{"report_id":"7c7b626d-71c4-407c-939a-934314d3fc15","version":6,"status":"done","tags":[],"date":"2026-04-02T15:01:34Z","url":{"schema":"http","addr":"33007u.com/","fqdn":"33007u.com","domain":"33007u.com","tld":"com"},"ip":{"addr":"172.67.218.250","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"33007u.com/","fqdn":"33007u.com","domain":"33007u.com","tld":"com"},"title":"33007u.com/","dom":{"size":8656,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (551)","md5":"dbeb8094dad8c366fe1141d289f2f715","sha1":"ab0ddd0e8400174eb605f377371a7a3b6e4dd022","sha256":"922cdec5d72c03a7d7a50ee7ddfbe2f7398e87def91730fee2d4bc8bddf78491","sha512":"8b411a1322d22eb9b2fa9a6adaef19086c41a4731013a932fdd6f466deea2f334a757811e0939f03666685f96104759ebdf0acd3a2ac25c3f1f34bcd532347bd","ssdeep":"192:9+jlCydshtRWOdMRWOdHRWOd/REpRPmiuTm6SImWAb/8MVr9wtQN/X+:oj8t6JbgRuiuS6SnWAbHotQN/X+","tlshash":"120285b2a141643b703bf6c072725b5c20ae900fdb630988e7b862bde7decf65719654","dom_hash":"domhash4555aa41f55d8cf5961b5c4632d08759","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"33007u.com/","fqdn":"33007u.com","domain":"33007u.com","tld":"com"},"ip":{"addr":"172.67.218.250","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-07T15:01:34Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-02","alert":"Phishing Block","trigger":"33007u.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"33007u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"33007u.com","ip":{"addr":"172.67.218.250","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-07-22","domain_rank":0,"first_seen":"2026-04-02T15:01:35.303268Z","last_seen":"2026-04-02T15:01:35.303268Z","alert_count":34,"request_count":17,"received_data":678151,"sent_data":7473,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.193.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-03-29T22:35:00.993215Z","alert_count":0,"request_count":2,"received_data":174584,"sent_data":883,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"33007u.com/","fqdn":"33007u.com","domain":"33007u.com","tld":"com"},"ip":{"addr":"172.67.218.250","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"fe93b50edc4a34d5ab6b20c1fd7d5707","sha1":"5a516ac4334a04f9b648d7911f80f60e7214367d","sha256":"94d12a2a7c250ce1e8e496b5503fb7abc45a85189b97a432b565f7f4d80d21a7","sha512":"e056f739eeb1ed7d297c7e843d4b2d0fd0f5f0e58e12900a7b08bea21c95d565b06886e907db34df407a150bf37bf6d559768fee080cd542fc75c6e881733081","ssdeep":"","tlshash":"9bc022c320122890f486ad00938a818ed3320a41d0a7244899a3006da7ff0b13904c00","size":184,"data":"","first_seen":"2026-03-31T06:57:29.713151Z","last_seen":"2026-04-09T14:52:23.282204Z","times_seen":47,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/swiper@11/swiper-bundle.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.193.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6cf353c3b8738cded0ecaf2100e7da1e","sha1":"9fbbee8565587f0a3a897a84045d7a216efa3a64","sha256":"985f1224c0eeec99d367a9db35e58e44b21e7eb9ce45831b15b4c108e41fd97f","sha512":"b9d13adaf4af1e21d923ac1ab3e69f8bdd755c9b984c4018c660470c7b7dd079f100c72f7b8215f64cdbe632990cc416e88542b4f170194610b5e685b4678da5","ssdeep":"1536:iKJqLfGmNQ2X8NFb4uvEOUjF3j7MtOBlxvHlik3+AkNk7yGCdmFiBnyOlV/TDQr/:nJebsNy1ikuGeBnR/TDQ9chHdN+ui","tlshash":"dbe3e789a221b67646e3169b93e4c211b3b50544b80ac4e470fd4c9f597ec9c13feefa","size":154597,"data":"","first_seen":"2025-06-28T19:00:56.686116Z","last_seen":"2026-04-09T23:11:28.958185Z","times_seen":15139,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"33007u.com/bface/natsu/k8logo.png","fqdn":"33007u.com","domain":"33007u.com","tld":"com"},"ip":{"addr":"172.67.218.250","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://33007u.com/","date":"2026-04-02T15:01:12.878Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"33007u.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 19:48:44 GMT","end":"Tue, 05 May 2026 20:47:17 GMT"},"fingerprint":{"sha1":"39:3E:54:FB:93:41:1F:2F:0D:1F:1A:CA:AB:F8:8D:69:AF:B7:DB:B3","sha256":"97:78:9E:34:D9:DD:60:A7:22:9F:22:15:47:11:95:01:59:C5:49:DC:1F:31:4D:58:EE:29:8F:79:55:32:65:55"}}},"request":{"raw":"GET /bface/natsu/k8logo.png HTTP/1.1\r\nHost: 33007u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://33007u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 02 Apr 2026 15:01:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 14571\r\npriority: u=4,i=?0\r\netag: \"38eb-wYOilQhebLv0IBwQQYlz1GzZ5C0\"\r\nlast-modified: Thu, 05 Mar 2026 03:21:20 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eXYHEMMpG8P2wwYA6mE38jRIHaPwm6CD1IW5v3IRuJACsJveE9gR228b6%2FVcqs4wy2xrvgz78HhzWonY0I%2FZgKr%2BzmQ2NJxLMjM0y8O5h45SOSZr33o8s7JY%2FNeD\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e60b5236d7056ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14571,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 390 x 150, 8-bit colormap, non-interlaced","md5":"777f13242c03bbcc4f8e257e0b81dfcd","sha1":"c183a295085e6cbbf4201c10418973d46cd9e42d","sha256":"ec168db0db0431999d1cc9f8c22c158427ec70bb7209e1b28918010116218108","sha512":"4fb115af4c8c7d080b6f7c53805759f235b3a222773d4bd06dfc1e24ca0baa71d80187bd1744a944978c57a0bf7d75e2d13f7ea8cca5a6e01d6124392f6fa153","ssdeep":"384:gn1QFvBXWwW7WKDsaR/l8h7f0bIzibifVXhjmVWhd:sSZXO7WXyG1wIziidXhCEd","tlshash":"7562d1714a75199f3c2e4876fb7e7235456c5f4a0e389049204fb93a1dbb2cfe683a50","first_seen":"2024-10-17T22:04:34.73417Z","last_seen":"2026-04-09T14:52:23.251543Z","times_seen":56,"resource_available":false,"data":null}},"time_used":863,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":593,"receive":270,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-02","alert":"Phishing Block","trigger":"33007u.