8PlVXJrVvN+MCmN+p6:6XOMQVEBmYN+OHH5LnHXJJvN9rR","tlshash":"6684234b619a49abbd1e3d9376c1b8d0d85dc0d45ecbe2c3c969b767e0a810fa371072","first_seen":"2025-03-04T12:50:40.363558Z","last_seen":"2026-02-12T11:33:20.707205Z","times_seen":13,"resource_available":false,"data":null}},"time_used":2396,"timings":{"blocked":481,"dns":0,"connect":0,"send":0,"wait":721,"receive":1194,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/api/guest/fetchImg","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.156Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"POST /api/guest/fetchImg HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 35\r\nOrigin: https://vzwpxr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":35,"data":"imgCode=yhPCHomeImageNav\u0026appType=PC"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:45 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Xv0YnTicVCtNJeo3%2BMIGx35MZfBHX7c3ItEDUp8dYWOC9G7oK3mC8ZmQIOtIDrgrELJrlKtooFkLB%2FWZZCdozYAMgybUmlRmtNI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9ccbc4662f3975c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1254,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"8fb53962d7a425ef906f280f5420d3bc","sha1":"e28317edd1d36a08b983ba7cf80e81745e808198","sha256":"1ad4d3ffae99af93c0f010b0534998063bb6e0d4e69f8e51aa601ef6c12e4f13","sha512":"90be2c7d329da731fa81e93bf23af0f90933e6b9c22e3ed03d0a2eed45c97ca095da467024bf8245246eec51b65ab5127a1b2a0f71280117c23eea4ee8282b62","ssdeep":"","tlshash":"f62138570928aeb90ee9f5c21c47a09c905d523bd4aacdb988cbce4c5ce99bc061f14b","first_seen":"2026-02-12T11:33:20.714603Z","last_seen":"2026-02-12T11:33:20.714603Z","times_seen":1,"resource_available":false,"data":null}},"time_used":599,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":599,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/api/game/guest/gamePlatform","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.168Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"POST /api/game/guest/gamePlatform HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 42\r\nOrigin: https://vzwpxr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":42,"data":"pageNo=1\u0026gameType=5\u0026pageSize=50\u0026appType=PC"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:45 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nbr3SJNkWoUal3C1sbbQgNpBt%2BU3mUBPs4WUVZC%2FScSfTXJqFLFk4waiaKc9lCL5WQ40rAKCl5sPninV7Y3PtXjKPu4D19XU3wc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9ccbc4664f7d75c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14805,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (12764), with no line terminators","md5":"4a571757f630abcbde215cc81732f3a1","sha1":"e3d9c1c6fefe0051d65b0647d0c46f044c5c4a4e","sha256":"bc0b007d90d58c59c24c7ed7eaf4ff6ec5b272375ae2c263ecf66049edd222d6","sha512":"b4bc0efb4bc2943e94340c01625dbce31e022fdf53e5c994673669468563151243d0f8948da33ddf8a0e34f4bf46e4d7511664b5c48dbbdf2edfd024b663ccf6","ssdeep":"384:k+5dHOqQOuOLOyOoOsyOJD+jaA3qupfI7P:1vFD+j13qYfI7P","tlshash":"9d62104e4e6b9a29ca66e1df17cb585ca5fd17e2a18ac29cdd94cdf08db0e04120e11f","first_seen":"2026-02-12T11:33:20.722467Z","last_seen":"2026-02-12T11:33:20.722467Z","times_seen":1,"resource_available":false,"data":null}},"time_used":861,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":585,"receive":276,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/api/guest/allGameInfo","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.197Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"POST /api/guest/allGameInfo HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 10\r\nOrigin: https://vzwpxr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":10,"data":"appType=PC"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:45 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qGnPiWYJEuyp%2FMguimovuFNZAd4lyH0%2FIC7JS938yCbq4xoPlOf8E0FWlk9CgvIAXTk5yVgIt4u0TD5RIlZPX51WmyANxKMSvl0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9ccbc4665ff775c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":52981,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (46893), with no line terminators","md5":"d85f48845a897a34b24dba6d91dcce7f","sha1":"4df22ed45077944eff4e0d30dc3d6415c3539ec9","sha256":"9d9a33d0355929cc8e99525c21d1ffbdc4dbe7348082ceedb76ef3c265e68ef9","sha512":"3f48652bd80537ff58ab44c840fdf290aadce4f3e12b7366add1c42c627f4db7dcc43b8fd230e22537134115e144647cf139aa640d28a39db69d0d6551b58938","ssdeep":"1536:Mu8u5uiuJuquwuHuzhu7u4uFuUuwuIuKsuVcmwUumRuYudu6uLubutu6u3uDuNud:wX","tlshash":"5833244a0b53c8699e16eaeb57cf7d58d4bd16a781c6cabcccc4cea144f4674130e22a","first_seen":"2026-02-12T11:33:20.729548Z","last_seen":"2026-02-12T11:33:20.729548Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":689,"receive":519,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/api/guest/allGameInfo","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.198Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"POST /api/guest/allGameInfo HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 10\r\nOrigin: https://vzwpxr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":10,"data":"appType=PC"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:45 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7Vj23S7rjxVHikm3brK8u5mGD%2BGo4wV6IX5met%2BeM8K%2Fh8ityl1DDN7U0yZ2H5u%2F%2FXTEr%2B6yaOs2d%2FlMYaCgboE6fpH%2BxW8k9Xo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9ccbc466580175c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":52981,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (46893), with no line terminators","md5":"d85f48845a897a34b24dba6d91dcce7f","sha1":"4df22ed45077944eff4e0d30dc3d6415c3539ec9","sha256":"9d9a33d0355929cc8e99525c21d1ffbdc4dbe7348082ceedb76ef3c265e68ef9","sha512":"3f48652bd80537ff58ab44c840fdf290aadce4f3e12b7366add1c42c627f4db7dcc43b8fd230e22537134115e144647cf139aa640d28a39db69d0d6551b58938","ssdeep":"1536:Mu8u5uiuJuquwuHuzhu7u4uFuUuwuIuKsuVcmwUumRuYudu6uLubutu6u3uDuNud:wX","tlshash":"5833244a0b53c8699e16eaeb57cf7d58d4bd16a781c6cabcccc4cea144f4674130e22a","first_seen":"2026-02-12T11:33:20.729548Z","last_seen":"2026-02-12T11:33:20.729548Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1279,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":729,"receive":550,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com/upload/1615883311813872.png","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.915Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET /upload/1615883311813872.png HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 201348\r\nlast-modified: Tue, 16 Mar 2021 08:28:32 GMT\r\netag: \"60506c30-31284\"\r\nexpires: Thu, 12 Feb 2026 14:32:46 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":201348,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 700, 8-bit/color RGBA, non-interlaced","md5":"f145953e888dca04c2cfbca7a5cf960e","sha1":"2caa5314ede7bd4cefdad745cbe1e6db60e4fca8","sha256":"766994fd251e1509335044a228bc064c00dffe00544ca47f1bf282e107a053e0","sha512":"99f4f1ac9d3fada912f5584662e2b074b2c1998109d503398033754f291fe9523479b4eceb33734a8892e1d80f0c485885886a7544f05ddee1eea04d48d0cb2b","ssdeep":"3072:dur0MSwVG1jTptP8r6DHFCFyPMDTikkH+9C/X8NnN9d3i7nVVjNUGwID/g2K:v8e/pWyEnivNXCNeLvPOv","tlshash":"c214231ce28d2ba67c0de26ac8291d353de5f38c83f196f3472a21816d52053f79dad6","first_seen":"2025-03-04T12:50:40.384745Z","last_seen":"2026-02-12T11:33:20.733856Z","times_seen":13,"resource_available":false,"data":null}},"time_used":2261,"timings":{"blocked":582,"dns":210,"connect":177,"send":0,"wait":179,"receive":916,"ssl":193},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com/upload/1769491854309195.jpg","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.977Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET /upload/1769491854309195.jpg HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 383783\r\nlast-modified: Tue, 27 Jan 2026 05:30:54 GMT\r\netag: \"69784d8e-5db27\"\r\nexpires: Thu, 12 Feb 2026 14:32:46 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":383783,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 660x389, components 3","md5":"4be2fdf1725f8e31dc4526c8be8a91b2","sha1":"1d3122bd0e4428ab08322bbec038c5362278002a","sha256":"ae52777025bbaa15e51fe0c86af89bcd5c6e0db1ef255cb9689f24b287d05cf9","sha512":"ef8be2fb1acab32b583231c233e45d45d457a4fb9455a43704082c923ca90116a6f8eb7d286152d1c89b8ea864ef9eb8181dd3875cf2b095b7b7a1479d5e58d7","ssdeep":"6144:8CGHhE7bvdPpQ9YZyph/gnIxAa1BnHDPUm/CJaz9UOuqTiFTJerUa27+FsNMaMk7:8CohE3lpQ+ZUTAkBnHDd/CErk7+FO7","tlshash":"9f842391e463dc318f012732fae6ca15f645cc45763cade6131aeeede6ade2b5134808","first_seen":"2026-02-12T11:33:20.738549Z","last_seen":"2026-02-12T11:33:20.738549Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2689,"timings":{"blocked":538,"dns":0,"connect":181,"send":0,"wait":709,"receive":1051,"ssl":196},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com/upload/1723455219779892.png","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:46.032Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET /upload/1723455219779892.png HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 360492\r\nlast-modified: Mon, 12 Aug 2024 09:33:40 GMT\r\netag: \"66b9d6f4-5802c\"\r\nexpires: Thu, 12 Feb 2026 14:32:46 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":360492,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 418, 8-bit colormap, non-interlaced","md5":"d3b4b42fe49d2da5458be274fe14c9e8","sha1":"4833eb1f6677b041fbe5647c65f1f50bf4bbb617","sha256":"65df8ef502fabf3e3aa7528030cab329c2e3f6e37695865cd431623f4070727c","sha512":"53ed58bfb297492dd720235e4f81d1f5d4accb7a6f01169baaff45396588312521b6b5678b47ddbfbfc0d7e83d793d76c02eeaa5108322c1f87b23a6561cfe86","ssdeep":"6144:cq5Nw+eLJgK+w4hP6q1L6Zt04iiwxXQlXIucBptD2bbYLZe8vuSzFEGZ4epj06EN:r5WbUhP6e63iiO4Yuc/tDQsLhW8CepWt","tlshash":"3a7423cca45b37f0e0e777982f995612639239bf83795a65d762dce276a3098390033c","first_seen":"2025-03-04T12:50:40.40894Z","last_seen":"2026-02-12T11:33:20.746242Z","times_seen":13,"resource_available":false,"data":null}},"time_used":2529,"timings":{"blocked":467,"dns":0,"connect":0,"send":0,"wait":721,"receive":1341,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com//gamelist/PCLASSICG/1726032758295.jpg","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:47.032Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET //gamelist/PCLASSICG/1726032758295.jpg HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:47 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 22425\r\nlast-modified: Wed, 11 Sep 2024 05:32:37 GMT\r\netag: \"66e12b75-5799\"\r\nexpires: Thu, 12 Feb 2026 14:32:47 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22425,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 200x200, components 3","md5":"9a8e31e5c747d08a2c891ad1d95b0c13","sha1":"c5bdf208f51ebd68ce44f4b6bbefa59ab09ddcb9","sha256":"11fbe01fa3be2114c887b9ced70d065929ec77f69fbbae24e44029c1763a84b7","sha512":"5b2f2c1e8b0702fb9348688ac7e8348b846310111e0484f54f93084df72e89ff14143282a7402e835d50e77481b8f20317856829aaca65608bcaa35f49d0c05d","ssdeep":"384:PkMqvQZ2j5A4CpABV45EwcwLB/JIO57JYoSntDryo:xqvQAyd+BCGGl6O1JYoKhrp","tlshash":"c6a2d04dca2dd5abf2a309374868277426cde856d6b08b0f5e467e391fd89430c1c9ed","first_seen":"2025-03-04T12:50:40.404343Z","last_seen":"2026-02-12T11:33:20.748912Z","times_seen":13,"resource_available":false,"data":null}},"time_used":1237,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":380,"receive":857,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/static/js/build43.29e696b96f3491d8ed57.js","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:43.173Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"GET /static/js/build43.29e696b96f3491d8ed57.js HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:43 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 18 Nov 2025 06:23:55 GMT\r\netag: W/\"691c10fb-44cd7\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XOwH2eQa90Sm3mF6%2B0sY%2F7PF%2FId0%2BS8BMk1PN%2BRf3cMIHMqvdk8jprhEeUwkBv76ZOfAeKTMh8IHu1uhlVV2MF7q208IDtYkyeY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ccbc4598ec175c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":281815,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (63626), with no line terminators","md5":"7c11dd2d3e62fa4924b8a61ba6c292b0","sha1":"de44a18ca87fe5bbfe85121e30edad947846b419","sha256":"bc4160e6ade8254b320020b14a12eae60d6ce011c6ed7331dd57e55c334be974","sha512":"1f44718e58a020bec34389c71f464e9bd9a7fc25ba893c6831dd0c12abf5952728124b5ada8d55840f2ecca97a129953b3cbdd3c9b1a33e2f45e887fe24eedfd","ssdeep":"6144:DeIEv91jJCoO0DKqltoXg2kDTgDRezBeqs:DeIY91dZO0DKqlt65o/zBa","tlshash":"b7540a0db1c6b5ad055b6034216f211da07b3ad4a84bc099ba7cd9c5aff8e8d611bf2c","first_seen":"2026-02-12T11:33:20.751654Z","last_seen":"2026-02-12T11:33:20.751654Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1064,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":542,"receive":522,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/api/guest/pushInfoList","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.192Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"POST /api/guest/pushInfoList HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 22\r\nOrigin: https://vzwpxr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":22,"data":"frontType=2\u0026appType=PC"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:45 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nBqjyxZAWmhqUtfa%2F9JJkuao9RZwsm99MgZJgremlAwzBkPnVyJchiMqs8rCD7RiuJPUklVYiNfQQRSeHgbNokUITbRpxKcJaMw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9ccbc4665fe875c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1483,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"0083b3b67fd5da749a129522dffb027c","sha1":"6bfaeab440ca9a5457a2a2b2306ab7ea555805f6","sha256":"f901aa61652551d3150ac0d547b993391526f89351dfb44562f67647095e3aba","sha512":"50a14caa56bfc5dde69f9bd8a2ec9a2f59335b363c6c6401821c312b9edcda7394c0f657bffda79246e90556d947de1195a636826fd233c60dfc5ba9cc8003b9","ssdeep":"","tlshash":"583162660859f76dd710244b324a7e5eff2832d79ae1cf54a9990f1815a87810317a43","first_seen":"2026-02-12T11:33:20.753678Z","last_seen":"2026-02-12T11:33:20.753678Z","times_seen":1,"resource_available":false,"data":null}},"time_used":575,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":575,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/api/guest/frontConfig/getFrontConfig/list","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.201Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"POST /api/guest/frontConfig/getFrontConfig/list HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 10\r\nOrigin: https://vzwpxr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":10,"data":"appType=PC"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:45 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IIALT5C%2Fn%2FXoa8NcWZ%2FNBCfFfx18gUWuXZxe23nQaXU34COcjsVipW254D%2Fp%2FNf15bbKerCLOeRMr1W4paf9ZfDtKd%2Fp9%2FEZCsE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9ccbc466681075c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4847,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"df45e0c0dc42f4dad890e177af92fdb6","sha1":"3dae79680c3e435d510e95fc43ef5510be606613","sha256":"418df986d13f85c49e42eddae445db7236875ad5f73652b1240d2bbd4f7cfb6d","sha512":"9bbccc602b871c2196bea0d30ab42599cf4cb12c6d425826b911fb98cc5fa31b275faf318291789bc05e5c904a1f7940f44446f0e9dd5daddb062e81a7055338","ssdeep":"48:YdCntkh7t7nUIU5opfytA8cV+OWHQLEw6fDDszsubSsbGKjDcWF:HtkbpIOWHeEivZxYWF","tlshash":"50a11b3b9d6dcc7b27839ec6edcd188a5e1be7f783c01036594afb28465d119130a2ad","first_seen":"2026-02-12T11:33:20.75582Z","last_seen":"2026-02-12T11:33:20.75582Z","times_seen":1,"resource_available":false,"data":null}},"time_used":566,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":566,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/api/guest/agentCodeCache?code=\u00260=appType%3DPC","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.210Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"GET /api/guest/agentCodeCache?code=\u00260=appType%3DPC HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:45 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZjEJHEfNtegM1VNnF2IQSqG5Ye4MoTzHeD3yA9xo%2BMu4yWqx6yngBdhQ%2BVhaAC3rHMU%2BTh%2Berx72YaVIP%2BbL%2FnGzQN6q7Vo9etc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9ccbc466684575c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":57,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"3a065bdc835567f53b18e88e630f725a","sha1":"d49c93b2b1f91bef6d5ec42aea8f5f19b188778f","sha256":"15d58b6df4671908939ba39a2469df60674d72d97bcab4bb3b1f0b54f2d0101f","sha512":"77697dda1d6329eea9997d562137b03d40e4c394e7601405da71ff2ba9469f96a5b0c6865a88c57ac4610cf8349c5303e7811300d96377aede5259b60ab8be97","ssdeep":"","tlshash":"119002951c2c5743bc820094614a7651172d758300558ad84c9c9b7044d81f69004d36","first_seen":"2025-06-09T01:55:06.313222Z","last_seen":"2026-05-17T23:08:59.601904Z","times_seen":98,"resource_available":false,"data":null}},"time_used":560,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":560,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com/upload/1687331052996134.jpg","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.984Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET /upload/1687331052996134.jpg HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 17010\r\nlast-modified: Wed, 21 Jun 2023 07:04:13 GMT\r\netag: \"6492a0ed-4272\"\r\nexpires: Thu, 12 Feb 2026 14:32:46 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":17010,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 210x120, components 3","md5":"30fd431cab242b1660eba65dd8269c0e","sha1":"ba6fbc3b623999353854073449b91ff0620775cf","sha256":"0b53a3e4fda35a698de4e1acd0f2dcb62761feb727b3b8e867aec154c910319b","sha512":"c2462e6ef8bc7d8576074c8f0ec40175e7f9f13eef309b7641f70025f5325267579441889d1a974163ada3942c6fbf0c62ad215049d28e1a9d382ba3c6de3110","ssdeep":"384:EEUd7R85Fw+0P+Djrl9q0c+eSD7sp7OVEKuwWWpDUh4uFdRONV:Es5FHDlN7dAp77KuwtK/FuNV","tlshash":"b372cf7d64a63d50f194f53781a2cbde4a0de162f4eb4b2d9cd8a006f0bc5d3e206d24","first_seen":"2025-03-04T12:50:40.409601Z","last_seen":"2026-02-12T11:33:20.7593Z","times_seen":13,"resource_available":false,"data":null}},"time_used":1242,"timings":{"blocked":514,"dns":0,"connect":0,"send":0,"wait":718,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com/upload/1723455202122853.png","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:46.032Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET /upload/1723455202122853.png HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 363303\r\nlast-modified: Mon, 12 Aug 2024 09:33:22 GMT\r\netag: \"66b9d6e2-58b27\"\r\nexpires: Thu, 12 Feb 2026 14:32:46 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":363303,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 418, 8-bit colormap, non-interlaced","md5":"723d496fad049d0708a0992ceb625d98","sha1":"987f77e8e8d4bb24e94640e09e670866f51dff4a","sha256":"8a0f93caf147a7e855c6c86189664118bdc89d4132d7766d8d10051aca609a67","sha512":"58d954742958e0ae13cb57e62718a4be6383cae604843381b51398d9ca9eafa2e409f615fd6cefc2b2423e427a117f4c6ecea47f6ac9516eeb12c82b9245fd8c","ssdeep":"6144:o8MsO5k7mMF0kFdLg2PbnwwYTPYYVc6VKlFzBI2yxGCPORros:2z5kaMbbLmwY0YVc6Unz62yxG8Yos","tlshash":"f97423698daa62d54d2cff14832280572eb74422b481ff4d1afc93c6cd3785fa769632","first_seen":"2025-03-04T12:50:40.387171Z","last_seen":"2026-02-12T11:33:20.7721Z","times_seen":13,"resource_available":false,"data":null}},"time_used":2523,"timings":{"blocked":467,"dns":0,"connect":0,"send":0,"wait":721,"receive":1335,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com//gamelist/PCLASSICG/1726032709859.jpg","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:47.025Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET //gamelist/PCLASSICG/1726032709859.jpg HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:47 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 93588\r\nlast-modified: Wed, 11 Sep 2024 05:31:49 GMT\r\netag: \"66e12b45-16d94\"\r\nexpires: Thu, 12 Feb 2026 14:32:47 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":93588,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x500, components 3","md5":"7f02c5c23ba596ac176b867e9354635a","sha1":"c8747166c51e676bc824f3eb0349757473adc14b","sha256":"a5465f1b2252e9d7b34cfd6fad84457837bf897254ca1c66384630bd0e765f57","sha512":"56e67b9ba2a985b8e16866511bcb1fc6f66bf60ac15b33358dc5b3d104e548a5800d1d3c05cb1dac0232d8edac9d4644863d49e41d5537c9ef05f0a7fea283ad","ssdeep":"1536:9Ay5d05vVBan8entoBhG/quai4AQgd/cTQvDmre6gTHaMlcourKVi5GDyq+:9j5dkheU6QsQg2ELmJgTpdu2Vi5/","tlshash":"6493120d7315c5fb41a884ff2fca9ac51e47fcce09b2b42133670d1aab399c499ca598","first_seen":"2025-03-04T14:14:44.751459Z","last_seen":"2026-02-12T11:33:20.783172Z","times_seen":12,"resource_available":false,"data":null}},"time_used":1245,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":384,"receive":861,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/api/guest/liveSocket/644/a1buvbkv/xhr_send?t=1770895968768","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:48.773Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"POST /api/guest/liveSocket/644/a1buvbkv/xhr_send?t=1770895968768 HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-type: text/plain\r\nContent-Length: 70\r\nOrigin: https://vzwpxr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1; 9170FloatModalTime=1770895965705; 9170PendantModalTime=1770895965963\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":70,"data":"[\"SUBSCRIBE\\nid:sub-0\\ndestination:/commonMsg/guest/getMsg\\n\\n\\u0000\"]"}},"response":{"raw":"HTTP/3 204 No Content\r\ndate: Thu, 12 Feb 2026 11:32:49 GMT\r\ncontent-type: text/plain;charset=UTF-8\r\nserver: cloudflare\r\ncache-control: no-store, no-cache, must-revalidate, max-age=0\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4x2hhY%2FFv%2BdgbJNWW6P3v23sphEYfDtGcHuvHNbGY1AcKGPaGnzrZp%2BLJlz7ahy%2FUyzL3ZODqqoVcFxDkO5V1awhNDqooM%2BGZCw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9ccbc47cdf1f75c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T05:23:22.948737Z","times_seen":15945479,"resource_available":true,"data":null}},"time_used":290,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":290,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com/upload/170909242770569.png","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.997Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET /upload/170909242770569.png HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 306603\r\nlast-modified: Wed, 28 Feb 2024 03:53:48 GMT\r\netag: \"65deae4c-4adab\"\r\nexpires: Thu, 12 Feb 2026 14:32:46 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":306603,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1000 x 191, 8-bit/color RGBA, non-interlaced","md5":"93e408b102da104fc3faa099fea72788","sha1":"923ef51d992da0a7d4bc25b5a284bf20d1e5ad0a","sha256":"1fe4d7744a95a3d7b941ece1eae305290e11f826a2d72ac1c73bb1537dcfa15b","sha512":"0cff0f8829cdef7e4bb7dccbca95e7a6cf8c48da4dc2950731204794234016e243a2eb0526078fccd49248ce217626ff23ca495a549cf5e5091d36e0604eba81","ssdeep":"6144:kZ6h8y3grJ3Z/+0Zr1YNv6cO5KJMvL2TqEsyzODBsh0bYUC/KrpPuAR6B51KSX:kZ6hwJs0Zr1IAv2ADehAYH/KrMo6BXZ","tlshash":"1064229970731e92a3a6bc901dc30d084c866421b61cf0fb18905766bff87a7d7afa5c","first_seen":"2025-03-04T12:50:40.364507Z","last_seen":"2026-02-12T11:33:20.794454Z","times_seen":13,"resource_available":false,"data":null}},"time_used":2073,"timings":{"blocked":501,"dns":0,"connect":0,"send":0,"wait":721,"receive":851,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com//upload/1617006377807560.png","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:46.262Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET //upload/1617006377807560.png HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 59548\r\nlast-modified: Mon, 29 Mar 2021 08:26:17 GMT\r\netag: \"60618f29-e89c\"\r\nexpires: Thu, 12 Feb 2026 14:32:46 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":59548,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced","md5":"bcbbe38517621594910a52d6d521c8ce","sha1":"b396f5a407fbcced645d31fd8a10b48038ea3e4d","sha256":"f37ed99dbf4e2eed0a9ff7a02cf4f435d394a5f7bf9735e3603e61dba2df5dcb","sha512":"dd8f473ad2c0f2f330b3cb2a60e494a05f440bdd55c94fd01aca185ddd58c6889dbb6d1e5b167b0695d79e61bf31c72a5a69e364abb9712df64998efe8157a33","ssdeep":"1536:j0J7XTDrTDzOvgKQKcgNwMLvzU5ZOM3rqrUY4/a7:jQ7vr6vvaJ5Z5bqrUTC","tlshash":"c443f149e9ebcdecd522bf4346991d5c2fa5954ecc00f1230594eb91cd3e84894ebf94","first_seen":"2025-03-04T12:50:40.36157Z","last_seen":"2026-02-12T11:33:20.797254Z","times_seen":13,"resource_available":false,"data":null}},"time_used":1869,"timings":{"blocked":246,"dns":0,"connect":0,"send":0,"wait":716,"receive":907,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com//upload/1617006394838326.png","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:46.263Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET //upload/1617006394838326.png HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 64458\r\nlast-modified: Mon, 29 Mar 2021 08:26:34 GMT\r\netag: \"60618f3a-fbca\"\r\nexpires: Thu, 12 Feb 2026 14:32:46 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":64458,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced","md5":"393a9f8be4b1c5a2af1ffa59fb00a3c6","sha1":"f8e83729da440cad96ae8b7988082e1a273de80d","sha256":"8949769f626b01ab482a8161ba1265fa7f2de972129e9a7dca05d4f5ba8f8993","sha512":"ac863db362c2ffbbc1fa6005547c02e79a6717360be3c668cd34769ca75987600e6e317c55fe4b75b175531e7c8dac594f22d90b2758728382b759f69ee625fb","ssdeep":"1536:FgtN53iFlJYwIcsd8BSZ01TW0kIeY3E2ew:FggFlJYjcVBSZkz7U2F","tlshash":"d55302c3d71232c5cf0624aa76394456cfb67a4c3d6330bb3f42243e2a6af056a55d6e","first_seen":"2025-03-04T12:50:40.401692Z","last_seen":"2026-02-12T11:33:20.800268Z","times_seen":13,"resource_available":false,"data":null}},"time_used":1874,"timings":{"blocked":247,"dns":0,"connect":0,"send":0,"wait":714,"receive":913,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com/image/1726029337310194.png","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:46.681Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET /image/1726029337310194.png HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 7911\r\nlast-modified: Wed, 11 Sep 2024 04:35:37 GMT\r\netag: \"66e11e19-1ee7\"\r\nexpires: Thu, 12 Feb 2026 14:32:46 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":7911,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 158 x 108, 8-bit/color RGBA, non-interlaced","md5":"0acc1d63c12a15367111344158f53f35","sha1":"189edf4cfb7a6189a03e77b4a2cae969cf827fec","sha256":"6ecd5d2d585f50c7279ea698b7c5661d91f9199d0144019af73a2c8f6bc35a21","sha512":"12f7d7f765010b3ac4d4d30a91264bc3ad2b478796d11761d28879c69641df79b55881aded72324da7fd2d019e8d670001fe1d5c9072ad7b185bed337c511ded","ssdeep":"192:iIIHUCD4waX1c9jknd6oDGEI9Ju0lJQc0:M0w61c9j4MoDxIO","tlshash":"5df19d4ded81100520092a6679af4213821285c0d4d4ae39defbc06fcb30ef92af9edb","first_seen":"2025-03-04T12:50:40.349705Z","last_seen":"2026-02-12T11:33:20.806647Z","times_seen":13,"resource_available":false,"data":null}},"time_used":1504,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":547,"receive":957,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/api/guest/liveSocket/644/a1buvbkv/xhr_send?t=1770895968156","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:48.159Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"POST /api/guest/liveSocket/644/a1buvbkv/xhr_send?t=1770895968156 HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-type: text/plain\r\nContent-Length: 126\r\nOrigin: https://vzwpxr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1; 9170FloatModalTime=1770895965705; 9170PendantModalTime=1770895965963\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":126,"data":"[\"CONNECT\\npageType:doMain\\nclientIp:\\ninDomain:https://vzwpxr.com\\naccept-version:1.1,1.0\\nheart-beat:10000,10000\\n\\n\\u0000\"]"}},"response":{"raw":"HTTP/3 204 No Content\r\ndate: Thu, 12 Feb 2026 11:32:48 GMT\r\ncontent-type: text/plain;charset=UTF-8\r\nserver: cloudflare\r\ncache-control: no-store, no-cache, must-revalidate, max-age=0\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IcqhI%2BSieArnsADK0KE8wcZxzmw00JM1dwW%2FRSEOpMsSJU9oYUwKeeoQaS%2Fl5loteK%2BtinnkmMW5BceKvIrkdkhIbqOnns41ADw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9ccbc4790b7275c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T05:23:22.948737Z","times_seen":15945479,"resource_available":true,"data":null}},"time_used":549,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":549,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/static/js/manifest.29c055f88a232c5aa488.js","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:43.166Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"GET /static/js/manifest.29c055f88a232c5aa488.js HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:43 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 18 Nov 2025 06:23:55 GMT\r\netag: W/\"691c10fb-9bd\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jGeWJrf7wa%2FtyghQKa84liXVvtaUX6EnAtuTNRPzGfxsRJ6vmbg9wM%2BCKJJbRubCI7RlglIMcyk5zbl30WteTgTkcuqXhtPL8Y4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ccbc4598ea175c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2493,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2435)","md5":"a9ef8a82cba4fde37ab6f120a5a2fdb9","sha1":"51075ea51f13d12462269d75824c997c2232096d","sha256":"e13cf033090422c2b24b2383fa70971fc7e662e45b168068a0ff7ba6e4e1eeeb","sha512":"4953059176a3994e3c641780bc5d0920a55d3d26c11b5857c4869d674d26b48cf1b8bdde9dc23a93f488191a3cff804e198e515a8e6ce301c8285cbd5307cb58","ssdeep":"","tlshash":"4651b6eea3a6f4d927fb08ac073fa161613d2502783acc94e3c5e4d27d35c8495226b9","first_seen":"2026-02-12T11:33:20.809438Z","last_seen":"2026-02-12T11:33:20.809438Z","times_seen":1,"resource_available":true,"data":null}},"time_used":576,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":576,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/static/js/vendor-build43.ab69862ad6ec6bf74063.js","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:43.170Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"GET /static/js/vendor-build43.ab69862ad6ec6bf74063.js HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:43 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 18 Nov 2025 06:23:55 GMT\r\netag: W/\"691c10fb-b929a\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KDFmXRUnU5bmTYyDopk73vAx282SGexyvisk8nR90J%2FeDtAycPv4WsjpT3niBF871c1ANCUdyuSp%2BxXjFyqI8erdbdF1VZsDOwM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ccbc4598eb475c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":758426,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"3d75763eec1fc1110b5c03ea95d23be5","sha1":"4f51da62eb4c45a37be5ef62b1ea90aa684e1cf1","sha256":"08811f4308e27692900f90942b9be1c225ba4a2c9aa18c266f5a2c835e3a8ce8","sha512":"9b0dbecb028ca4f51a4015e39270b0e2b727a7d2382171a2336c97522f7474798eac25e80c89ad8df20c6b4e86fa78c154835c916148ff211f7f5d6ecdf0eccf","ssdeep":"6144:GesXTN1dxHl5ArJCjDXENXM6fDqY/VS60jYn5EHODacBu8is6Z0why:GesXTNhH2AjDXENXM6fDqjtKuHwBQhy","tlshash":"4ef4f98d72c1b57147a360a0403f250bf33b299da809809cf679d8ea6dbd948526ff7d","first_seen":"2025-03-04T12:50:40.418954Z","last_seen":"2026-02-12T11:33:20.822521Z","times_seen":13,"resource_available":true,"data":null}},"time_used":1731,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":592,"receive":1139,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/api/guest/getSlotGameByPlatform","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.182Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"POST /api/guest/getSlotGameByPlatform HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 59\r\nOrigin: https://vzwpxr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":59,"data":"platformCode=MG\u0026frontType=0\u0026pageNo=1\u0026pageSize=12\u0026appType=PC"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:45 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4Q1MUqLZqdIpM9PmbT67W6xdOobRFK8lys6PQqZSBA0FvHj%2BsqPTgdHS2kjcTUEWCBRxJgMZp5b4MkItxDYpoxpF0CLNdWUK58I%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9ccbc4664fb775c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":59,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"d3e64e6d800f9505c06d822a79168c75","sha1":"d0699be51e1fb8f2b2854edbe43207f88b2bce23","sha256":"f2254a9b1548c815b478dfd3bb87d1eaa796cc4ddbde58e7cb3245c9da1a15d2","sha512":"bfd5d7eb2eb752cc2f5b2a7d9315084530128d70649af889101de0a652fb8ea7e68d7374135ddba4f028d5aa16d65827cccaffe0e0145b19013a44c33f01dc89","ssdeep":"","tlshash":"69a00224ac0895562c9745444208aa21661d559318090b910edebf7480d81f59455529","first_seen":"2025-06-09T01:55:06.319616Z","last_seen":"2026-05-17T23:08:59.369656Z","times_seen":98,"resource_available":false,"data":null}},"time_used":569,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":569,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com/upload/1615885476572911.png","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.918Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET /upload/1615885476572911.png HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 193772\r\nlast-modified: Tue, 16 Mar 2021 09:04:36 GMT\r\netag: \"605074a4-2f4ec\"\r\nexpires: Thu, 12 Feb 2026 14:32:46 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":193772,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 700, 8-bit/color RGBA, non-interlaced","md5":"32e9a132d5b3a81e4717456328954963","sha1":"24aba35ed444ddbf3aa482d1e3500359cca928f7","sha256":"5defd3cd57a6dded7b13475b8ee9066375db16bfab82a87aa310ae8bd2d30691","sha512":"90c954a8c5f4b4746aeb5b0219f2dd061bc2a2377ec462c6e56cccb54e10ecf6e7cd76d1b1a175415a2a686a1e4d121f4e654f663d6a7b4ba789d0d4d3bec44a","ssdeep":"3072:FpZ/9G3+ZeNQCWa9RsCgOgJ8o3aSEQLrpoU9xEMzy6kftTUBw/JCc1+K:Fs3+emOKLqipAMO6kVPJCnK","tlshash":"d914233fb7456f4027a52f8a2cd81ec7486ca89caf21f961d87e65a4937c694f033871","first_seen":"2025-03-04T12:50:40.370043Z","last_seen":"2026-02-12T11:33:20.829845Z","times_seen":13,"resource_available":false,"data":null}},"time_used":2554,"timings":{"blocked":596,"dns":152,"connect":180,"send":0,"wait":710,"receive":706,"ssl":199},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"wss","addr":"vzwpxr.com/api/guest/liveSocket/139/p1pydf0k/websocket","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:46.124Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"GET /api/guest/liveSocket/139/p1pydf0k/websocket HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://vzwpxr.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: fC4l2h/zpWLzpKhaZJbdYg==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1; 9170FloatModalTime=1770895965705; 9170PendantModalTime=1770895965963\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 400 \r\nDate: Thu, 12 Feb 2026 11:32:46 GMT\r\nContent-Length: 34\r\nConnection: keep-alive\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\nCache-Control: no-cache, no-store, max-age=0, must-revalidate\r\nPragma: no-cache\r\nExpires: 0\r\nStrict-Transport-Security: max-age=31536000 ; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=j3FmJyhPw8UV8h6TUGxOV8LWjI721iAeIevUIZMpMZbHPegwOOrYGKG1XRpcaj8dFpwn7T9N%2Baq3Ysq%2Byy4LF68mGH6ZshA3aH9pmsJ%2BaS9IgHOTWp1BgqxjAcam\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 9ccbc46ccde3dd16-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"400","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T05:23:22.948737Z","times_seen":15945479,"resource_available":true,"data":null}},"time_used":717,"timings":{"blocked":0,"dns":43,"connect":49,"send":0,"wait":597,"receive":0,"ssl":69},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com/upload/1769491778262490.png","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:46.259Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET /upload/1769491778262490.png HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 25501\r\nlast-modified: Tue, 27 Jan 2026 05:29:38 GMT\r\netag: \"69784d42-639d\"\r\nexpires: Thu, 12 Feb 2026 14:32:46 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25501,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 133, 8-bit/color RGB, non-interlaced","md5":"20737b3cb95816b774447bfb052974a0","sha1":"c850fc3c2e08b2e8850d1241e1c6b4df02ce503b","sha256":"591a08dda8cc359959ab19be326e39d9be5a5470a002e414c95f4d4f7f461673","sha512":"49942a7b631f6a317d74c3d8868e70338cf4a2b7958a8ab731f26e4e7fc7fee1ebb905971e14ef88d38cc100c59fc8849babbdd69b92f80b30b2f69c57912bb7","ssdeep":"384:+4bbphMGXtWORek0c/PkEz1JnMMRp6f215ZN4CPzcgVBALsOfsoa5nt/PHM:+kbsG9WHc/cCJnf/5ZNPPzcW7OfsPvHM","tlshash":"f4b2e1a1f9225480b97cfab90b662cdd9835c1900f68e44575d95c13cfaadf6b0300de","first_seen":"2026-02-12T11:33:20.832303Z","last_seen":"2026-02-12T11:33:20.832303Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1862,"timings":{"blocked":243,"dns":0,"connect":0,"send":0,"wait":720,"receive":899,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com///image/1599612665868616.png","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:46.694Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET ///image/1599612665868616.png HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 4898\r\nlast-modified: Wed, 09 Sep 2020 00:51:05 GMT\r\netag: \"5f5826f9-1322\"\r\nexpires: Thu, 12 Feb 2026 14:32:46 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":4898,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 158 x 108, 8-bit/color RGBA, non-interlaced","md5":"90407dd6ecada070ce4e8c285b393010","sha1":"d9a9e73d02b8c08a00199288cc1b6427021b5ce4","sha256":"a43480b8fdc3b7ad22e92f9e59b7468104f986f22391b629776dbfd8e7e51d4d","sha512":"32b7a5a07ca387dc6807fa95eba9f0e699e4447173591c58881bab39a8575bd3311957ec9577d730a7b4d343e45e88b191f6ab9caf5bf460d83e9f1aae36d1a4","ssdeep":"96:FSeHOXnMXs5AEHCCrPkA2stNhwlOWPzBabZt2MDqO7WSM6wAy9Vdb:oQCq8ZgA2slFWIFEqqOS8wAWH","tlshash":"79a18d5eb443a8aa7a06ec02e5f190bbcd258c4194cc913e5dcac31f0ada6f0701da9e","first_seen":"2025-03-04T12:50:40.371506Z","last_seen":"2026-02-12T11:33:20.833388Z","times_seen":13,"resource_available":false,"data":null}},"time_used":903,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":700,"receive":203,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com//gamelist/PCLASSICG/1726032784514.jpg","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:47.036Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET //gamelist/PCLASSICG/1726032784514.jpg HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:47 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 84904\r\nlast-modified: Wed, 11 Sep 2024 05:33:04 GMT\r\netag: \"66e12b90-14ba8\"\r\nexpires: Thu, 12 Feb 2026 14:32:47 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":84904,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x500, components 3","md5":"6403a22908b1084d30a1399264874a91","sha1":"f426372407a1805c701410412de944f9f131db2a","sha256":"777ef11a2574cd2aa61e95390732a08216252ac58d211853080e137af10d4f54","sha512":"f838ab28fc2aba4857b1a8f95895da1758f2f616ca37ca3f92d2a99b15df4b59e0f9dcad53d2f5f4db082b0cb6c12f7a2fcf4a870fe0434b5ae6dee91a4b03eb","ssdeep":"1536:1NqX5CU+uSpFPrkIpkIsHbd6hWxk94vBNiPSCKwviGTbVPkIvv5krcJxWg:q5CU+uswIpXbyE4vBNiqCjvfZQcJr","tlshash":"4b8313e53a73711ac3566137ee0b3b5cb26cd8a1dfb221a43470b49f5dc39da4486362","first_seen":"2025-03-04T12:50:40.358802Z","last_seen":"2026-02-12T11:33:20.834727Z","times_seen":13,"resource_available":false,"data":null}},"time_used":1227,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":377,"receive":850,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/api/guest/queryBonusArticleInfoList","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.454Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"POST /api/guest/queryBonusArticleInfoList HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 53\r\nOrigin: https://vzwpxr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":53,"data":"typeId=0\u0026platform=pc\u0026pageNo=1\u0026pageSize=200\u0026appType=PC"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7OqlPcU1SCCujIq3I%2B59KyrSUYCCYkuR8MWCgvbevYTwbTr9Wl1ezdKSj1txNwgEY5llF9ANtpTdGBrwSvIISe6zAXwQWnGahlY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9ccbc4681dae75c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":144505,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"c82e7bb7da4eb541b3736ac8b715fee0","sha1":"691b9e84b0e6d8797dd7a20723833ce1ab20f179","sha256":"9ed2df05b2383b170b5ca29b951917d4a2d286c87441f154a9dd63a462a1ac89","sha512":"626d09d339c60836a29ef4efcc6f5a3c80249017025be55e4752b22b1270f8d9bfba2cc4ea4d7a408dc507638ba24c448ded2ca1005a57b6a199373464354437","ssdeep":"1536:vqg8tdqocEjzLlrS9nQfD3q0z7xrRuz8QhK5seNVCGo+64uqumPSj7iOIkLnhqx7:szPz4Z5zjsFNZ9","tlshash":"a3e386028aa9cd2659164ce944ea7e26535d138f86d2cebc6ef0cff685fc0b51367306","first_seen":"2026-02-12T11:33:20.836757Z","last_seen":"2026-02-12T11:33:20.836757Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1462,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":673,"receive":789,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com/upload/1770892660838954.png","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.974Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET /upload/1770892660838954.png HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 7118\r\nlast-modified: Thu, 12 Feb 2026 10:37:40 GMT\r\netag: \"698dad74-1bce\"\r\nexpires: Thu, 12 Feb 2026 14:32:46 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7118,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 148 x 178, 8-bit colormap, non-interlaced","md5":"4a61c4c7ce99f9341340037092b8c368","sha1":"246d3a58906b71bf40780e27908a88fe013b173e","sha256":"38d1e475ba7bd0d4b2ca4197ea280e7aba5f6f57d41cd59f81637772e31edd43","sha512":"54398b4c436ebcd0b24a9e54b20fbe1571a08bdd9839e56cc9919b0b1a986015a747079877c9940b97bd3ca18e73c972ac94ae4c83a28035ca7ce02d5f74ef05","ssdeep":"192:vyaj1lfVz6pP0uhNn61VME7FW7kalFPhQGZ6F3KWlg:vywlx61fUSRlFJ0Rlg","tlshash":"18e1b1a8249373c5d113159e4e34b2a0c98925e9fb32f45c9fa0b814cf6f10b432e1c6","first_seen":"2026-02-12T11:33:20.838896Z","last_seen":"2026-02-12T11:33:20.838896Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1995,"timings":{"blocked":540,"dns":0,"connect":181,"send":0,"wait":710,"receive":355,"ssl":198},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/static/img/pop_bg.6422ac8.png","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.998Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"GET /static/img/pop_bg.6422ac8.png HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/static/css/build43.1d3258981b762738ff7941d910b3f7b9.css\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1; 9170FloatModalTime=1770895965705; 9170PendantModalTime=1770895965963\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 14559\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 18 Nov 2025 06:23:55 GMT\r\netag: \"691c10fb-38df\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RyqyjmobjRGGo6Fqnavnnu32olvKGo06bR78aTCa%2FGYORr5t%2FeascvqRB1jK2nX%2FQwQAds8yQphiZPfGa3Cu9JnFM3hPsFiqMko%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ccbc46b78a075c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14559,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1002 x 439, 8-bit/color RGB, non-interlaced","md5":"6422ac83533041eef6c7dc68c51d0635","sha1":"77d7ea6f2e89258da3b2153c7aa7687f3e97c0cd","sha256":"50952bb6c8a833f8ceba29d0647047743290e4c637166d0c1ea5d9c183f4c3e9","sha512":"668ffc1432fc15e3b7e026d08e73235a2537d5a812aaa98150a03fe90a41974c00c39c987b910eed16330b2bf9605fdd17b15cfc7426607bd0fc63230bc1df65","ssdeep":"384:6WWrSMOK7zBLzYlUetA7HJOKtHZLfHUUS7tobP:6RSMN5uU2KnLCi","tlshash":"756248b4541053fc368dabc334f8dadcab1fa96061f565f884d6005a0d2742fae5be2d","first_seen":"2025-03-04T12:50:40.354661Z","last_seen":"2026-05-06T10:11:01.439617Z","times_seen":100,"resource_available":false,"data":null}},"time_used":807,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":546,"receive":261,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com/upload/1694768260110973.png","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:46.036Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET /upload/1694768260110973.png HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 879589\r\nlast-modified: Fri, 15 Sep 2023 08:57:40 GMT\r\netag: \"65041c84-d6be5\"\r\nexpires: Thu, 12 Feb 2026 14:32:46 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":879589,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 418, 8-bit/color RGBA, non-interlaced","md5":"6fd04313f14bcec66a31fb231f54cc99","sha1":"8dc6fb1e23bc96b51379d021ccd50d78ef2af4c6","sha256":"48ddde95ebe9db404bfb6b98d231b7bac1569c7029a6bae1de2cb731e5d5e16e","sha512":"8cef6255167f5e9612466c76156776b910806efc5d0eb57c0f4c0f95a81c33f50dacb3833d9f8e8ad17e86c3cbc3631a942b15292e07df65a1ae74a15573ce80","ssdeep":"12288:raBoNmAVs29qZIrKDCxR3kN0P4KIz6Gnjx/ilxCk54caJLTeL6IIOkQgwk71rl+J:XNtJaIrKrN9KI24jwLCTJLTeEOfq+J","tlshash":"e71533c327822b9ef815ba01ed5cb12a0f24484995339fc360345cdb957faff59a266c","first_seen":"2025-03-04T14:14:44.758608Z","last_seen":"2026-02-12T11:33:20.848407Z","times_seen":12,"resource_available":false,"data":null}},"time_used":2365,"timings":{"blocked":463,"dns":0,"connect":0,"send":0,"wait":721,"receive":1181,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com/upload/1702272517804150.png","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:46.033Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET /upload/1702272517804150.png HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 638343\r\nlast-modified: Mon, 11 Dec 2023 05:28:38 GMT\r\netag: \"65769e06-9bd87\"\r\nexpires: Thu, 12 Feb 2026 14:32:46 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":638343,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 418, 8-bit/color RGBA, non-interlaced","md5":"0de589e5925c4c10f41a2a5dde777f1a","sha1":"a20944011b71eb2db298b55ab2c1563807e631f5","sha256":"96bf44d4a17fbcb5ac784409ba52e33edae0978a6a62c8309cc506733f992c21","sha512":"beebfe7a1a3d8be0c7f5ac595179c400bc41c432f6be211bf8c2fc1ec88573b28aadac97b934337fbc35b59bc685f142aa238f5e9001b2b4ad396e3e534c9773","ssdeep":"12288:G32zyBH/Z8eHvOgwgGERRUfWgK7N0PiBhjKtuBCm4JIY36L96+YsY:G3gw7HvOgjG4UfPJP+hWUkIk69A","tlshash":"9ed433693b9b34f363cdcef18e25eaee5c89930517a340b414a1411e8ee1715e57c3ea","first_seen":"2025-03-04T14:14:44.743516Z","last_seen":"2026-02-12T11:33:20.850406Z","times_seen":12,"resource_available":false,"data":null}},"time_used":2548,"timings":{"blocked":466,"dns":0,"connect":0,"send":0,"wait":721,"receive":1361,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/api/guest/allGameInfo","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:46.345Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"POST /api/guest/allGameInfo HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 10\r\nOrigin: https://vzwpxr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1; 9170FloatModalTime=1770895965705; 9170PendantModalTime=1770895965963\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":10,"data":"appType=PC"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Wp%2Bl41PjiXnaq7U7CcGamBtO5%2BwXYDmhie3cQvGMMNkEIk40iQl19xYVNE884mQEfLCOhpBRRDV3ZZUDeDwG4wOL5XUTouYmakc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9ccbc46dafcc75c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":52981,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (46893), with