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"33007u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"33007u.com/bface/natsu/cm2.png","fqdn":"33007u.com","domain":"33007u.com","tld":"com"},"ip":{"addr":"172.67.218.250","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://33007u.com/","date":"2026-04-02T15:01:12.879Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"33007u.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 19:48:44 GMT","end":"Tue, 05 May 2026 20:47:17 GMT"},"fingerprint":{"sha1":"39:3E:54:FB:93:41:1F:2F:0D:1F:1A:CA:AB:F8:8D:69:AF:B7:DB:B3","sha256":"97:78:9E:34:D9:DD:60:A7:22:9F:22:15:47:11:95:01:59:C5:49:DC:1F:31:4D:58:EE:29:8F:79:55:32:65:55"}}},"request":{"raw":"GET /bface/natsu/cm2.png HTTP/1.1\r\nHost: 33007u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://33007u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 02 Apr 2026 15:01:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 10961\r\npriority: u=4,i=?0\r\netag: \"2ad1-UEn1Kz4FHbLO1U7fJvwdpzQFM+g\"\r\nlast-modified: Thu, 05 Mar 2026 03:21:20 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=I9mva0KbFZQVUZRpLx%2BVfkSDkriWBnfxtXNfDzKmqvPrL5%2FfHTMzq2Yfsdzoy%2B6ZRM987Zyp0lvwDwwtziii8knTu0hIk9rztlfF0mH4X0VCVA95yWaVkEnCTaxc\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e60b5236d7156ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10961,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit colormap, non-interlaced","md5":"57e0859bee21791124d837412d60010f","sha1":"5049f52b3e051db2ced54edf26fc1da7340533e8","sha256":"c80995f9b9c7166c8301d8201a0e461c0a7a5473576b9f839248fe8fff8e3ed4","sha512":"cf1c3dade7a09f22daef15c8928bc146a0964df830e2cac97124ad99900f3d106f342db6526828be11825082b0fd1e4e774a3c4d43275e17e19f0dfcacef453b","ssdeep":"192:YMYJMsTeGIENYo6+3dwVuKc/kUgCzWcPbuGbN4QAv0G2dXgAAY5ErDEtLFdN/xnX:YhlgENYoPdSc/JdacPbuGB4Q5G0XgnY9","tlshash":"7a32afe1020b3423952a9fae45d018fa28941e97b8a801760c777111debffeb0c65e06","first_seen":"2026-03-25T07:56:58.868161Z","last_seen":"2026-04-09T14:52:23.253289Z","times_seen":54,"resource_available":false,"data":null}},"time_used":607,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":606,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"33007u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-02","alert":"Phishing Block","trigger":"33007u.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"33007u.com/bface/natsu/cm1.png","fqdn":"33007u.com","domain":"33007u.com","tld":"com"},"ip":{"addr":"172.67.218.250","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://33007u.com/","date":"2026-04-02T15:01:12.881Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"33007u.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 19:48:44 GMT","end":"Tue, 05 May 2026 20:47:17 GMT"},"fingerprint":{"sha1":"39:3E:54:FB:93:41:1F:2F:0D:1F:1A:CA:AB:F8:8D:69:AF:B7:DB:B3","sha256":"97:78:9E:34:D9:DD:60:A7:22:9F:22:15:47:11:95:01:59:C5:49:DC:1F:31:4D:58:EE:29:8F:79:55:32:65:55"}}},"request":{"raw":"GET /bface/natsu/cm1.png HTTP/1.1\r\nHost: 33007u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://33007u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 02 Apr 2026 15:01:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 6043\r\npriority: u=4,i=?0\r\netag: \"179b-/x3puXoh86cLugAQ/Z84sNPItEU\"\r\nlast-modified: Thu, 05 Mar 2026 03:21:20 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sGgQbQQf7W6ho%2BQ3Jsu0iIkZQ2lqTjhavJV2Iim5%2Fhqea%2BXN583yoGJZBrg5VXKgHk3BOMFvyzbzpekWtI4kSNfue6xqk0ttYp5zzOApWB3zGU7SMBtxg7jbBlw7\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e60b5236d7356ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6043,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit colormap, non-interlaced","md5":"51c73cfd08d5a2e7eb63b72f1578460f","sha1":"ff1de9b97a21f3a70bba0010fd9f38b0d3c8b445","sha256":"5d49b6b2f897adededf3f1b68ff06e6cea35c1e80570723e6152e5ef44ca42a5","sha512":"28c3bed6295423165aff65873306a68f5c345b6e23b80a2ac3b6106f88184d85205b96a4572b91b08d9c606c2110c55e78cbb770574a8cdc924c1cbd11b7104f","ssdeep":"96:hA6qzWJuTl0u2s3kuc+Mh4PswEJh5/CVfOywARRamSKrBMo5t672k5Ueg4uwoOUg:h9qz5lLhU4Po/1CRiORwKrq8ofUXtwo8","tlshash":"eac17dd306666d97fee25721104edef4dc0fa347855a5c11ac0f0e99c7a48af48a9c61","first_seen":"2026-03-25T07:56:58.848266Z","last_seen":"2026-04-09T14:52:23.256429Z","times_seen":54,"resource_available":false,"data":null}},"time_used":579,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":578,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"33007u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-02","alert":"Phishing Block","trigger":"33007u.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"33007u.com/bface/natsu/pk1.png","fqdn":"33007u.com","domain":"33007u.com","tld":"com"},"ip":{"addr":"172.67.218.250","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://33007u.com/","date":"2026-04-02T15:01:12.883Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"33007u.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 19:48:44 GMT","end":"Tue, 05 May 2026 20:47:17 GMT"},"fingerprint":{"sha1":"39:3E:54:FB:93:41:1F:2F:0D:1F:1A:CA:AB:F8:8D:69:AF:B7:DB:B3","sha256":"97:78:9E:34:D9:DD:60:A7:22:9F:22:15:47:11:95:01:59:C5:49:DC:1F:31:4D:58:EE:29:8F:79:55:32:65:55"}}},"request":{"raw":"GET /bface/natsu/pk1.png HTTP/1.1\r\nHost: 33007u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://33007u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 02 Apr 2026 15:01:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 7858\r\npriority: u=4,i=?0\r\netag: \"1eb2-UI0sOvakUydtcsTlre+HwflrI/Q\"\r\nlast-modified: Thu, 05 Mar 2026 03:21:20 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ch3ZsQSusQ%2FIabLKg3n3Wxb57KWuwFUy3eeDvBfu5ypMPVEsZcX4F1HHlaGCTbNB%2F%2BJ4Y%2Brgzp%2BkUDNolztIozd4FQibRk4Cn9Noz5EAiCRIOI3FbPkqSncSdPKX\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e60b5236d7656ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7858,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit colormap, non-interlaced","md5":"aad11d5cc35966e0505bcccc2f13b538","sha1":"508d2c3af6a453276d72c4e5adef87c1f96b23f4","sha256":"0fe1fc7063fb8f9bd478dfce815951b2d5290365255bd23d2126b5b8710c413c","sha512":"4e4e9a8848c1d4fd6c83c09e814cee0065f496ce5ed21dde87e5de82a9bd93b64c6ea8263ac40586bfd0deb4a3cdc3c22023e6740fb08a9486bcf5ffe5766d66","ssdeep":"192:MAL4w9aBKxV8VdMNLbpU/4TbKtKs0CR9mW/29fBWHRKMB8L:MALOB2KqLFU/4vrsHRN/29pKM","tlshash":"69f18d4ae8c0792785372445f22f55f70d9045632158861a4afaad1f8dcdfdcea42b8b","first_seen":"2026-03-25T07:56:58.827657Z","last_seen":"2026-04-09T14:52:23.267866Z","times_seen":54,"resource_available":false,"data":null}},"time_used":525,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":525,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"33007u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-02","alert":"Phishing Block","trigger":"33007u.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"33007u.com/","fqdn":"33007u.com","domain":"33007u.com","tld":"com"},"ip":{"addr":"172.67.218.250","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-02T15:01:12.071Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"33007u.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 19:48:44 GMT","end":"Tue, 05 May 2026 20:47:17 GMT"},"fingerprint":{"sha1":"39:3E:54:FB:93:41:1F:2F:0D:1F:1A:CA:AB:F8:8D:69:AF:B7:DB:B3","sha256":"97:78:9E:34:D9:DD:60:A7:22:9F:22:15:47:11:95:01:59:C5:49:DC:1F:31:4D:58:EE:29:8F:79:55:32:65:55"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 33007u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 02 Apr 2026 15:01:12 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\ncache-control: no-cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4%2FQV6qXGxgE%2By7gfIPDsGxZ%2FXWGx8dXjZQiyIU3GhL27A8ftzjKQe2lcUuI7ZHHPHc8KiA7w%2BGDL7b0Zl4pxzhScfF3pQxAqauZJZ5GI1Yat7%2Bz%2Fsf5SeuwUymWM\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9e60b51f0fe15695-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7652,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (440)","md5":"15e370204ce92c783a98dca82175a1b2","sha1":"d6c5a78afb9652632d94084ee7a9ea15253d5aa4","sha256":"703a431127a23fc0f2ffab10029df658fec5f0c7b4c11dd190954a89b6633661","sha512":"4c0278610cc6bff017b746ef411fae5e6372f3be58262904440334e78b1b2eca43fdf09583a6f6f8807e724182fae133e579620fec2706cf5cbfd58d0b7e5f9d","ssdeep":"192:x+jlCydshtRWOdMRWOdHRWOd/REpEmWApmiuJm6Sy/8MVr9wtQNCX+:cj8t6JbgjWAgiuA6SyHotQNCX+","tlshash":"61f143b25141703f703af6c072325b5c709e901fdba30688e7b8a2b9ebcadf65b16554","first_seen":"2026-03-31T06:57:29.701997Z","last_seen":"2026-04-02T15:01:39.966101Z","times_seen":10,"resource_available":true,"data":null}},"time_used":769,"timings":{"blocked":94,"dns":44,"connect":1,"send":0,"wait":581,"receive":0,"ssl":46},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"33007u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-02","alert":"Phishing Block","trigger":"33007u.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"33007u.com/bface/natsu/AGbyt.png","fqdn":"33007u.com","domain":"33007u.com","tld":"com"},"ip":{"addr":"172.67.218.250","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://33007u.com/","date":"2026-04-02T15:01:12.885Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"33007u.