no line terminators","md5":"d85f48845a897a34b24dba6d91dcce7f","sha1":"4df22ed45077944eff4e0d30dc3d6415c3539ec9","sha256":"9d9a33d0355929cc8e99525c21d1ffbdc4dbe7348082ceedb76ef3c265e68ef9","sha512":"3f48652bd80537ff58ab44c840fdf290aadce4f3e12b7366add1c42c627f4db7dcc43b8fd230e22537134115e144647cf139aa640d28a39db69d0d6551b58938","ssdeep":"1536:Mu8u5uiuJuquwuHuzhu7u4uFuUuwuIuKsuVcmwUumRuYudu6uLubutu6u3uDuNud:wX","tlshash":"5833244a0b53c8699e16eaeb57cf7d58d4bd16a781c6cabcccc4cea144f4674130e22a","first_seen":"2026-02-12T11:33:20.729548Z","last_seen":"2026-02-12T11:33:20.729548Z","times_seen":1,"resource_available":false,"data":null}},"time_used":965,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":433,"receive":532,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com/image/17006543595279.png","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:46.686Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET /image/17006543595279.png HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 9554\r\nlast-modified: Wed, 22 Nov 2023 11:59:19 GMT\r\netag: \"655ded17-2552\"\r\nexpires: Thu, 12 Feb 2026 14:32:46 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9554,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 158 x 108, 8-bit/color RGBA, non-interlaced","md5":"228b66c8bd228db0e98ec54da419d22e","sha1":"925ff4305517f3a0499f9af7444c5e7b40d1fbd4","sha256":"e45bcf50c3f9a49ed7bb21155c775b0ceeaba80f794e1b799db6fe7944fbba86","sha512":"0803fcde13faeb2e7546687239565d0ea3015b1ad62bc029ff3f498ab75fa1bca3c177ef98aeb4e74370ed71092c628b285a784e6f15e8096eabd5cf1d45f8a0","ssdeep":"192:oQWOhyKMLLWazZstBhN+8sKDl67OtjR3v63r6MsSphUkk:pWOh7KLN+tBe8sKD+OvG/nk","tlshash":"8312b02a9350d890d7ce1188786d2387879b39f0ec5b5a967acccc4a51774e223996dc","first_seen":"2025-03-04T12:50:40.383457Z","last_seen":"2026-02-12T11:33:20.855506Z","times_seen":13,"resource_available":false,"data":null}},"time_used":1500,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":707,"receive":793,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com//gamelist/PCLASSICG/1726032845228.jpg","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:47.038Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET //gamelist/PCLASSICG/1726032845228.jpg HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:47 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 97703\r\nlast-modified: Wed, 11 Sep 2024 05:33:58 GMT\r\netag: \"66e12bc6-17da7\"\r\nexpires: Thu, 12 Feb 2026 14:32:47 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":97703,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x500, components 3","md5":"79e3dd70e18d664a44a7456ea2327512","sha1":"29be5bccbf2f592dd4bc2f48264936e1e522e250","sha256":"370a904e5c3260e958fd0695a436079142c6673a7f7bf50e557fa13c1936f88d","sha512":"feb207745399fe6df3d985871888dff30e79ce4438366e40665bba7d32f2638a47437f361e5ead0e7813a23b8996431514566543cef2187b0a1610e1aae9e47c","ssdeep":"1536:IZZiU6Z53xauOcXP5ndS1LoNMFVcjuVQv4DnISjWTAEQJk9Ua2dcxw7PajKZIVeU:UZYqcfXpM7cwLip9nw7P5ZIEzg","tlshash":"8ea312a6c951e399d3f6562eb3970dc439da8d45023ca04bd91adf9e3b943dac1b0388","first_seen":"2025-03-04T12:50:40.352927Z","last_seen":"2026-02-12T11:33:20.857582Z","times_seen":13,"resource_available":false,"data":null}},"time_used":786,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":375,"receive":411,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/api/guest/platformPicInfo","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.171Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"POST /api/guest/platformPicInfo HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 34\r\nOrigin: https://vzwpxr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":34,"data":"frontType=0\u0026gameType=-1\u0026appType=PC"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:45 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yQhGlmaQjMKwKO87%2FXsgoHf6P%2B4vg77HrBnPQYwxEssBRfQyL5YHxuuqn9kxZuhd1J3BPUqzYLzlsdn5UgXAamnNyZtA0MEbnT8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9ccbc4664f9275c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22006,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (21226), with no line terminators","md5":"8b62002351e112c4228f1c1f9c83f285","sha1":"eaa45bde1f72f0ca4741197dcb53ae55baa94990","sha256":"f0d736f00b4694de9fd662bb4b5cf9ee686b089dcb42b4e8067c727d3ada8b9e","sha512":"48187b56dca49a9484461e7562e10ff0a8369707f2dc0a33cf446500a9ec0598ddf8879c7b04af2c9fff41b25595686243d657e93df9c12b4d2fb396055e4451","ssdeep":"384:cuuVuhbbSpeNOZqTimoVBSY/Hhk4XynFIaYCho3vtykT5iXYxfMZgtm61Ph3FZoI:cuuVuhbWpeNOZqTimoVBSY/Hhk4XynFY","tlshash":"9ea2df9a1b2a8cad8f5b47d308cf7d58a27d41ab88c9d6ddc8d48fd205fc2656348336","first_seen":"2026-02-12T11:33:20.863257Z","last_seen":"2026-02-12T11:33:20.863257Z","times_seen":1,"resource_available":false,"data":null}},"time_used":902,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":626,"receive":276,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com/upload/176949174339613.png","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:46.248Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET /upload/176949174339613.png HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 25364\r\nlast-modified: Tue, 27 Jan 2026 05:29:03 GMT\r\netag: \"69784d1f-6314\"\r\nexpires: Thu, 12 Feb 2026 14:32:46 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25364,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 134, 8-bit/color RGB, non-interlaced","md5":"03a46e3915dba660322f23dfcf4ebb0e","sha1":"a779b0b4299e491cb5e999d02c3b62a01f5952a5","sha256":"aec75b4a8804d1da704dd4b1c41df7c5c98368934750f90adc187a8f07a8cae4","sha512":"d0c5b528edb5e98a9f93c4011d8f7ac6d0b108502228a58000ef72b633ed316e6cbcfb367556dd53990d7a3241cdbe991ea16527f988ecf887f68540bb9279ea","ssdeep":"384:0C8U6Qr4ER4/L/4S6fMU0ZBZIjG2wRpn72XVPgZtilFFuV8BNxszIkSVIobScyVE:0C8U6Q5g0MhIiEPGtY3ugbszIhIHcb","tlshash":"62b2e169d3c35e37e185e19fb833701a5ae30658f68cd44664cc8c4814b5eb8f2b662f","first_seen":"2026-02-12T11:33:20.86506Z","last_seen":"2026-02-12T11:33:20.86506Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1864,"timings":{"blocked":253,"dns":0,"connect":0,"send":0,"wait":719,"receive":892,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/api/guest/getSlotGameByPlatform","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:46.664Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"POST /api/guest/getSlotGameByPlatform HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 66\r\nOrigin: https://vzwpxr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1; 9170FloatModalTime=1770895965705; 9170PendantModalTime=1770895965963\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":66,"data":"platformCode=PCLASSICG\u0026frontType=0\u0026pageNo=1\u0026pageSize=12\u0026appType=PC"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=B9f9NHT6CSjIX8IYl%2BSFK5G%2BUEoqN73iWeDuPvRF3rVV18eq3nW9RD7MsdeZ7BK6jP6d0HJQHdsSlQBNOcnnUubiPvRiMEu31Bg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9ccbc46fae6e75c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5186,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"23777dd523635c570567ea219551fd4b","sha1":"8e1259d6b5c97a48038112a04ae67199df3c1e91","sha256":"2f5be8c9eccbf12829b69a7c0ba51774f75f17c9f751dd465e7eb33c7476c05d","sha512":"8a672155e709b6abeb5b9c3ab34c74871fcfe884cfc9c1e0a0e26d79c1e3a9c3ee5c3654f8cd2fa2aed444c30069896dc712956f67c20392a4a25a1021c65c5b","ssdeep":"48:YdCgDLmP6ajXx6/EFU5BYcJEfBQfuyT/GDF0Ult+KTr9ZQ2SLZuZgBxCHfJjWlFb:HcX0eHBhQvS+xT12/Edc9qlP2","tlshash":"1db13c494b159c2bd3aa45ff28c73d49407d501f6a618a6bb8cdcf6cd2f89276700237","first_seen":"2026-02-12T11:33:20.867444Z","last_seen":"2026-02-12T11:33:20.867444Z","times_seen":1,"resource_available":false,"data":null}},"time_used":323,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":323,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/api/guest/liveSocket/139/jj505nmv/xhr_send?t=1770895967135","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:47.137Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"POST /api/guest/liveSocket/139/jj505nmv/xhr_send?t=1770895967135 HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-type: text/plain\r\nContent-Length: 126\r\nOrigin: https://vzwpxr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1; 9170FloatModalTime=1770895965705; 9170PendantModalTime=1770895965963\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":126,"data":"[\"CONNECT\\npageType:doMain\\nclientIp:\\ninDomain:https://vzwpxr.com\\naccept-version:1.1,1.0\\nheart-beat:10000,10000\\n\\n\\u0000\"]"}},"response":{"raw":"HTTP/3 204 No Content\r\ndate: Thu, 12 Feb 2026 11:32:47 GMT\r\ncontent-type: text/plain;charset=UTF-8\r\nserver: cloudflare\r\ncache-control: no-store, no-cache, must-revalidate, max-age=0\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=etLEqOY5Q6uHEVk0Ska1dBpJJNroIgbtrkscSP6Yey5F6%2Bp4WZPRYlOAHp%2FzIHqGazk34OGLhv7rEAhCp11YDQ3H7jvys%2BKmYiw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9ccbc472a83c75c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T05:23:22.948737Z","times_seen":15945479,"resource_available":true,"data":null}},"time_used":300,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":300,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/api/guest/articleType","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.193Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"POST /api/guest/articleType HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 10\r\nOrigin: https://vzwpxr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":10,"data":"appType=PC"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:45 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2QOyQEmDv0nAXLCxn1qgVSeMT0%2BVuA1RJuAr7HNwwlKauC37dQ%2B1efwHH4s9RlCyWbeRVihW7bnRiY4p0%2FL6nc2QC4HJftA%2FLOM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9ccbc4665ff275c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1064,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"d83cf3f3ea6e3d1133e8819f4b91c46d","sha1":"368301ec86823c672c9e9d0cd5514a59c67b35f2","sha256":"f25c39f1feac01632f5908ed099fdb403ad39e41869a17e8c4e0f5b7059c3201","sha512":"4bd8b8d762b235431ae88c90f6daa346d5e65a81974ca67f9d1ebdc9b1598d7c107e56f92cb58c8c295ceac0083ee1c3945f280b1cf76a1abd3b21defade57f7","ssdeep":"","tlshash":"911108811a79ed96c61c68d60856fe8cd19f303b90958e30a429cf5a14f9cfe2d3b31b","first_seen":"2025-09-27T04:17:39.693287Z","last_seen":"2026-02-12T11:33:20.869148Z","times_seen":6,"resource_available":false,"data":null}},"time_used":576,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":576,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/static/img/info.6849a1b.png","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.224Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"GET /static/img/info.6849a1b.png HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/static/css/build43.1d3258981b762738ff7941d910b3f7b9.css\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 164581\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 18 Nov 2025 06:23:55 GMT\r\netag: \"691c10fb-282e5\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=v7XTIAtQCSm1HgFSAZeYJMX6CUOqUv9%2F9nEuCrbGcehwjm0OguEGviDNMVjIp%2F%2FiXXTj33HLoaOIQLMP0%2Baum0L%2FMs1Vnz9T8js%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ccbc46698ca75c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":164581,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 261, 8-bit/color RGBA, non-interlaced","md5":"6849a1bcff02e1003a910921d76d5ce7","sha1":"e9ca51361fa71e0cbbd3d86d5c0fc95bb9117eaa","sha256":"60439a96a9cb3134213ba05bf449a6be94d70b4f63d829e5c241e03d75879bac","sha512":"09e7a0ec9f12d9c7fee6e1292b54ea495756acdbdea385257bd251cc9df4214ec616f09c72876964ac5cf6fd35574cb44dc22c2e64bf1ec96632cc04c99f780c","ssdeep":"3072:p5riDG7BlpuIjuZIVXZmqSrcLkkeQUpeIRTI9uGinX3tZyMJD/Es7pA/iQxIT0KM:pxEepVx/8p5iRiDyMJDcs7pA/VxM031L","tlshash":"d5f3029dd4fb91924ce709bb966e067a8bf9e0931ca9191d987cb08d4c820ff676110f","first_seen":"2025-03-04T12:50:40.390238Z","last_seen":"2026-02-12T11:33:20.87525Z","times_seen":13,"resource_available":false,"data":null}},"time_used":1115,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":287,"receive":828,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com////image/1599618406138691.png","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:46.684Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET ////image/1599618406138691.png HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 7911\r\nlast-modified: Wed, 09 Sep 2020 02:26:46 GMT\r\netag: \"5f583d66-1ee7\"\r\nexpires: Thu, 12 Feb 2026 14:32:46 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":7911,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 158 x 108, 8-bit/color RGBA, non-interlaced","md5":"0acc1d63c12a15367111344158f53f35","sha1":"189edf4cfb7a6189a03e77b4a2cae969cf827fec","sha256":"6ecd5d2d585f50c7279ea698b7c5661d91f9199d0144019af73a2c8f6bc35a21","sha512":"12f7d7f765010b3ac4d4d30a91264bc3ad2b478796d11761d28879c69641df79b55881aded72324da7fd2d019e8d670001fe1d5c9072ad7b185bed337c511ded","ssdeep":"192:iIIHUCD4waX1c9jknd6oDGEI9Ju0lJQc0:M0w61c9j4MoDxIO","tlshash":"5df19d4ded81100520092a6679af4213821285c0d4d4ae39defbc06fcb30ef92af9edb","first_seen":"2025-03-04T12:50:40.349705Z","last_seen":"2026-02-12T11:33:20.806647Z","times_seen":13,"resource_available":false,"data":null}},"time_used":1502,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":544,"receive":958,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com///image/159961267442571.png","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:46.688Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET ///image/159961267442571.png HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 6053\r\nlast-modified: Wed, 09 Sep 2020 00:51:14 GMT\r\netag: \"5f582702-17a5\"\r\nexpires: Thu, 12 Feb 2026 14:32:46 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":6053,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 158 x 108, 8-bit/color RGBA, non-interlaced","md5":"93774e9511aba088a878480b2e2422aa","sha1":"ba8eb6f9ca82ff206ab1ce7d1d5cecb94f03ce31","sha256":"8a6a56b2f0086c9f1616333b955e7ddcac5d662c3d91fadca6bd08d876cf93d5","sha512":"e2c4362d70e5674cbc3c04c209a6b618c14108a05e533ee444be6ba0ef5b88b0fb805cdd4ff32af76bc5207c46141f8bf29e61cd3d7f9cadd63302e5cf5cd7dd","ssdeep":"96:FSeH6IH2E5F7LQUCrETDang2+UCZHKc7L72Ggb0NrG+EfJ3/Zhjyz0V0HPm21K35:oQ6IWa7LQGDag9ZHVCGgb0RoJRhmZL4J","tlshash":"9fc16b5e6180f95239d1924388ab8107fb62940202c3d8782dcef5465d7d7eea03eacb","first_seen":"2025-03-04T12:50:40.402315Z","last_seen":"2026-02-12T11:33:20.877021Z","times_seen":13,"resource_available":false,"data":null}},"time_used":908,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":706,"receive":202,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com//gamelist/PCLASSICG/1740553603536.jpg","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:47.041Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET //gamelist/PCLASSICG/1740553603536.jpg HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:47 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 120909\r\nlast-modified: Wed, 26 Feb 2025 07:06:36 GMT\r\netag: \"67bebd7c-1d84d\"\r\nexpires: Thu, 12 Feb 2026 14:32:47 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120909,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3","md5":"c4dc20cb8b3cecda03fe2e53a637077b","sha1":"48391bd9107d9ee660d92f296c997201cc493fe3","sha256":"f4560b55360cd815f73d69d06df0bc06232afd05ec0736245f69c3bfcc0c38de","sha512":"230ba90fb18973b20ef18fc8e2beeaf634893b448e65a611a50cb6a7b66b1ea839d62867ab4956aafd147d36c6f1c3945d8fdd23ac7492fedf427c50ac039051","ssdeep":"3072:3zuhvGQnZKXNMoyNxZNKYWOakfiFQ3nyP8Z9V:jukQnZ+7sOOLfB3n68Zr","tlshash":"c1c312ef109f96134c8418ea6760667f09131fc844b3e2f898d160d7bd16bb63cea669","first_seen":"2025-03-04T12:50:40.400258Z","last_seen":"2026-02-12T11:33:20.878612Z","times_seen":13,"resource_available":false,"data":null}},"time_used":899,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":543,"receive":356,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com//gamelist/PCLASSICG/1736402008856.jpg","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:47.043Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET //gamelist/PCLASSICG/1736402008856.jpg HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:47 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 264528\r\nlast-modified: Thu, 09 Jan 2025 05:53:27 GMT\r\netag: \"677f6457-40950\"\r\nexpires: Thu, 12 Feb 2026 14:32:47 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":264528,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3","md5":"1c7706089c996a7c54ebe2bc1a7a92a2","sha1":"cc29a0d6e00cdbbeb1f79a3bfa7f22c378e1b9dd","sha256":"97c15cba09a25091910685c2372def4e871e1417438d596375ee28097ac9dfa6","sha512":"4619f7c08703d9316774ac090c292beec05a0383b0481686a049510966a75e0830ec8a60c5cea1a0fc417470a5ae20cb7f50f3fb8d501c2004073a091502ba75","ssdeep":"3072:stUCKQ9bd6YkM+t0KOdBUCMJliIjmPjikQ8G20Hosk4p63nNOhGuy143PZWE4PUW:srvkh0KOdBUCMHHj8q8GfoPjgxO4/iMW","tlshash":"1244231ce10924dbb95c69b0f3492abf190728e5080ae36fb5ec5cca48d11cb627afd1","first_seen":"2025-03-04T14:14:44.763884Z","last_seen":"2026-02-12T11:33:20.880279Z","times_seen":12,"resource_available":false,"data":null}},"time_used":1170,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":542,"receive":628,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-54GH4KW","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.142.