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 19:48:44 GMT","end":"Tue, 05 May 2026 20:47:17 GMT"},"fingerprint":{"sha1":"39:3E:54:FB:93:41:1F:2F:0D:1F:1A:CA:AB:F8:8D:69:AF:B7:DB:B3","sha256":"97:78:9E:34:D9:DD:60:A7:22:9F:22:15:47:11:95:01:59:C5:49:DC:1F:31:4D:58:EE:29:8F:79:55:32:65:55"}}},"request":{"raw":"GET /bface/natsu/AGbyt.png HTTP/1.1\r\nHost: 33007u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://33007u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 02 Apr 2026 15:01:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 202123\r\npriority: u=4,i=?0\r\netag: \"3158b-TqvkvrzNwRIuJgpDk4LYKD5mwig\"\r\nlast-modified: Thu, 05 Mar 2026 03:21:19 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hVXhtRYEiv%2BmJegK4UdR0RsRdRl%2Fhy%2B%2B1GBpKKKb4LONVh80qUP%2F%2Fqctf4Z6entJ%2BuQLP9ywvtAwfA49M%2B0UQ9d7rnNrVGsnInKJkTd6O9a2dfMOF6ZJ4BL8DY7d\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e60b5237d7856ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":202123,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1456 x 1192, 8-bit colormap, non-interlaced","md5":"5e56fc0503f43a14ae8571f40c60482b","sha1":"4eabe4bebccdc1122e260a439382d8283e66c228","sha256":"84ad8896fb8033154b38772498557ae592ea687e710073923d856ff61552b4cb","sha512":"3607d8c39752785ee7bc4c20af3e46a52c513d1025238fceeb1ce9b9a8bd8b0010aa000834a6dc0d278654220f74d95970ae2a634d29525ac89e9fa52413cd05","ssdeep":"6144:cMKCraTmmAtEzlYe6wJwcQ4+8M4VTClBMY76u:ckGa+lYepdQ4PtC4Y76u","tlshash":"85141284d36d8b89cc0d57b0afa93b0c9ecc41afee0ee59c469e6390d5c8933d439616","first_seen":"2024-09-19T21:04:58.477325Z","last_seen":"2026-04-09T14:52:23.24271Z","times_seen":144,"resource_available":false,"data":null}},"time_used":1295,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":525,"receive":770,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-02","alert":"Phishing Block","trigger":"33007u.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"33007u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"33007u.com/bface/natsu/bg-pc.webp","fqdn":"33007u.com","domain":"33007u.com","tld":"com"},"ip":{"addr":"172.67.218.250","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://33007u.com/","date":"2026-04-02T15:01:13.057Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"33007u.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 19:48:44 GMT","end":"Tue, 05 May 2026 20:47:17 GMT"},"fingerprint":{"sha1":"39:3E:54:FB:93:41:1F:2F:0D:1F:1A:CA:AB:F8:8D:69:AF:B7:DB:B3","sha256":"97:78:9E:34:D9:DD:60:A7:22:9F:22:15:47:11:95:01:59:C5:49:DC:1F:31:4D:58:EE:29:8F:79:55:32:65:55"}}},"request":{"raw":"GET /bface/natsu/bg-pc.webp HTTP/1.1\r\nHost: 33007u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://33007u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 02 Apr 2026 15:01:13 GMT\r\ncontent-type: image/webp\r\ncontent-length: 26912\r\npriority: u=4,i=?0\r\netag: \"6920-1MSVtgK/Kh4koitCyOqEweEx4JQ\"\r\nlast-modified: Thu, 05 Mar 2026 03:21:20 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=K4LeBtfCVf0C0eLLEWPhRfjN3PwdXZ%2FHEF8bg31gW75JMlaCXPsN0Mdw3fuC%2BwD9W3Dygjg60jVlXIbXKm9IzwB6SAcDU8ePOhVzTLlPDrr237eBGer5XKKFju66\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e60b5249d8956ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26912,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 3840x2038, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"9e4abb6d447f64b91630fec7fd52ae03","sha1":"d4c495b602bf2a1e24a22b42c8ea84c1e131e094","sha256":"3ad906f2d7c8258ba002bb9c545d31e48a159ba4313bab4c428e611e2fc1f375","sha512":"3f6b8da35cb177c92b3042e7e7bc4a438e01b089607462f3a8c2f508975811033cf73e5c38bbf5ef582d60cf8709782d485a2ddc0d94d57b2af2678a9330eac2","ssdeep":"768:JHyoOOtjUQsehgQZ6FPjqbq1HsdBIMvGbw0Ym0+AnAeDMm:1pOdQsKlOP4UMdizbwL5Aet","tlshash":"31c28cf99a484ff8d99cbaf790d95a029acf742d8454b1bf10b1a543cf8d74260ce2d8","first_seen":"2024-07-18T18:09:39Z","last_seen":"2026-04-09T14:52:23.261468Z","times_seen":3013,"resource_available":false,"data":null}},"time_used":840,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":568,"receive":272,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"33007u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-02","alert":"Phishing Block","trigger":"33007u.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"33007u.com/favicon.ico","fqdn":"33007u.com","domain":"33007u.com","tld":"com"},"ip":{"addr":"172.67.218.250","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://33007u.com/","date":"2026-04-02T15:01:14.268Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"33007u.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 19:48:44 GMT","end":"Tue, 05 May 2026 20:47:17 GMT"},"fingerprint":{"sha1":"39:3E:54:FB:93:41:1F:2F:0D:1F:1A:CA:AB:F8:8D:69:AF:B7:DB:B3","sha256":"97:78:9E:34:D9:DD:60:A7:22:9F:22:15:47:11:95:01:59:C5:49:DC:1F:31:4D:58:EE:29:8F:79:55:32:65:55"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 33007u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://33007u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 02 Apr 2026 15:01:14 GMT\r\ncontent-type: image/svg+xml\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lEqu4OGlYOyOJhHW%2BE5bMHn%2Fu3%2BpqfSQ4K0q3mbjjeehmOttDW4wc4U8O3z47ZIEQFyJgpZXmlKthKcLLoPoDQA%2B4VLpnizN77qi6GIdYy5JQcKxAGU%2BIRD5djUV\"}]}\r\npriority: u=6,i=?0\r\ncache-control: public, max-age=604800, immutable\r\ncontent-encoding: br\r\nlast-modified: Thu, 02 Apr 2026 15:01:14 GMT\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e60b52c2dba56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":258,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"add3a4b25d425a957e57d351158e2817","sha1":"337f301cae7de94fa5f7bbab1eeb77f6b00ee98a","sha256":"01470ce8829ad85a318b6bb35bdbb832eb2d2ad69248bafa6fe7ff253b2615cb","sha512":"6f18d8e22175a36d111e2ed4ba199045ba2f441de4fc5a65e59fcb9df46deca8157298c4d1e053c5c8c049c45f8e507a43d553202a3163920336455ab0b276bb","ssdeep":"","tlshash":"3dd07530c0c45608c30ccc02370e7453348da8cbbd848500f6510210d1c18ab1fc631c","first_seen":"2026-04-02T15:01:39.972299Z","last_seen":"2026-04-02T15:01:39.972299Z","times_seen":1,"resource_available":false,"data":null}},"time_used":599,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":599,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-02","alert":"Phishing Block","trigger":"33007u.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"33007u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"33007u.com/bface/natsu/tz1.png","fqdn":"33007u.com","domain":"33007u.com","tld":"com"},"ip":{"addr":"172.67.218.250","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://33007u.com/","date":"2026-04-02T15:01:12.887Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"33007u.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 19:48:44 GMT","end":"Tue, 05 May 2026 20:47:17 GMT"},"fingerprint":{"sha1":"39:3E:54:FB:93:41:1F:2F:0D:1F:1A:CA:AB:F8:8D:69:AF:B7:DB:B3","sha256":"97:78:9E:34:D9:DD:60:A7:22:9F:22:15:47:11:95:01:59:C5:49:DC:1F:31:4D:58:EE:29:8F:79:55:32:65:55"}}},"request":{"raw":"GET /bface/natsu/tz1.png HTTP/1.1\r\nHost: 33007u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://33007u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 02 Apr 2026 15:01:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 6913\r\npriority: u=4,i=?0\r\netag: \"1b01-O2EQP/HhO/eB8WA/e39VDVtGvxw\"\r\nlast-modified: Thu, 05 Mar 2026 03:21:20 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aQzxPdA4t08t2uEIMB4tlmO58rDi%2FZeYEyoQkKKgPbnNndmRde2Z6J7anEMj9lydxevRt7NqAIK4EiN0BzzcdQcrPN57bBnYoQtu%2BcA5WesrVh4K72QLUmiASUsz\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e60b5237d7956ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6913,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit colormap, non-interlaced","md5":"673fa955737b285ff982dfaa0db7470f","sha1":"3b61103ff1e13bf781f1603f7b7f550d5b46bf1c","sha256":"653739e22b2aafc3281cb8978d6f380f623d5c57cb66d5452a778ea74736db44","sha512":"426327c5c4194f6e73eb4165b21e6d85a6cb1cdf4a0d1c238209ed1c9d7342fe7ee9466c691b38a7bb7da4db76e98d6d693ebeb4d769f08b62708ccd7ddf8643","ssdeep":"192:p8UAJCDO9B2mLCCz5w94TaRiWXmllHFJG+skorf1:plYCCvLCc5fTkiWXmlBFJFhG","tlshash":"70e1af5318056ca924940159227209b1bdb79ede07b9cb7e147efd2ffcb8a10981aca5","first_seen":"2026-03-25T07:56:58.84935Z","last_seen":"2026-04-09T14:52:23.237822Z","times_seen":54,"resource_available":false,"data":null}},"time_used":534,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":534,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-02","alert":"Phishing Block","trigger":"33007u.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"33007u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"33007u.com/bface/natsu/Partners-MG.webp","fqdn":"33007u.com","domain":"33007u.com","tld":"com"},"ip":{"addr":"172.67.218.250","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://33007u.com/","date":"2026-04-02T15:01:12.888Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"33007u.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 19:48:44 GMT","end":"Tue, 05 May 2026 20:47:17 GMT"},"fingerprint":{"sha1":"39:3E:54:FB:93:41:1F:2F:0D:1F:1A:CA:AB:F8:8D:69:AF:B7:DB:B3","sha256":"97:78:9E:34:D9:DD:60:A7:22:9F:22:15:47:11:95:01:59:C5:49:DC:1F:31:4D:58:EE:29:8F:79:55:32:65:55"}}},"request":{"raw":"GET /bface/natsu/Partners-MG.webp HTTP/1.1\r\nHost: 33007u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://33007u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 02 Apr 2026 15:01:13 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2708\r\npriority: u=4,i=?0\r\netag: \"a94-e1vYjDNVFkEvy6wwr/4JHwa2c+I\"\r\nlast-modified: Thu, 05 Mar 2026 03:21:20 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BrAE7lz5GV9i4VE7P0y%2FglB6iaencnq0PSKDNrlPR647sy3ulmQAGQYpwJe8CbRXRWsWI%2BvmH5iJaHdwNNWiXz4ic0puMhBoGQYIaRCGVi%2FePlMmScpruCiQ3Gwj\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e60b5237d7b56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2708,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"6522ef4cd612dc441e9250be6ec869a0","sha1":"7b5bd88c335516412fcbac30affe091f06b673e2","sha256":"48c5314eaf6bd17e189ff1e0ea3b92b25ac4d0b114a73f52600d6877560ea290","sha512":"83cbb787a7bb578a9483277331334f57981c625d0b44ce151ebb8d84ed62a7042b344ceef335deb373144eb41247d8ff4e6ac17a1f48724a0b2478544b289c20","ssdeep":"","tlshash":"d0515e3c9b43b77f8a730672e05014c5db509d044ab42e257651cb98ff75da09736ab8","first_seen":"2026-03-25T07:56:58.869743Z","last_seen":"2026-04-09T14:52:23.257267Z","times_seen":54,"resource_available":false,"data":null}},"time_used":515,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":515,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"33007u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-02","alert":"Phishing Block","trigger":"33007u.