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:43.190Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 19 Jan 2026 08:36:59 GMT","end":"Mon, 13 Apr 2026 08:36:58 GMT"},"fingerprint":{"sha1":"37:54:14:A5:9E:4F:27:5F:F2:97:D2:04:B1:AA:A1:65:D1:2C:ED:13","sha256":"92:82:66:19:78:D1:42:C8:D6:E0:6B:CE:1E:2A:0E:F2:F5:B0:F5:8E:3E:BD:65:EC:49:BE:4C:5F:6A:29:27:D2"}}},"request":{"raw":"GET /gtm.js?id=GTM-54GH4KW HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Thu, 12 Feb 2026 11:32:43 GMT\r\nexpires: Thu, 12 Feb 2026 11:32:43 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Thu, 12 Feb 2026 09:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 106014\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":303204,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (4330)","md5":"de67d3180da72a1771ade226003cc173","sha1":"960132927d72851e4bbbffb3a73862bd19fb9527","sha256":"cdc98b95522fe323d65cb86af120457971f0f64895e0ba305560dc54aec4b545","sha512":"493c14ba93116813c85706ddd7f54997672db9192a3ef8c5dbbc401bcc937963291cf3873883d8fe07981b2c66073912b1b52c8d5a5bf618c1c1337702dc2fdf","ssdeep":"6144:6/Oyt3h3cUoEh8EV8bteBe19vgMU0taKbQ:MZt3R2Eh853e0ta0Q","tlshash":"b45407cdb7da706683a3a478503f114bb23b7992f84cd894e186d8d42d70a6a4277f7c","first_seen":"2026-02-12T11:33:20.881927Z","last_seen":"2026-02-12T11:33:20.881927Z","times_seen":1,"resource_available":true,"data":null}},"time_used":184,"timings":{"blocked":64,"dns":7,"connect":8,"send":0,"wait":25,"receive":24,"ssl":53},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/api/guest/fetchImg","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.165Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"POST /api/guest/fetchImg HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 36\r\nOrigin: https://vzwpxr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":36,"data":"imgCode=yhPCPendantCenter\u0026appType=PC"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:45 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cNi5IGtt4apWQbruU85vSm8iAXPDnGGNtqbjQsJ4sAuJrYF%2FQUVGl7ikXY0l6jV%2BL3588p0MpRTEeMLq5aV7F7pA36bsMuifYSs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9ccbc4663f6875c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":59,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"d3e64e6d800f9505c06d822a79168c75","sha1":"d0699be51e1fb8f2b2854edbe43207f88b2bce23","sha256":"f2254a9b1548c815b478dfd3bb87d1eaa796cc4ddbde58e7cb3245c9da1a15d2","sha512":"bfd5d7eb2eb752cc2f5b2a7d9315084530128d70649af889101de0a652fb8ea7e68d7374135ddba4f028d5aa16d65827cccaffe0e0145b19013a44c33f01dc89","ssdeep":"","tlshash":"69a00224ac0895562c9745444208aa21661d559318090b910edebf7480d81f59455529","first_seen":"2025-06-09T01:55:06.319616Z","last_seen":"2026-05-17T23:08:59.369656Z","times_seen":98,"resource_available":false,"data":null}},"time_used":540,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":540,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com/upload/1769491672207322.jpg","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:46.019Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET /upload/1769491672207322.jpg HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 788451\r\nlast-modified: Tue, 27 Jan 2026 05:27:52 GMT\r\netag: \"69784cd8-c07e3\"\r\nexpires: Thu, 12 Feb 2026 14:32:46 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":788451,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1920x418, components 3","md5":"0572d8bac6597c7aa6ce255977190d71","sha1":"3481ae09e3c0f521b78261c849ec148fe7863f30","sha256":"d39d58cec2d0287bcd506b948101ec5800833d13be9fc452a4117473dcae7d64","sha512":"45c3416290e7b3ec3e7dd0e87f8a14e2aeba7b45b32e22bb8e2b430d63f94e43f21fe85df6d7e8f988aa2a596e9d5e1bfc2d599a53b516817082c6dad076993c","ssdeep":"12288:0EM6SBhwtoow1o1RLXBhU3czporwyfK8n8mK1yj62tQoDG9V3LGOUUpiydjXTP9/:VtoNKXI2porpfjVKaDG9JHpiydjR","tlshash":"3ff423acb5c2b42d4f6c2a11e6e72f8d295287287adbfcf44520798976c490fdc414af","first_seen":"2026-02-12T11:33:20.883573Z","last_seen":"2026-02-12T11:33:20.883573Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2436,"timings":{"blocked":480,"dns":0,"connect":0,"send":0,"wait":721,"receive":1235,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com/upload/1697448064801827.png","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:46.267Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET /upload/1697448064801827.png HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 47296\r\nlast-modified: Mon, 16 Oct 2023 09:21:04 GMT\r\netag: \"652d0080-b8c0\"\r\nexpires: Thu, 12 Feb 2026 14:32:46 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":47296,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 206 x 152, 8-bit/color RGBA, non-interlaced","md5":"b3194ca1ab1da92bdcc818a900b0da6d","sha1":"5dd88b64fae60ef8d49fbf663c5b9f0a24fdeea1","sha256":"36b4b2ddbadabca9fe6220b227c778f8c3568673acfbc64af043ac3c2463762c","sha512":"3432bf3d8c359508142066ddb3d90bcece9647beaedf4b1db790cabde714cd0d66c3be5129cb10a445b3cecb404ef9fa2a5fe04468266220efb15b1729822058","ssdeep":"768:rrfP39JS8tzeZLqoEm0AgCGP8T9HlJWpLwOdKAoWQLrLqUs7HcQht9CR/GujBtp:PfP3Dd5rH8HepLd0ZqUsj/P9CRuujBtp","tlshash":"69230244c70530a1fe805ab0bb76848af4cde6e14f64f9173695a5cfb83a3dacc564e1","first_seen":"2025-03-04T12:50:40.391651Z","last_seen":"2026-02-12T11:33:20.886039Z","times_seen":13,"resource_available":false,"data":null}},"time_used":1140,"timings":{"blocked":231,"dns":0,"connect":0,"send":0,"wait":721,"receive":188,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"wss","addr":"vzwpxr.com/api/guest/liveSocket/644/uhhomngu/websocket","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:47.197Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"GET /api/guest/liveSocket/644/uhhomngu/websocket HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://vzwpxr.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: nw3V9q8WcME1Xz7lxfGtFA==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1; 9170FloatModalTime=1770895965705; 9170PendantModalTime=1770895965963\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 400 \r\nDate: Thu, 12 Feb 2026 11:32:47 GMT\r\nContent-Length: 34\r\nConnection: keep-alive\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\nCache-Control: no-cache, no-store, max-age=0, must-revalidate\r\nPragma: no-cache\r\nExpires: 0\r\nStrict-Transport-Security: max-age=31536000 ; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=fkwmaBNyc1LPVx7nkEegRcU2zJyZmErDgkkZgH616lUU7HI66%2FIP71aJX6mF9JH%2FgySfDJtosClNfCPWad0LsBHERcDto0H%2B2zxIDFwu8VN8%2BsRgUAxi6veM%2BSj%2B\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 9ccbc4736dcf57e3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"400","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T05:23:22.948737Z","times_seen":15945479,"resource_available":true,"data":null}},"time_used":653,"timings":{"blocked":0,"dns":28,"connect":8,"send":0,"wait":591,"receive":0,"ssl":26},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/static/css/build43.1d3258981b762738ff7941d910b3f7b9.css","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:43.164Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"GET /static/css/build43.1d3258981b762738ff7941d910b3f7b9.css HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:43 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\nlast-modified: Tue, 18 Nov 2025 06:23:55 GMT\r\netag: W/\"691c10fb-12f76e\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=X3zG0AGxuCPEMFeSJJuUCEOUant%2BdvdcavDhJBRBtZUeuw03JSNcaPyiH8u%2BEIwTTpil3IXHtmvIq0v5YWZ7HTfic%2F8%2Bhm%2Bvxe4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ccbc4598e9f75c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1242990,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"8f7a96c1d4c8722d345bcb8245545c36","sha1":"25b0479daec3044fcd313dbab21658ab0ab00bd4","sha256":"3d5e5a2725d1534472ab910f887811b7962a6004cfb7e2407503fb8ba656f8d5","sha512":"f039378adda9d79a23c8baaee0997f7f62aefaa81d0d9264367c58681d2a126efddddf30be78ce52b2a3ee83472bd182bba643d08430c020d249a3211aa00d7f","ssdeep":"24576:zHkAOXR3uzWWOfTVLfnun6LNePZKZJZGZyZPZE+kS/aOJYc7OxxAMtz:zsXR3u6WAc6LNePZKZJZGZyZPZE+kS/w","tlshash":"c825bf30ab5b341f203fc6787491bd993e28c317d5235b7dfda93518c99b2952223a8e","first_seen":"2025-09-27T04:17:39.745601Z","last_seen":"2026-02-12T11:33:20.890482Z","times_seen":6,"resource_available":false,"data":null}},"time_used":1732,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":512,"receive":1220,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.matomo.cloud/9170.matomo.cloud/matomo.js","fqdn":"cdn.matomo.cloud","domain":"matomo.cloud","tld":"cloud"},"ip":{"addr":"3.167.2.19","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:43.430Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.matomo.cloud","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Mon, 21 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"7B:9E:B2:8F:2C:21:F3:D8:CC:C3:78:9E:88:F2:FC:72:0C:FB:68:3A","sha256":"D7:E0:95:8B:B8:35:19:48:30:B8:87:D2:5F:82:0D:1D:DF:65:27:5C:9A:83:C6:2B:1B:9B:3F:9C:32:70:25:3C"}}},"request":{"raw":"GET /9170.matomo.cloud/matomo.js HTTP/1.1\r\nHost: cdn.matomo.cloud\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: CloudFront\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Thu, 12 Feb 2026 11:32:44 GMT\r\nlast-modified: Tue, 03 Feb 2026 21:51:17 GMT\r\ncontent-encoding: br\r\ncache-control: max-age=691200\r\nx-amz-version-id: Rkw43sGVFevXmuMqiN8OPdGb5SEa7bbd\r\netag: W/\"cf8b381329cc0aee32cb1b8b039f45a4\"\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 094188bf05865a3d323dcbfb7173f1f6.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-amz-cf-id: 3cQkMrdL_cbJV0jTl4beXzgeiWqEQZpa3bpA7WP_9I3sIoA36-RxCA==\r\nstrict-transport-security: max-age=31536000\r\ncross-origin-resource-policy: cross-origin\r\nvary: accept-encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":139327,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2923)","md5":"cf8b381329cc0aee32cb1b8b039f45a4","sha1":"4c3df5b37efad2433b0ce9797cf616b9054e73f8","sha256":"2aa5b34976102b9b3df357626c749e33cfe37a0e0031edfb40a3471c1d303a1c","sha512":"27024ab0f52f0897e4783d44c281bf863d459b91521402fff79f9e35a33de5705cb4d84e217a279cd68c1b63d472ce4ced4a9f9c70b01f5a974b99bdeca90bf0","ssdeep":"3072:AT+Z2fucXYy1PGJ9d1QkNw0CjBi4jZdV50tqv:ASUucfBGrd1HwBi4jZdV50tqv","tlshash":"e5d3088a72c2753a86db60b5543f110b733a9daa2448c0b8f625d4f63d78e0e553bf78","first_seen":"2026-02-05T13:16:52.117928Z","last_seen":"2026-05-18T14:30:39.242884Z","times_seen":658,"resource_available":true,"data":null}},"time_used":178,"timings":{"blocked":34,"dns":24,"connect":2,"send":0,"wait":109,"receive":0,"ssl":6},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/static/img/footer_info.45a01f6.png","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.225Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"GET /static/img/footer_info.45a01f6.png HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/static/css/build43.1d3258981b762738ff7941d910b3f7b9.css\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 21198\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 18 Nov 2025 06:23:55 GMT\r\netag: \"691c10fb-52ce\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QM0bcJhCtvVV7%2BDaqZpmQESXRgsR5rgjnR%2BlVeT22XgybNKMHY5HHQrG3kH0pp3R7u4p%2Bf25D3XIyccpm2ry52vMZwj0Cb7OG34%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ccbc46698d475c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21198,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1000 x 95, 8-bit/color RGBA, non-interlaced","md5":"45a01f6afb27466d1833382e792ae095","sha1":"8ef2f1682541db1865303242f3a2b8d097a1cc2e","sha256":"bd48ffd81f2c7a1d985d4184e642966e01c5cc9406d562ea9529d7679375e11f","sha512":"966d5d8ec84105c414beb64e49c264f9d50528e6a2f90bc34308f34da4c1fea0533a155b6d3dae57e18de8b5a864a1be79f6d830018013f46d71042026d629e6","ssdeep":"192:9SP5ktunE2s8vfLxkN8ArGm9pGbam3zWTl8S0lbDM3:86tunExsKGmLGv3Asl/2","tlshash":"8c925b5969b07435ec65d0b42ac05142aaa30a03c1e1de09bbed9d57af1abce8c4f992","first_seen":"2025-03-04T12:50:40.369303Z","last_seen":"2026-02-12T11:33:20.892239Z","times_seen":13,"resource_available":false,"data":null}},"time_used":906,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":603,"receive":303,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com/upload/1675746817550732.jpg","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.988Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET /upload/1675746817550732.jpg HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 20931\r\nlast-modified: Tue, 07 Feb 2023 05:13:37 GMT\r\netag: \"63e1de01-51c3\"\r\nexpires: Thu, 12 Feb 2026 14:32:46 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20931,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 210x120, components 3","md5":"c8eb6ca05ea4c8d5ff2b95aa44f1fe57","sha1":"c2ed79da1612308008c9031d6e655c58ccffa2c7","sha256":"f6a2c3757138ff8dec6ed8213987e71a29054718660fc4e096a93958c6211647","sha512":"9d417b044d46eb439db31bc025023e19d7dea200e0f137769439f56ef5617cd810972c8d567238f63727b38991f75a7b796c6f3b5c13ef6285f6c92b755096fb","ssdeep":"384:Ee5AnAmX5YWOwFD5gxjXFrDJF7Xq562uwMQ+RAdtOiiHem7s:EekhfFFDwTFPJ0XuDDCrOfg","tlshash":"0592d0137bea5d10edc1783407f7d87817693e00a3a396dba024f4277c7aac5c2255aa","first_seen":"2025-03-04T12:50:40.405734Z","last_seen":"2026-02-12T11:33:20.894352Z","times_seen":13,"resource_available":false,"data":null}},"time_used":1404,"timings":{"blocked":510,"dns":0,"connect":0,"send":0,"wait":721,"receive":173,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com/upload/1694768180881940.png","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:46.028Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET /upload/1694768180881940.png HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 693979\r\nlast-modified: Fri, 15 Sep 2023 08:56:21 GMT\r\netag: \"65041c35-a96db\"\r\nexpires: Thu, 12 Feb 2026 14:32:46 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":693979,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 418, 8-bit/color RGBA, non-interlaced","md5":"c6cc3ca89c6d8c45df207b2b2a435cf7","sha1":"b1e2246f865c130d1813e4da82ebbdc7f4053c48","sha256":"4f8985996143c872bb0236f4afa14b4b911f119931b0e0949d39754960545c88","sha512":"865d53bca2d5a72e48382e29593c8f477093f22a0be72d5c321a7c8534e5e3d04f5ac5f3305a98bd59329e624f7a9b84834e64dc80c62ac4355c972ed87332d0","ssdeep":"12288:0fexkK2E8/tAVUz+47W4vgwtm62uu1UFt06Qjr3XfYaY+uAtuFvWZyVVqXioFoX9:0fw27OePC4YwtXq1kgjjXLyvWE3qXxFI","tlshash":"46e42348f56c066277207edbdaf0968ddb0f4de3b059d1b0c1a69909cf1e6438be14ca","first_seen":"2025-03-04T12:50:40.407878Z","last_seen":"2026-02-12T11:33:20.896824Z","times_seen":13,"resource_available":false,"data":null}},"time_used":2499,"timings":{"blocked":471,"dns":0,"connect":0,"send":0,"wait":721,"receive":1307,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com/upload/1694768247298613.png","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:46.034Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET /upload/1694768247298613.png HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 841144\r\nlast-modified: Fri, 15 Sep 2023 08:57:27 GMT\r\netag: \"65041c77-cd5b8\"\r\nexpires: Thu, 12 Feb 2026 14:32:46 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":841144,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 418, 8-bit/color RGBA, non-interlaced","md5":"1b23597e83383dcabd423c5737d3757d","sha1":"6caf837c28d7699b2c8ec085c780dbfb7e705329","sha256":"f771e2624cc975aad9ffb448f60ba060e24b5ee7290acff451741c513aaabf3b","sha512":"d4bc48d98bfcbec6cdb60499b396ce0c25a02449f2b0a07cab3f623308453f7930762986ee6ff1cfbb7e5f12dedbccc7ab0644c3256888f6d638c3722876f07c","ssdeep":"24576:jGr2lRShaMuWrgzLpG2xwgyzfIRG5UAQNJnFD0qykfdD:jGORShyqILygyzAk5UAQNJ6q1","tlshash":"480533b659f3dab15331630109bbd1ae2ef8f6df08d1a67087b8563d7db940c89b00a5","first_seen":"2025-03-04T14:14:44.781535Z","last_seen":"2026-02-12T11:33:20.90184Z","times_seen":12,"resource_available":false,"data":null}},"time_used":2596,"timings":{"blocked":465,"dns":0,"connect":0,"send":0,"wait":721,"receive":1410,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com/upload/1769491785683147.png","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:46.260Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET /upload/1769491785683147.png HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 22972\r\nlast-modified: Tue, 27 Jan 2026 05:29:45 GMT\r\netag: \"69784d49-59bc\"\r\nexpires: Thu, 12 Feb 2026 14:32:46 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22972,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 134, 8-bit/color RGB, non-interlaced","md5":"457aa760a95382edacb126e999978bf2","sha1":"6ba3440ecfa249bf0e48c47067d7c7a5a3862a50","sha256":"e2fd7457bf8bb9db09788d60f6c2d9e45e256ad56c9f341d32ffb12fb6c24629","sha512":"e8f471f0db4a4cf1edbbb018aa1699005d7a3c0714697a04c514ef52ad6e95ac7cf2b5b6e3c951e634be1b064fe42a518d7c9bf6961894665e394151d6b193de","ssdeep":"384:eQoFF7kHRjYvwerFu1BB8aiermHOCs7nIG8nwsL4cQUd8BKTkS3dJuBcEK:2D7kp0VpSBB8aierGsQzQQ8BL8dJLEK","tlshash":"a3a2e1eef26b7205e2addcd86cad391d016b8f14e14690253847933b1e273f3259918f","first_seen":"2026-02-12T11:33:20.90632Z","last_seen":"2026-02-12T11:33:20.90632Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1865,"timings":{"blocked":245,"dns":0,"connect":0,"send":0,"wait":718,"receive":902,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com/upload/1770892575342384.png","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:46.261Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET /upload/1770892575342384.png HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 6269\r\nlast-modified: Thu, 12 Feb 2026 10:36:15 GMT\r\netag: \"698dad1f-187d\"\r\nexpires: Thu, 12 Feb 2026 14:32:46 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6269,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 133, 8-bit colormap, non-interlaced","md5":"cbaec82c3d46f62ffc4dfa73b1c24e27","sha1":"4f5e9e46ed415287aa163d03cc6eeff9ef0f99bf","sha256":"166e689e4fbca935cfb27fedcc7c23f4b462788d1eab422cbab672e4e6019a70","sha512":"a47553ea52e5deb0a7769150c8e3cbe1e3b561f0dd23cc3569d49e5939a6a44e215a09f103a49010fa6c73e405e44f6b0f5e0bdabd29f3a0710a8e79c200a99a","ssdeep":"96:Y6hzfSh676w4M5/OBnbihslh1qS8Hde1+lMuQOiwtqU1f+S:Y6pfSs76O5/knb1lh1q1ecjQHwtD1f5","tlshash":"f3d17e9a3526043b3db14da68d4899638c80b7cc993fda7e564adb63035731a44087ff","first_seen":"2026-02-12T11:33:20.91101Z","last_seen":"2026-02-12T11:33:20.91101Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1864,"timings":{"blocked":246,"dns":0,"connect":0,"send":0,"wait":716,"receive":902,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/static/img/mobile.160fb39.png","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.220Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"GET /static/img/mobile.160fb39.png HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/static/css/build43.1d3258981b762738ff7941d910b3f7b9.css\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 165427\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 18 Nov 2025 06:23:55 GMT\r\netag: \"691c10fb-28633\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=I%2BU%2BVhqreegdj2u2Ki5%2FP3ChOsph%2FlynvAFP8JXE7IPcUlmhOBDrMupfGnadAQf%2BQ0fLAWBnQ5zWrQwNxP9dLtd5pQ%2BK0PjQHGA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ccbc46688bd75c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":165427,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 215 x 457, 8-bit/color RGBA, non-interlaced","md5":"160fb394e38d4b3ff895186043a90c1b","sha1":"f70804809db605d7ea74f31ebbe6c7e7920e0149","sha256":"db683d5924b8fa136d542911a2e0a684ea49b36b9574995b1ebc25417a591bb0","sha512":"919fd84fca0dfc8844dce7eee7543927a88ff9edb880839e77c46be9bf5606ca11f0d06a831405206e0d5afc144591f8cb533e42dea98274babca02e5a4149a9","ssdeep":"3072:4pRfQLlEcTYnErpknPRqTFpWBqvhcuXboWd6zWnoI:4pRYic0EuPRqTF2C+6oa6KoI","tlshash":"7df313689ca4c452363fafc60791b72f02b979e0e88784feb1063567bb1e254f720a55","first_seen":"2025-03-04T12:50:40.366308Z","last_seen":"2026-02-12T11:33:20.913383Z","times_seen":13,"resource_available":false,"data":null}},"time_used":1278,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":520,"receive":758,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com/upload/1769491771076920.png","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:46.257Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET /upload/1769491771076920.png HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 39802\r\nlast-modified: Tue, 27 Jan 2026 05:29:31 GMT\r\netag: \"69784d3b-9b7a\"\r\nexpires: Thu, 12 Feb 2026 14:32:46 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":39802,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 134, 8-bit/color RGBA, non-interlaced","md5":"32b91a07e4c91609f3ed10da55bf3789","sha1":"ac599456d7189a4a4fe9324d62fd5a6c0eb40e49","sha256":"860baf20fa92176a767522394d5480610e0af590ff1cfe1a060e4a9dd54b8465","sha512":"2cec6e9733a091dc73806b35c55bd9ea6cbb4b8629737d900a3322c9f0d024dada23a0e240b4305f2ea127df3e59e39d261fd23991c4f30fc5d17928d8d3312a","ssdeep":"768:8/59uNgWKLB6WGsBeliWQWEQHtGEDNqqvamkrfQ/1rXP:+unK96vsBDWQgg4famwf4rf","tlshash":"0103f1b5384f6c38e322221c5eaa815f645b8e831f4ec211611bdc9fbbbc6bd01955b7","first_seen":"2026-02-12T11:33:20.925754Z","last_seen":"2026-02-12T11:33:20.925754Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1863,"timings":{"blocked":245,"dns":0,"connect":0,"send":0,"wait":720,"receive":898,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com//gamelist/PCLASSICG/1736401937305.jpg","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:47.048Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET //gamelist/PCLASSICG/1736401937305.jpg HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:47 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 209311\r\nlast-modified: Thu, 09 Jan 2025 05:52:11 GMT\r\netag: \"677f640b-3319f\"\r\nexpires: Thu, 12 Feb 2026 14:32:47 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":209311,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3","md5":"9f99d74815908d323339dd5f5cfcb6f9","sha1":"da05d9681399faf0c30b075f950aefb0d6b4f7c5","sha256":"1c813db3bc122fca25ee7bbdf7487d68aa10db7e96c234db8bbdba616f2e9120","sha512":"85a1cd4532a6778340ccfca05ff99d95a76a856ef9f3d61a6d0fab16c433a77d8d412943d176af9bd696314104035ca4953b906919c223f69ad2dfd12871f307","ssdeep":"6144:LftYwFn942WyEHNWL2CVtErxrTIMfFSJIN7h:LftYwN9+oiCVreQsh","tlshash":"de14225d8fc3664a71e4b428f14f277c9b1e228a3e3b97014081ea5394b597a5d3b3a3","first_seen":"2025-03-04T12:50:40.406413Z","last_seen":"2026-02-12T11:33:20.93416Z","times_seen":13,"resource_available":false,"data":null}},"time_used":1069,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":538,"receive":531,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-12T11:32:42.364Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:42 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Tue, 18 Nov 2025 06:23:55 GMT\r\nvary: accept-encoding\r\ncache-control: no-cache, no-store\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bmWiToA4e6ufOzDl%2BhB47OqZyxUe1ju2Ih9mi8iK%2FmzoYJk8H8HXmM3gnotWw6duazDWi2mTuJKAZeXzqa%2BREmsBLe9KKfEbNWQ%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9ccbc4552ceac8cb-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Tag Manager","description":"Google Tag Manager is a tag management system (TMS) that allows you to quickly and easily update measurement codes and related code fragments collectively known as tags on your website or mobile app.","website":"https://www.google.com/tagmanager","common_platform_enumeration":"","icon":"Google Tag Manager.svg","categories":["Tag managers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4310,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1572)","md5":"39015d57112e77e97fa602818c4ceda0","sha1":"39d802cdd0db044e3d21954217701c4096546ec6","sha256":"d2bd1d5465338d3e08df17c6b006a131ae4acd607a7ef72ff9c7efab4e3fff06","sha512":"4ecdabc5db6338e19955542697f9eeb4af86368178499433b2ec67f0025c30300043074ee00174d862f7c4e12f87463dc844ac4619d74be4dd4885d169ceabd1","ssdeep":"96:vU54L8a7a/SekPsmCsF82yr7WwrR4L8DVt30KW:i4Ia7a/SeWDCsF82yvW36H0KW","tlshash":"7391d85e9dd3e2bf192324641e74f219f007901ba416dc00bfec5958af847598eb2a8b","first_seen":"2026-02-12T11:33:20.936891Z","last_seen":"2026-02-12T11:33:20.936891Z","times_seen":1,"resource_available":false,"data":null}},"time_used":686,"timings":{"blocked":59,"dns":28,"connect":8,"send":0,"wait":564,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"9170.matomo.cloud/matomo.php?action_name=welcome%E6%AC%A2%E8%BF%8E\u0026idsite=3\u0026rec=1\u0026r=747821\u0026h=11\u0026m=32\u0026s=43\u0026url=https%3A%2F%2Fvzwpxr.com%2F\u0026_id=62dc7285af906460\u0026_idn=1\u0026send_image=0\u0026_refts=0\u0026pv_id=X6sFpc\u0026pf_net=85\u0026pf_srv=563\u0026pf_tfr=1\u0026uadata=%7B%7D\u0026pdf=1\u0026qt=0\u0026realp=0\u0026wma=0\u0026fla=0\u0026java=0\u0026ag=0\u0026cookie=1\u0026res=1280x1024","fqdn":"9170.matomo.cloud","domain":"matomo.cloud","tld":"cloud"},"ip":{"addr":"3.126.133.169","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:43.638Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.matomo.cloud","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 21 Apr 2025 00:00:00 GMT","end":"Wed, 20 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"20:11:4C:63:17:FD:99:09:3C:43:B7:CC:E0:3C:3D:1B:68:53:F3:19","sha256":"B0:CB:AA:8B:5C:DE:18:64:46:50:8B:3C:EF:2F:F8:94:E6:C3:D9:44:13:32:41:13:29:76:AB:D1:5A:E1:A0:1C"}}},"request":{"raw":"POST /matomo.php?action_name=welcome%E6%AC%A2%E8%BF%8E\u0026idsite=3\u0026rec=1\u0026r=747821\u0026h=11\u0026m=32\u0026s=43\u0026url=https%3A%2F%2Fvzwpxr.com%2F\u0026_id=62dc7285af906460\u0026_idn=1\u0026send_image=0\u0026_refts=0\u0026pv_id=X6sFpc\u0026pf_net=85\u0026pf_srv=563\u0026pf_tfr=1\u0026uadata=%7B%7D\u0026pdf=1\u0026qt=0\u0026realp=0\u0026wma=0\u0026fla=0\u0026java=0\u0026ag=0\u0026cookie=1\u0026res=1280x1024 HTTP/1.1\r\nHost: 9170.matomo.cloud\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=utf-8\r\nContent-Length: 0\r\nOrigin: https://vzwpxr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Thu, 12 Feb 2026 11:32:43 GMT\r\nserver: nginx\r\naccess-control-allow-origin: https://vzwpxr.com\r\naccess-control-allow-credentials: true\r\ncross-origin-resource-policy: cross-origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T05:23:22.948737Z","times_seen":15945479,"resource_available":true,"data":null}},"time_used":303,"timings":{"blocked":115,"dns":35,"connect":21,"send":0,"wait":73,"receive":0,"ssl":57},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/api/guest/firstNavList","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.204Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"POST /api/guest/firstNavList HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 22\r\nOrigin: https://vzwpxr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":22,"data":"frontType=0\u0026appType=PC"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:45 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=L5sEa8EU%2B0AH5TXXqi56zUM2FzkNcsxj%2Bz6jK%2FQPM53GEJ56ou%2FqTPJkPaZcY9hvk%2BuGh0FqHZE5QrGfx%2F9XjP9St3jNKyZR6bk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9ccbc466682375c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":59,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"d3e64e6d800f9505c06d822a79168c75","sha1":"d0699be51e1fb8f2b2854edbe43207f88b2bce23","sha256":"f2254a9b1548c815b478dfd3bb87d1eaa796cc4ddbde58e7cb3245c9da1a15d2","sha512":"bfd5d7eb2eb752cc2f5b2a7d9315084530128d70649af889101de0a652fb8ea7e68d7374135ddba4f028d5aa16d65827cccaffe0e0145b19013a44c33f01dc89","ssdeep":"","tlshash":"69a00224ac0895562c9745444208aa21661d559318090b910edebf7480d81f59455529","first_seen":"2025-06-09T01:55:06.319616Z","last_seen":"2026-05-17T23:08:59.369656Z","times_seen":98,"resource_available":false,"data":null}},"time_used":580,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":580,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/api/guest/platformPicInfo","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.811Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"POST /api/guest/platformPicInfo HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 33\r\nOrigin: https://vzwpxr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1; 9170FloatModalTime=1770895965705\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":33,"data":"frontType=0\u0026gameType=1\u0026appType=PC"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ClXeHptBW1UHTy5jyXdciWFS82eJKbUxSD5DIgHstX%2F5jaJFHrGlWptA8gSWH4Leg2c6FvrdL2A%2B9OE%2BHn6NZUpZgv3ASDiVLR4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9ccbc46a5d0475c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5051,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"836513a89e3e3378075068b41c04c47d","sha1":"679a480fe3d549e2777973f370c8a9ebdc137c61","sha256":"d561cba9c10e21fe20bfa1a26b92b7c4fcea8bdfa7e7ded7d367f00c58509071","sha512":"5c1c03e579de47787ba9d75a226b7fc05e5e364c9b1003d6aae5abe70d0837700fe1d73276fb6e1810cf95de402503a32552c9eb102b4fd3dc26420fe06f51ba","ssdeep":"96:HmiZIsxgjDGZIqYljDThqZIp7jDv0IbZyjDYU0IpijDYZINhjDpZIOY+jDbEZITE:HpZIugjDGZIVljD4ZIp7jDv0IbYjDYUv","tlshash":"aba1cb4b0b269cad8f5742e31dcf7d18e23d85ab88d9d59dc8d88ed240fc1a6a319335","first_seen":"2026-02-12T11:33:20.941015Z","last_seen":"2026-02-12T11:33:20.941015Z","times_seen":1,"resource_available":false,"data":null}},"time_used":293,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":292,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com/upload/1769491735119446.png","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:46.246Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET /upload/1769491735119446.png HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 22940\r\nlast-modified: Tue, 27 Jan 2026 05:28:55 GMT\r\netag: \"69784d17-599c\"\r\nexpires: Thu, 12 Feb 2026 14:32:46 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22940,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 133, 8-bit/color RGB, non-interlaced","md5":"0d7c76b564d6cd4527f529a94b05193f","sha1":"77c1248ee28d934fff96fc68e725ff1636e36b00","sha256":"f164516ab0dbfe795de9a280198ec62a637a1fa148ed81f4cd0e9d78da117ed8","sha512":"19a09f556810cd3cc2808cf07defdf34207681fcc747a4d49969a967ebb1dd73f9bb16fc4a02afa5725658fc5e2f472e20340bcf757c06871dca140a1d608136","ssdeep":"384:kbNPfYbwthTWIix6HbgwUNECWS74qytLFDrBB1rP/F2aozRqB/M7fkITTetLPuNV:kbJYbwvTWdxqNUECW2ibb15ri403netY","tlshash":"cea2e17b4b11259154c382bc110fc209b82ba8d069d3e03e768fc55b13a4727e1ccaef","first_seen":"2026-02-12T11:33:20.950551Z","last_seen":"2026-02-12T11:33:20.950551Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1866,"timings":{"blocked":256,"dns":0,"connect":0,"send":0,"wait":719,"receive":891,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com/upload/1769491750074418.png","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:46.253Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET /upload/1769491750074418.png HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 29944\r\nlast-modified: Tue, 27 Jan 2026 05:29:10 GMT\r\netag: \"69784d26-74f8\"\r\nexpires: Thu, 12 Feb 2026 14:32:46 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":29944,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 133, 8-bit/color RGB, non-interlaced","md5":"dd3b75b016bf857324de67be5cebc7e7","sha1":"0943d8db8a895735419f659d350aa972e45fe9c8","sha256":"dd2a64ae64ed73a261edebce83edfbec855a29b25333b06f7a58374617f6c536","sha512":"fba9de81ec28fa4314a6716b171daac9c955ea7acb04147c9b49e55c614f103614622dc06218b0378f9da370ad72bbdd4c584b8f5f27d57e909d2d1752a89eb0","ssdeep":"384:S+3/OvQOm4wyls2DI06WoDzPkZdsrxnRDanLJ+a+wvkndh44+h9QtL:Ss/OJZs2BOUdGFBqN6P44+vQtL","tlshash":"65d2e091b08baf93940bf4450709fe194c2e59c17a117bd3eed2084275d656ba1ff0ba","first_seen":"2026-02-12T11:33:20.953848Z","last_seen":"2026-02-12T11:33:20.953848Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1863,"timings":{"blocked":249,"dns":0,"connect":0,"send":0,"wait":720,"receive":894,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com/upload/1697448049713633.png","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:46.266Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET /upload/1697448049713633.png HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 41170\r\nlast-modified: Mon, 16 Oct 2023 09:20:49 GMT\r\netag: \"652d0071-a0d2\"\r\nexpires: Thu, 12 Feb 2026 14:32:46 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":41170,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 206 x 152, 8-bit/color RGBA, non-interlaced","md5":"7851aca718a8513ed6a6227b4144b8a2","sha1":"0f51af3f88d047346728806b8816a80ec497aa25","sha256":"b9f355f9bf99e4018ac8c63be07c8e22c486734e659562c65ec4e4069e3a876f","sha512":"7ccfcfa0fb9b4a9b5aa2b6e2a5591e04ebdb8c2dc861440d2783ad40450b057aec42cbd13376f6487753177d3b9cfd91094c7867bf71e4440083b924e50c2c0c","ssdeep":"768:QqRRgSaaApyLKV2OZ3vXHVcgvP7pg7t4e4z9zDMqKf+Mn3RkusMD:QNGApyLutv3Vcgy7t4e4zRtK2Mn3J","tlshash":"d103f11d85425cb1f04aecc52de771ad626830c5aa60275ef09f2f4b79607b8cb60a4f","first_seen":"2025-03-04T12:50:40.397553Z","last_seen":"2026-02-12T11:33:20.955826Z","times_seen":13,"resource_available":false,"data":null}},"time_used":1138,"timings":{"blocked":233,"dns":0,"connect":0,"send":0,"wait":721,"receive":184,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/favicon.ico","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:49.271Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1; 9170FloatModalTime=1770895965705; 9170PendantModalTime=1770895965963\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:49 GMT\r\ncontent-type: image/x-icon\r\nserver: cloudflare\r\npriority: u=6,i=?0\r\nlast-modified: Tue, 18 Nov 2025 06:23:55 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2Bq8ovGiymOq23n5WhMkGcrbIiSJNaIhyvtOcwAVJuJbDzEN9tr30paEnok0Dv7eOF2l8RNeKq4kK%2FwKhrGRUXVQd0e55QMdiHzo%3D\"}]}\r\netag: W/\"691c10fb-530\"\r\ncontent-encoding: br\r\ncf-ray: 9ccbc47ff87575c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1328,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"6930b0653aa0adc9f94e2780220284c9","sha1":"80246d45666f464bccd778733437f3d8566c2d6f","sha256":"85aff189edc525d918d41685c9c83b92e523071b445625384050688992ee0c38","sha512":"5a4b8a3a48473c002b3a3a57b252c6ff384923a0bc303966bdf35a70c737ecbe187b09b47e236ea2d0799208ba9c7ea380a6ac129e481de27f6c045606b3c25b","ssdeep":"","tlshash":"c621d852ca0531f88b54a8ba96aa25047c02f396cdd3ae28204fe9f12ba986155c14f1","first_seen":"2023-11-30T09:33:11Z","last_seen":"2026-02-12T11:33:20.957701Z","times_seen":19,"resource_available":false,"data":null}},"time_used":572,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":572,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/api/guest/serverInfo","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.190Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"POST /api/guest/serverInfo HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 10\r\nOrigin: https://vzwpxr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":10,"data":"appType=PC"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:45 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=I8xYTdGKc8Yf75PPQo74gqDBRBLnMls2aFHDs0%2BWRrgnkCoEKjWkclONyz%2Bw4oNnuQ9UYyreweOi1G9TF89I1b2Cx3acd5%2B%2Fy6M%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9ccbc4665fdf75c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":171,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"eb23f1bf0d161f8d0ef4171a2d7b27e6","sha1":"d46245bef0e5ff3008328c1d0c19d717a04f4a88","sha256":"c0e07a05bc50cb3888eafdb2e65beb525ca9e59eb6d268894fa6be54fbaf4830","sha512":"fb2b36be7293a86fb26a1985402988b388f1d3ac50f1e97ed686e94cb4bb9ebeb74264c330b52ad0c57586e1d62c22ef5db6756e6d878e484ee7ca83661d2452","ssdeep":"","tlshash":"8bc080939c6577891e4f81c8104d7515e27d919754cdd49dcd4ddf5140791bab00852c","first_seen":"2026-02-12T11:33:20.960607Z","last_seen":"2026-02-12T11:33:20.960607Z","times_seen":1,"resource_available":false,"data":null}},"time_used":566,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":566,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/api/guest/fetchImgs","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.194Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"POST /api/guest/fetchImgs HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 146\r\nOrigin: https://vzwpxr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":146,"data":"imgCodes=yhPCPendantTopLeft%2CyhPCPendantTopRight%2CyhPCPendantLeft%2CyhPCPendantRight%2CyhPCPendantBottomLeft%2CyhPCPendantBottomRight\u0026appType=PC"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:45 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=v2SguVaoIUaWMuwy4PX0%2F66Aw0hztiHqGfZSURUE8A%2BD%2FlrMEdBuaBRJ2Lg3EtMCykdnX8lqpk2D4moN4%2BDhzR7gOXpAdZBDCI4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9ccbc4665ff575c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4076,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"1978edf313bad5381a6f5886ca52939a","sha1":"997516908a4927b4876823c136536faa6b0b59e2","sha256":"54f064330e55f52962ca839ba6d23cbcbc0c98742cf2a5eba6ed823f546f7e5c","sha512":"51f950db8b26fb6d2106d9a7ad00597ec5629404b4e2223dacfdb1debf9e0801ae0b4f29f219fe06234e25719ee240cda3e9009b95c8a13f429356b71433b609","ssdeep":"","tlshash":"ce819b970954a9bd1ee4b2c3048b9168e19d51bfd4eac86acdcbde4c48f49fd051f08e","first_seen":"2026-02-12T11:33:20.975476Z","last_seen":"2026-02-12T11:33:20.975476Z","times_seen":1,"resource_available":false,"data":null}},"time_used":663,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":663,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com//upload/1603700069170718.jpg","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.985Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET //upload/1603700069170718.jpg HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 16836\r\nlast-modified: Mon, 26 Oct 2020 08:14:29 GMT\r\netag: \"5f968565-41c4\"\r\nexpires: Thu, 12 Feb 2026 14:32:46 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16836,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 210x120, components 3","md5":"d3df7ee1f536cc59d9856bcfc0309e6a","sha1":"099c334568679ea1cba4aa67d1c1c9d9d1fa6981","sha256":"f12e78393b07dce98a68d952810265aec342e49d8d1d5662e28281e1704bd4e4","sha512":"0bfedb026cda8ebb8108f8ba1a959c1b1431c709b39084af15212730609482b9151bda421538f165caeafb7fd0f64b86429e9b77fcadd671bca31dec91bc80bf","ssdeep":"384:E3zZOZGooQFbcy34JBKOAmJB4bLMOYjGZOKKz4hTR+2l/L/JWJF:Ej6hoscFJ7AMBiLIxTE8W7ET","tlshash":"d372d09d3d547e3a23b01934cec3d5e17e416b0318fb1aaab221122515eedeb5cf2248","first_seen":"2025-03-04T12:50:40.382696Z","last_seen":"2026-02-12T11:33:20.980078Z","times_seen":13,"resource_available":false,"data":null}},"time_used":1403,"timings":{"blocked":512,"dns":0,"connect":0,"send":0,"wait":720,"receive":171,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com/upload/1694768194389246.png","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:46.030Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET /upload/1694768194389246.png HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 701527\r\nlast-modified: Fri, 15 Sep 2023 08:56:34 GMT\r\netag: \"65041c42-ab457\"\r\nexpires: Thu, 12 Feb 2026 14:32:46 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":701527,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 418, 8-bit/color RGBA, non-interlaced","md5":"46f908c2cd96cb5e02bf9087758ab08c","sha1":"e6332ce991ef77a3d69861fd471fe57270d360bd","sha256":"27ac8ed3d327814484edd4ff9cb0a3691576241b75f85ed650471de45789f121","sha512":"89f7432e381ebacb33be18df8d4a309c01bc514a478a61bc585fe89992c0bb0427437e2f85411f16945b1ac34476e11c6c25457f87add1d935dccf3537821717","ssdeep":"12288:hSsFw5XCoBn6fpBv5XpQ7wsF3LENHgEDLjwtFIV/mwPyTnBSVLpwGad26bVRZ1:h/Fw5XColuzv5iYTPjwtFk/mwPyjUVtU","tlshash":"5ee4233fdfa546b7e26d3ab629dc791675d0904018644cbbbc207c78f8e83ccb986496","first_seen":"2025-03-04T14:14:44.775166Z","last_seen":"2026-02-12T11:33:20.9853Z","times_seen":12,"resource_available":false,"data":null}},"time_used":2516,"timings":{"blocked":468,"dns":0,"connect":0,"send":0,"wait":721,"receive":1327,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/api/game/guest/gamePlatform","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:46.356Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"POST /api/game/guest/gamePlatform HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 42\r\nOrigin: https://vzwpxr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1; 9170FloatModalTime=1770895965705; 9170PendantModalTime=1770895965963\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":42,"data":"gameType=1\u0026pageNo=1\u0026pageSize=50\u0026appType=PC"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6c9yvJ6cnj6Q68EuPCyRaz4fpCt7Je7GlVnzMFA43aI31u6p%2BmNTJ17XZ1KGdHzitmSaMfC7RQfwuXdqrpKyhYgUKXQLelRatAY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9ccbc46db81275c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10640,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"d1ae2b8b49a18ae5e3e9b1cafad56c56","sha1":"ca468a7d49ac98aba5f91b2cfb284a054ef7ed9b","sha256":"e88734c6edf5f8b0b9a604620b622e56068292f76f8fd1d592406d0214c1281e","sha512":"93ad9f1bbe92780fd183775cc01c0039114a94f2153d5d8c99ee596a44036fa2104d08d3180bcd79d5698f8c99eaa1662ed99848265587cfab91e4f2d1f64e85","ssdeep":"192:HAiwhOIfmvM/FB/WCjCbHb4aFK8nRJ+1Nc2rNAIXtJw4JwghqODZ2:+eEtjUnG17NA4HSf","tlshash":"f222f00b0e53992acd67f5ff7bcf485895fd2aa3568ac24cccc88d7184f9654160e12a","first_seen":"2026-02-12T11:33:20.987692Z","last_seen":"2026-02-12T11:33:20.987692Z","times_seen":1,"resource_available":false,"data":null}},"time_used":294,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":294,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com//gamelist/PCLASSICG/1726032606896.jpg","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:47.015Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET //gamelist/PCLASSICG/1726032606896.jpg HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:47 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 87381\r\nlast-modified: Wed, 11 Sep 2024 05:30:02 GMT\r\netag: \"66e12ada-15555\"\r\nexpires: Thu, 12 Feb 2026 14:32:47 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":87381,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x500, components 3","md5":"a7437d582d355cd43dde324d9a969e71","sha1":"e56da6af253670f160e6ab68a43ff638e6074289","sha256":"14fe9ac16355ea99bdcd022f28262aa446aa15a019ca2096f3e8554b54c21d5d","sha512":"8eddf24de2476f5452adf441b8ba8671cf6f4fc428eb39d89e2215a7121fe62ba47638c7bc3074b49ab8fe4f0622ef8aceeb23831a625aa11c2ad06b7cd74289","ssdeep":"1536:4qg2MDOhDDXWnJ/cOzZc57Y9FWrQfxSQzxhuPu8/zHPaU/jlu7/TrGxWQ/0R0:4qgVGDDXWBHulChfHbuPu8bjE/T8h","tlshash":"4a831251b0ac8086e8305d7d2aecac47f747dbfc046c5db3444943786867daa7e07369","first_seen":"2025-03-04T14:14:44.760677Z","last_seen":"2026-02-12T11:33:20.991039Z","times_seen":12,"resource_available":false,"data":null}},"time_used":1250,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":391,"receive":859,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com//gamelist/PCLASSICG/1736401993687.jpg","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:47.045Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET //gamelist/PCLASSICG/1736401993687.jpg HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:47 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 258522\r\nlast-modified: Thu, 09 Jan 2025 05:53:05 GMT\r\netag: \"677f6441-3f1da\"\r\nexpires: Thu, 12 Feb 2026 14:32:47 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":258522,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3","md5":"35297d4dd6761db704f891d110a54b29","sha1":"a5d88991a4d69020315240d8595acd675fd3209e","sha256":"e46e8a379fc5b7705337e019caf57e3b90a4d5cb0b239eccb2c3cec20c345e93","sha512":"2032c808e3cbe37ffa0880a7fd38149781655a08603168557d6bdded6e3487a609225ffad5d2b191b2f80e3c03768f0a739be052d571291903621e03dd17d5ce","ssdeep":"6144:OXaZ2t73+qcg6NUAEorIFbCZ2XGLXlYKX1ZQQ:O+AOBg6NUAEPbCZ2X3KXHN","tlshash":"f24423d1493ca80b7ee4ed363403fcf299d9d21903398e9a75cc4b096da1f75899dae0","first_seen":"2025-03-04T12:50:40.411684Z","last_seen":"2026-02-12T11:33:20.994438Z","times_seen":13,"resource_available":false,"data":null}},"time_used":1069,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":541,"receive":528,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/api/guest/pushInfoList","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.186Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"POST /api/guest/pushInfoList HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 22\r\nOrigin: https://vzwpxr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":22,"data":"frontType=2\u0026appType=PC"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:45 