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"33007u.com/bface/natsu/AGqjt.png","fqdn":"33007u.com","domain":"33007u.com","tld":"com"},"ip":{"addr":"172.67.218.250","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://33007u.com/","date":"2026-04-02T15:01:12.880Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"33007u.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 19:48:44 GMT","end":"Tue, 05 May 2026 20:47:17 GMT"},"fingerprint":{"sha1":"39:3E:54:FB:93:41:1F:2F:0D:1F:1A:CA:AB:F8:8D:69:AF:B7:DB:B3","sha256":"97:78:9E:34:D9:DD:60:A7:22:9F:22:15:47:11:95:01:59:C5:49:DC:1F:31:4D:58:EE:29:8F:79:55:32:65:55"}}},"request":{"raw":"GET /bface/natsu/AGqjt.png HTTP/1.1\r\nHost: 33007u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://33007u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 02 Apr 2026 15:01:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 192147\r\npriority: u=4,i=?0\r\netag: \"2ee93-cHHZIrFnOP9qDOd3wkGuTmmTv30\"\r\nlast-modified: Thu, 05 Mar 2026 03:21:19 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Z5XNQFZdGbO015j%2BDLfHGB9P5VCW5unems5N072L9HlXc2K7JmuNNK7K1G0xdg1zEuXvedOka3Zl8O4j0qrvLLHFJkysfa%2BNLD%2Fomwcp5O0%2FAdH4UbzufChyleUo\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e60b5236d7256ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":192147,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1456 x 1192, 8-bit colormap, non-interlaced","md5":"107ebf51264e02c0fc2424ae85c45d1c","sha1":"7071d922b16738ff6a0ce777c241ae4e6993bf7d","sha256":"1a54780cbdf1ae3137057edb4b3de10d75d0d4acf7f84eaea9d05f8ec5510ad4","sha512":"db0779fd0ff57c1c66233b51deb79f8faa49b61a082f35a2f8cbce58cf2be112355a6d186e874fb33325379ab02bd208f15cb844ba708ae7de7bb243c9cd2dab","ssdeep":"3072:gU+DOEOBuvd+cbJASOsXg2+BXwCcGjbsSseJZBzNa5fKS0jGruT6SfsTqJokfK40:l3X0vd+cbJASjg2++CcGj0eHX8KVMuuf","tlshash":"811422e5dc448387a3338e3f3e712685660f688099134e1c64bafe8b49ca4f985d365e","first_seen":"2024-10-11T08:42:15.018542Z","last_seen":"2026-04-09T14:52:23.276768Z","times_seen":144,"resource_available":false,"data":null}},"time_used":1415,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":592,"receive":823,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-02","alert":"Phishing Block","trigger":"33007u.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"33007u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"33007u.com/bface/natsu/pk2.png","fqdn":"33007u.com","domain":"33007u.com","tld":"com"},"ip":{"addr":"172.67.218.250","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://33007u.com/","date":"2026-04-02T15:01:12.882Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"33007u.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 19:48:44 GMT","end":"Tue, 05 May 2026 20:47:17 GMT"},"fingerprint":{"sha1":"39:3E:54:FB:93:41:1F:2F:0D:1F:1A:CA:AB:F8:8D:69:AF:B7:DB:B3","sha256":"97:78:9E:34:D9:DD:60:A7:22:9F:22:15:47:11:95:01:59:C5:49:DC:1F:31:4D:58:EE:29:8F:79:55:32:65:55"}}},"request":{"raw":"GET /bface/natsu/pk2.png HTTP/1.1\r\nHost: 33007u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://33007u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 02 Apr 2026 15:01:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 3457\r\npriority: u=4,i=?0\r\netag: \"d81-pEhmTMSXnUl5F2SeuEN/rj4XGVM\"\r\nlast-modified: Thu, 05 Mar 2026 03:21:20 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rgqfylIh0tnJCejT6gg%2F5GxKrrUtUflvnaSeEvPdo7H92Q4lFUjZ%2Ba1zetZcSUe56tA2pj3Y2CxPXgQOB36Au32%2FPo8eh4%2Fcp6gIrNV%2F6ZbXZwNHIPii3bezdZTt\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e60b5236d7456ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3457,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit colormap, non-interlaced","md5":"a3a31f927d7b779eaf5c05fc57e6085c","sha1":"a448664cc4979d497917649eb8437fae3e171953","sha256":"eb7393ca357f5854a84fae7ac0c347995b4b89182af84139906ff772c4b5e6a1","sha512":"a01d45b8241b33c68ab19603e80cd678a474a5686c9f46e0d5500025e980e68da78681a34f2f5564a33c6d4b90c2b31c0f9667bb807d3d4575b990f86c5e6d2f","ssdeep":"","tlshash":"a5616a912127d1fc92be297a01ba2a90b77ce307b85811ce8e670e1c7f175c18c6c66e","first_seen":"2026-03-25T07:56:58.873674Z","last_seen":"2026-04-09T14:52:23.279238Z","times_seen":54,"resource_available":false,"data":null}},"time_used":577,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":576,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"33007u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-02","alert":"Phishing Block","trigger":"33007u.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"33007u.com/bface/natsu/AGgjt.png","fqdn":"33007u.com","domain":"33007u.com","tld":"com"},"ip":{"addr":"172.67.218.250","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://33007u.com/","date":"2026-04-02T15:01:12.882Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"33007u.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 19:48:44 GMT","end":"Tue, 05 May 2026 20:47:17 GMT"},"fingerprint":{"sha1":"39:3E:54:FB:93:41:1F:2F:0D:1F:1A:CA:AB:F8:8D:69:AF:B7:DB:B3","sha256":"97:78:9E:34:D9:DD:60:A7:22:9F:22:15:47:11:95:01:59:C5:49:DC:1F:31:4D:58:EE:29:8F:79:55:32:65:55"}}},"request":{"raw":"GET /bface/natsu/AGgjt.png HTTP/1.1\r\nHost: 33007u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://33007u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 02 Apr 2026 15:01:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 176628\r\npriority: u=4,i=?0\r\netag: \"2b1f4-b7UwXd77jfm/7s1GEpOCwD4/5GE\"\r\nlast-modified: Thu, 05 Mar 2026 03:21:19 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ANR7qheuQhddb02kD3BUfVLqL335rGtAk1ppVqZyiHVUTouxOSHKDRe6j7grU8eMdWKyX2pAvRyLKDhyQwuAAqrQvla2NYMaHmApWtaO2%2FqLvMhpeNx6KZsounrQ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e60b5236d7556ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":176628,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1456 x 1192, 8-bit colormap, non-interlaced","md5":"0a3f2ce966a9e4771ee8f4b5bd8be54b","sha1":"6fb5305ddefb8df9bfeecd46129382c03e3fe461","sha256":"25e83d48cf3e1872dcb33f581b503b0d5ac3a778a3aa82d95f458188e03ad800","sha512":"6d711137b25d6f82f46b68b316e83411e74703d15cad58184c85182d562371962f1f25f27536d65945af22142c5f132dfa0bf8e90fa7299596a391df434255f2","ssdeep":"3072:XyfPhbaOYAikhfZDFoAqvsc5sKUE+vZwJqMdsFaz1UWHmCNigrL58RqZc0rGCR:yP8OJ5hfZD9hk+vAJwURp4K2CR","tlshash":"c3042329dda62c28fd76169338cdbf74948413617a6c47fd2366a463e4073afa13a30d","first_seen":"2024-09-12T12:37:11Z","last_seen":"2026-04-09T14:52:23.280216Z","times_seen":144,"resource_available":false,"data":null}},"time_used":1288,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":523,"receive":765,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-02","alert":"Phishing Block","trigger":"33007u.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"33007u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"33007u.com/bface/natsu/tz2.png","fqdn":"33007u.com","domain":"33007u.com","tld":"com"},"ip":{"addr":"172.67.218.250","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://33007u.com/","date":"2026-04-02T15:01:12.884Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"33007u.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 19:48:44 GMT","end":"Tue, 05 May 2026 20:47:17 GMT"},"fingerprint":{"sha1":"39:3E:54:FB:93:41:1F:2F:0D:1F:1A:CA:AB:F8:8D:69:AF:B7:DB:B3","sha256":"97:78:9E:34:D9:DD:60:A7:22:9F:22:15:47:11:95:01:59:C5:49:DC:1F:31:4D:58:EE:29:8F:79:55:32:65:55"}}},"request":{"raw":"GET /bface/natsu/tz2.png HTTP/1.1\r\nHost: 33007u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://33007u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 02 Apr 2026 15:01:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 4047\r\npriority: u=4,i=?0\r\netag: \"fcf-XG6VzqfUhBhZhcoBkZfty2GXnEU\"\r\nlast-modified: Thu, 05 Mar 2026 03:21:20 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eEX94OoDvICWikoeramzGe3nmdHBBdyuYmgWoCaT4caacgy4OJ5HqQWVOiB5YMomffuf6OCJFzHHpm2d6ld2lPmtjWGaXzR%2BfzrcUOshPAre5QztXqTb7fgX8Hty\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e60b5237d7756ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4047,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit colormap, non-interlaced","md5":"719ce4af0caaafd54e1a5843c62c87f5","sha1":"5c6e95cea7d484185985ca019197edcb61979c45","sha256":"89ecf302ee6fb18c718240809d83af957cba2a68c222848f18e16338df71d1f7","sha512":"fb01ee6292272d32f36d9ca4be22ace314e3bbe0927880b17a9f2f94f89e8cc4b236cd40b9fc45133ba044d7cea967c95114e808fc15ef895a7c7acd94c1f39f","ssdeep":"","tlshash":"a8816d4b148df13b7b455b9d112c18761247bcaab13de58530543f681933d82fcc5e6e","first_seen":"2026-03-25T07:56:58.834644Z","last_seen":"2026-04-09T14:52:23.268744Z","times_seen":54,"resource_available":false,"data":null}},"time_used":542,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":542,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"33007u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-02","alert":"Phishing Block","trigger":"33007u.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/swiper@11/swiper-bundle.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.193.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://33007u.com/","date":"2026-04-02T15:01:12.890Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/swiper@11/swiper-bundle.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://33007u.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 11.2.10\r\nx-jsd-version-type: version\r\netag: W/\"25be5-n7vuhWVYfwo6iXqEBF16IW76OmQ\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Thu, 02 Apr 2026 15:01:12 GMT\r\nage: 70\r\nx-served-by: cache-fra-eddf8230082-FRA, cache-hel1410020-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 44022\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":154597,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65281)","md5":"6cf353c3b8738cded0ecaf2100e7da1e","sha1":"9fbbee8565587f0a3a897a84045d7a216efa3a64","sha256":"985f1224c0eeec99d367a9db35e58e44b21e7eb9ce45831b15b4c108e41fd97f","sha512":"b9d13adaf4af1e21d923ac1ab3e69f8bdd755c9b984c4018c660470c7b7dd079f100c72f7b8215f64cdbe632990cc416e88542b4f170194610b5e685b4678da5","ssdeep":"1536:iKJqLfGmNQ2X8NFb4uvEOUjF3j7MtOBlxvHlik3+AkNk7yGCdmFiBnyOlV/TDQr/:nJebsNy1ikuGeBnR/TDQ9chHdN+ui","tlshash":"dbe3e789a221b67646e3169b93e4c211b3b50544b80ac4e470fd4c9f597ec9c13feefa","first_seen":"2025-06-28T19:00:56.686116Z","last_seen":"2026-04-09T23:11:28.958185Z","times_seen":15139,"resource_available":true,"data":null}},"time_used":244,"timings":{"blocked":101,"dns":10,"connect":13,"send":0,"wait":14,"receive":13,"ssl":89},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"33007u.com/bface/natsu/Partners-PLAY.webp","fqdn":"33007u.com","domain":"33007u.com","tld":"com"},"ip":{"addr":"172.67.218.250","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://33007u.com/","date":"2026-04-02T15:01:12.889Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"33007u.