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=smuK6ppI6ax7OzgOvlsxXnVfYIGrqO5RI2RZsLeY%2Fi6xzmFxE6ig2oGRzgTMALIinBIkDnUCIeF5%2BfAQABlItcVtMtsB9FHTuv0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9ccbc4664fce75c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1483,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"0083b3b67fd5da749a129522dffb027c","sha1":"6bfaeab440ca9a5457a2a2b2306ab7ea555805f6","sha256":"f901aa61652551d3150ac0d547b993391526f89351dfb44562f67647095e3aba","sha512":"50a14caa56bfc5dde69f9bd8a2ec9a2f59335b363c6c6401821c312b9edcda7394c0f657bffda79246e90556d947de1195a636826fd233c60dfc5ba9cc8003b9","ssdeep":"","tlshash":"583162660859f76dd710244b324a7e5eff2832d79ae1cf54a9990f1815a87810317a43","first_seen":"2026-02-12T11:33:20.753678Z","last_seen":"2026-02-12T11:33:20.753678Z","times_seen":1,"resource_available":false,"data":null}},"time_used":568,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":568,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/api/guest/fetchImg","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.188Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"POST /api/guest/fetchImg HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 33\r\nOrigin: https://vzwpxr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":33,"data":"imgCode=yhPCHomeBanner\u0026appType=PC"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:45 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DecHpk11q11N0qyt%2F9FoVGrEmfDbHYjhlf4D18KIgCYdwPe1zsv6y9IdILpdPkekOE%2FK218pkt8Bu%2F8JRuw7EpxVsBv0KHwYhgc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9ccbc4665fdc75c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2921,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"88b18665e6b803ba06cdfaa95c8b3e04","sha1":"ce52a7c7edc9c663d19f721d3052b3a22dcf97e7","sha256":"32c0ecd74df96be8fcba20bd0cc2c06135641fef1367f7d0545560664ee15082","sha512":"cd5cd11a5c0ed4fef7b8d1fefc1ded11d90e68e4f6545762b612fa85d78104a579e2ec5d239feeb6b74f7a5e24a9f4a2b3372e709a3f645aa89450f2e3e79480","ssdeep":"","tlshash":"4f51bb964624ac3e1eb472c6058792d8d5e621abc4ebc98ecccbcd4c4cf58bd1b5f04a","first_seen":"2026-02-12T11:33:20.997697Z","last_seen":"2026-02-12T11:33:20.997697Z","times_seen":1,"resource_available":false,"data":null}},"time_used":624,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":624,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/static/img/login.4f39a3f.png","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.216Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"GET /static/img/login.4f39a3f.png HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/static/css/build43.1d3258981b762738ff7941d910b3f7b9.css\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 19303\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 18 Nov 2025 06:23:55 GMT\r\netag: \"691c10fb-4b67\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=S6RLI2Gora11V3Vbeu2SLvyKqI1r%2BfxyoVyRKgHBJkUR0rnLRSW0I6wKOd094mo%2Bjf1k2g17O6XVSe6OD6RZU1kfgqlejqElth4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ccbc46688af75c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19303,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 274 x 104, 8-bit/color RGBA, interlaced","md5":"4f39a3fa69d660e60e804be511c06226","sha1":"c8f7b376788cc7f9a6602589f867577e6a01cad6","sha256":"59d647e6b9fdd07c5525b0b291b1bddef4f05cbc3b65f96cc669c6be99da5071","sha512":"d4b32f5bcc077c1388d5a7a518fdfa29e6b701e3830f2b5dbf29e6b66726704194bc6e8e13b25f239e94190b7dc0a677d03bce9ba1005aea0cacee5d9627851b","ssdeep":"384:sIOZjerC++TL6Khz6UafZfrpCFB9Oqk3Y22JmgiaSGYXg9lnkFE:g1eO+06Khz6UaBTpCF8YjmasQvIE","tlshash":"8c82df947138697c5ac4a6e86f178af978e4739f02c9d187e8b291cf32813e90c7172d","first_seen":"2025-03-04T12:50:40.381858Z","last_seen":"2026-02-12T11:33:20.999695Z","times_seen":13,"resource_available":false,"data":null}},"time_used":276,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":275,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/static/img/regiter-bg.557afd1.png","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.218Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"GET /static/img/regiter-bg.557afd1.png HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/static/css/build43.1d3258981b762738ff7941d910b3f7b9.css\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 24080\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 18 Nov 2025 06:23:55 GMT\r\netag: \"691c10fb-5e10\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4D2o09dZCw5Pp0CpWHBq97VKjcM4%2BQkArxud3G7j4Y8bdZNmRYn2nhw44w5azIyMdBIwtVnuSDzpgTLWioRZ0rwEHZwSzByp24E%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ccbc46688b575c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":24080,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 274 x 104, 8-bit/color RGBA, interlaced","md5":"557afd19810ba39ff07fb7d1b1a4944b","sha1":"6cd985cdd1083b175fa7e7c2f8580be059e54edc","sha256":"19e0212d867de4929ebb929952229022b04ecc4131f3bdec7fc34b51c8756783","sha512":"855e33e6b0035f6464da82760c94358ee5897871df68cfd83c31107f2a425e23499d0bb8737832a44ce3e9720cda72ad4109e6ab6aa426a0b64b00ce62b50e6a","ssdeep":"384:sUENxFWR1LfeR0ngLpd+Ys1cdHsOybLW2Er5S+Zpg9ut/iMnxP582taC:5RGC2+Ys1+gbar9q9ut/XnxPZz","tlshash":"2cb2d1a772f545c2d43a0a23c84d12c04fc44e5e507e99755480f7d3ebca5a7abab2ce","first_seen":"2025-03-04T12:50:40.384085Z","last_seen":"2026-02-12T11:33:21.002635Z","times_seen":13,"resource_available":false,"data":null}},"time_used":816,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":551,"receive":265,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com/upload/1769491725835671.png","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:46.243Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET /upload/1769491725835671.png HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 34874\r\nlast-modified: Tue, 27 Jan 2026 05:28:45 GMT\r\netag: \"69784d0d-883a\"\r\nexpires: Thu, 12 Feb 2026 14:32:46 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":34874,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 134, 8-bit/color RGBA, non-interlaced","md5":"d59bd59df44ab484a160ee6c737d62f4","sha1":"e4d39f9de5f76e84b24248e8d796ce0b10f88973","sha256":"5e11550a5926105937b4cf1498f916b672255b44da18e5c5faef6cf0070f2362","sha512":"4a1dcd966ef900f638da282e385f7318973e3d873022859c4f8fdfccd27c1fadd1cfbac8384bda596d8acecf25ce79a8bffc6a1e1af11dade0da3dfcc353813c","ssdeep":"768:ue87uWc95Xzlitp6RF8Bni05/ouIC96xp:HfWc9JJo4F8Bi05xQxp","tlshash":"baf2f28e33908c0e1bfef85e33e2463061523a098a65f5d777c9c9ee5458660db68c5f","first_seen":"2026-02-12T11:33:21.00429Z","last_seen":"2026-02-12T11:33:21.00429Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1868,"timings":{"blocked":257,"dns":0,"connect":0,"send":0,"wait":721,"receive":890,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com/////image/1599612656836355.png","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:46.692Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET /////image/1599612656836355.png HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 6623\r\nlast-modified: Wed, 09 Sep 2020 00:50:56 GMT\r\netag: \"5f5826f0-19df\"\r\nexpires: Thu, 12 Feb 2026 14:32:46 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6623,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 158 x 108, 8-bit/color RGBA, non-interlaced","md5":"64b5859c3c66ec260ad145a51da804c6","sha1":"a46066f5d46c4c7a11c93cdba1379452da7ce8d1","sha256":"cabf6b600f9d2d8127cd3a814bd99f3b9d1e94ddd973e9a6dfdff1905d879b61","sha512":"0189c94949b0d11f9f16bfe040c1acf2ee53a88fc22ebb7eef3d206eae6f765a0febf9cbf8759234f08691708c32a315ec0af9ad45628db96f04c0fca4e54f71","ssdeep":"192:oQlLPTVTW7+eYfimO2WczC/5jjhrALu8PaBpRHS4vvg:plLPTt3C/9NspPDl","tlshash":"9bd17d4ff4ebaa012a755e91e1a54aba1bc98090dc44f350b9c8ddaf18f60d5901f2f5","first_seen":"2025-03-04T12:50:40.372402Z","last_seen":"2026-02-12T11:33:21.005446Z","times_seen":13,"resource_available":false,"data":null}},"time_used":905,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":702,"receive":203,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/api/game/guest/allGame","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.175Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"POST /api/game/guest/allGame HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 67\r\nOrigin: https://vzwpxr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":67,"data":"platformCode=KY\u0026gameType=6\u0026keyword=\u0026pageNo=1\u0026pageSize=12\u0026appType=PC"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:45 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jKwPqn%2F3rZm9ywVl%2FQXBgGrh30SfjCnSLqd8xB9IYHoqYVMYSHY55XadYPXBzsDt1gJatvwxrvgHBvknfLj%2FZw3%2FuiMQX2z%2FoRA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9ccbc4664f9d75c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4624,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"9da4a86691f38884cf871ff777d5881f","sha1":"675476fb7195b381dccc5428eb09792a14a35e9c","sha256":"806fddac1d4f184d79462f029c9368dc0c372c5c8e551d74a6d0781859e5d1c4","sha512":"4c81b679dffd189a6b57a5ce3e4faf67bb193fc3876ba6d9cb4a103c1eae7e6eebab0590abea4c2e42d29918f2df6e643ecd04712a9263d4c1642a44478a2f85","ssdeep":"96:HmQvdOhWWSr8jsPUXjVcAgWRRy/BRB+zGVpF6jEKvA2iGlBTbglVa21hlq7P4:HmQvdOhWWSQjsP0jVcAgWRRy/BRB+zGl","tlshash":"1c918d1e03756c9dc76142ca88cb7e9975f8106b9fc9f14ed8c9cee098b55926339233","first_seen":"2026-02-12T11:33:21.006624Z","last_seen":"2026-02-12T11:33:21.006624Z","times_seen":1,"resource_available":false,"data":null}},"time_used":576,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":576,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/api/init","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.200Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"POST /api/init HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 10\r\nOrigin: https://vzwpxr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":10,"data":"appType=PC"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:45 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WL9eH%2Fji344UOirG%2F6a0fXAJdiYxlp2EMym7WQeO61RfqFgqCPlwojOEYCqDn%2BiQmWwhdkNEWmx9U4uL1EL9G1sL94nAsgDuY3E%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9ccbc466580975c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2690,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"24de2b6f4951b804c09bbaa27810cbf4","sha1":"8d685eda5812af14e57b99c18c09459d9be4cda6","sha256":"8942fddbe48b9cb520a43e9f96fc276d9957e3f9ac24dbd9d4e67986298c55d5","sha512":"9efed2393c058c7ea34bf882d6c0d7771e374eb688d3f642a596ba96c7204dcd7740e2eaa8d9b3a9efb6ee91eefcb25d0bc032c5667a62f11674e6c77fd996af","ssdeep":"","tlshash":"7c516372212b58b20683e6c913cca908d46d5b37c9e9d8a6dc59af1840e66fbf51814c","first_seen":"2026-02-12T11:33:21.007968Z","last_seen":"2026-02-12T11:33:21.007968Z","times_seen":1,"resource_available":false,"data":null}},"time_used":809,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":809,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vzwpxr.com/api/guest/liveSocket/info?t=1770895965230","fqdn":"vzwpxr.com","domain":"vzwpxr.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.234Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzwpxr.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sat, 17 Jan 2026 22:06:32 GMT","end":"Fri, 17 Apr 2026 20:05:26 GMT"},"fingerprint":{"sha1":"8E:BC:55:CE:FD:F4:C0:B5:79:97:3B:D2:47:89:BB:14:A7:D7:D0:B8","sha256":"53:2D:71:C4:23:E6:08:37:06:4B:C9:E5:FA:7C:8C:39:2F:D1:E6:B6:7E:48:A9:60:61:A0:AD:2C:59:B8:18:19"}}},"request":{"raw":"GET /api/guest/liveSocket/info?t=1770895965230 HTTP/1.1\r\nHost: vzwpxr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nCookie: _pk_id.3.8218=62dc7285af906460.1770895964.; _pk_ses.3.8218=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 12 Feb 2026 11:32:45 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\ncache-control: no-store, no-cache, must-revalidate, max-age=0\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KCKAq8X%2B5mVfaphPvQzHT9zC3CuNSv%2BumHN16aQJ4rISCVme8jg1%2BXe1FRmDg%2FTOSTdsWk%2Bv%2FAuR6a6jLJP8Tnf%2FWxhgpoVrlrk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9ccbc466b94b75c3-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":78,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"c24cdbd91281ff4ffb1b32bc6ff4bff6","sha1":"8643b21e69e378d1e0036607038e30b064a59fb7","sha256":"cfad5a52e7a6e3242f40c0e130a85760b44e0fb0b684666c668bd367d301ddc5","sha512":"98a2df9eaf24ec4eece29f27c2465ba5426500bd281e63a986dc9a649905200608b1369f694d003f009a9c822168a1fd294af0d975008e4ad3a59f6054642006","ssdeep":"","tlshash":"5da0121a847c202484886b1102001d0a541814f70100b0e551182a2412920110010247","first_seen":"2026-02-12T11:33:21.00902Z","last_seen":"2026-02-12T11:33:21.00902Z","times_seen":1,"resource_available":false,"data":null}},"time_used":583,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":583,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-12","alert":"Sinkholed","trigger":"vzwpxr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com/upload/1615883318076477.png","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.917Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET /upload/1615883318076477.png HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 197269\r\nlast-modified: Tue, 16 Mar 2021 08:28:38 GMT\r\netag: \"60506c36-30295\"\r\nexpires: Thu, 12 Feb 2026 14:32:46 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":197269,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 700, 8-bit/color RGBA, non-interlaced","md5":"8e25eb985b6d071ae47aa96ce5121f89","sha1":"e553294ec6d0653971492f6ee6926ae0eb51c75a","sha256":"89d4e43bc73a6efdabe6dc9cb422aa23334abbf984ec9242ac8b716715a39704","sha512":"d65ad00c3d3cdb0b48d4bc4aaa8722bc328a5c4c07840fda2dfd21905dbf6b12f7a978e61eab9e24b27df162f8e9a5ede06a203e65c09ae4f83488a7f95cd576","ssdeep":"3072:oPczAc1MtPrpNNdqKU/p0JmDn8hiMJV/atZ/d29egZ+L8nS+nj07CtctH0hthMtI:o/c1MtPrTvq/pQ6nVn/dNL8+0KH5KB","tlshash":"891412b1f23ca80a901dda5d08664e11fe4af12f2a3c9e6d5f74d581b27825f0c9fb85","first_seen":"2025-03-04T12:50:40.376203Z","last_seen":"2026-02-12T11:33:21.010679Z","times_seen":13,"resource_available":false,"data":null}},"time_used":2669,"timings":{"blocked":598,"dns":209,"connect":181,"send":0,"wait":710,"receive":762,"ssl":202},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.shxaot.com/upload/1615883331888548.png","fqdn":"static.shxaot.com","domain":"shxaot.com","tld":"com"},"ip":{"addr":"182.16.49.91","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vzwpxr.com/","date":"2026-02-12T11:32:45.919Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.shxaot.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 03:18:51 GMT","end":"Mon, 20 Apr 2026 03:18:50 GMT"},"fingerprint":{"sha1":"12:6E:B4:66:29:0E:D8:88:14:58:BB:CB:73:5D:F8:D7:C3:94:2D:66","sha256":"3F:A9:27:45:91:62:20:9E:F1:DE:B4:2B:90:7A:16:1A:01:EF:F1:CB:0C:11:EC:8A:49:52:B9:F1:81:97:FE:3D"}}},"request":{"raw":"GET /upload/1615883331888548.png HTTP/1.1\r\nHost: static.shxaot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzwpxr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Thu, 12 Feb 2026 11:32:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 235756\r\nlast-modified: Tue, 16 Mar 2021 08:28:52 GMT\r\netag: \"60506c44-398ec\"\r\nexpires: Thu, 12 Feb 2026 14:32:46 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":235756,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 700, 8-bit/color RGBA, non-interlaced","md5":"e5e737b793da2406c40cf73de71c9601","sha1":"585d7a44f60bce3565d1fb422515a63e0115e3cb","sha256":"66ff989eed0da4545a1106e81be663b3bbcfd9c9c7e54f8ef34239012f6e05a3","sha512":"2b29f6e3dfa16c98e836ecedc6943a874def47dc15e86aab544ad86576329e57ddad07b53594bb5ad95a4fbd5aef9bae46b99726ca484d7c1a3c4e1e3c961222","ssdeep":"3072:zRxqFkhPYkM9rd558F0mVyHoOcHdRoktzcAf8EHURN00G96Ubd+JIdx9TvnX0:dxqFkhWrV8u2yHoO4dxzT8/G4eRL9DX0","tlshash":"e33423dd82bd972fd3acdba5368640681784eb978f54362a60b6e03c4918260fd73736","first_seen":"2025-03-04T12:50:40.386261Z","last_seen":"2026-02-12T11:33:21.013118Z","times_seen":13,"resource_available":false,"data":null}},"time_used":2634,"timings":{"blocked":596,"dns":153,"connect":180,"send":0,"wait":710,"receive":785,"ssl":200},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}