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 19:48:44 GMT","end":"Tue, 05 May 2026 20:47:17 GMT"},"fingerprint":{"sha1":"39:3E:54:FB:93:41:1F:2F:0D:1F:1A:CA:AB:F8:8D:69:AF:B7:DB:B3","sha256":"97:78:9E:34:D9:DD:60:A7:22:9F:22:15:47:11:95:01:59:C5:49:DC:1F:31:4D:58:EE:29:8F:79:55:32:65:55"}}},"request":{"raw":"GET /bface/natsu/Partners-PLAY.webp HTTP/1.1\r\nHost: 33007u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://33007u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 02 Apr 2026 15:01:13 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1754\r\npriority: u=4,i=?0\r\netag: \"6da-gOiz7Lx9POsUcidCD+fxGOofFkE\"\r\nlast-modified: Thu, 05 Mar 2026 03:21:20 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mQ5eY8NEWZfZYLLcGGvUtJbWuhRqfwEzTe%2FboE%2FIjEPLCoAgmci5chKKpB2zPUIO%2FCrLKVlDGCov3V%2Fk81Z1463FK3AG1jESfvxJfyewloDYB4l7wHDPmrsq%2ByGd\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e60b5237d7c56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1754,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"abb4e6798cc5a1626729cf6fa68252bb","sha1":"80e8b3ecbc7d3ceb147227420fe7f118ea1f1641","sha256":"20b57da62b8feb36b828c3180714e420d703897fd5e119725a2ed4ae0b00acb3","sha512":"4335f1702a71679e76eb5097422fad5104be36035dbfb2550710089c6ae6bbfcdd5f7871cfc3ea7f0fe9560133e3e047ea9c548ff00e79693613c656081fcd23","ssdeep":"","tlshash":"e8310b98fda8bed5cf46b5b85e007cb2cc44d11032709ba77a30d38e959045b5f959c1","first_seen":"2026-03-25T07:56:58.876838Z","last_seen":"2026-04-09T14:52:23.248895Z","times_seen":54,"resource_available":false,"data":null}},"time_used":521,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":521,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"33007u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-02","alert":"Phishing Block","trigger":"33007u.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/swiper@11/swiper-bundle.min.css","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.193.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://33007u.com/","date":"2026-04-02T15:01:12.876Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/swiper@11/swiper-bundle.min.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://33007u.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: text/css; charset=utf-8\r\nx-jsd-version: 11.2.10\r\nx-jsd-version-type: version\r\netag: W/\"4816-00NTceTFOXSCfuleSHYg+tVGAkA\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Thu, 02 Apr 2026 15:01:12 GMT\r\nage: 28702\r\nx-served-by: cache-fra-etou8220067-FRA, cache-hel1410020-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 4774\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":18454,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (18199)","md5":"6408a7c2033ed72b31f850268bfa9a0a","sha1":"d3435371e4c53974827ee95e487620fad5460240","sha256":"74ca6aae5468dbc924790c3b4d219a089b90a34bad53a0f7ca3a73e73b6f5ab8","sha512":"b74b551224b5abe662f4380393eab59b8f9481d8aff978af27d66d0e4b4b6eaaa4271f0aedb97c6298b3245915136f52dbc15135b46c04841b8214ea9397cbf4","ssdeep":"192:CzmUJbiKne5JTLdKSme+jeF474nQ7p/l2GZb0Q5RfufKDvAYfg5faeesedOJxbpy:CSUbe5JndKW+Sa0ni24tnWfz4eNi","tlshash":"ce8256a45350182753274f374bb1cbb9e97444c20f9389ae91c0ee58d7facb9132f2a9","first_seen":"2025-06-28T16:11:53.618794Z","last_seen":"2026-04-09T23:11:28.956235Z","times_seen":14866,"resource_available":false,"data":null}},"time_used":254,"timings":{"blocked":115,"dns":20,"connect":13,"send":0,"wait":13,"receive":0,"ssl":91},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"33007u.com/bface/natsu/Partners-PG.webp","fqdn":"33007u.com","domain":"33007u.com","tld":"com"},"ip":{"addr":"172.67.218.250","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://33007u.com/","date":"2026-04-02T15:01:12.887Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"33007u.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 19:48:44 GMT","end":"Tue, 05 May 2026 20:47:17 GMT"},"fingerprint":{"sha1":"39:3E:54:FB:93:41:1F:2F:0D:1F:1A:CA:AB:F8:8D:69:AF:B7:DB:B3","sha256":"97:78:9E:34:D9:DD:60:A7:22:9F:22:15:47:11:95:01:59:C5:49:DC:1F:31:4D:58:EE:29:8F:79:55:32:65:55"}}},"request":{"raw":"GET /bface/natsu/Partners-PG.webp HTTP/1.1\r\nHost: 33007u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://33007u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 02 Apr 2026 15:01:13 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1656\r\npriority: u=4,i=?0\r\netag: \"678-v9w6WkwuFB/qIWMr0ACtBfbCpSk\"\r\nlast-modified: Thu, 05 Mar 2026 03:21:20 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Y6UMg0k2sGfrMNDN87VaxpBHAhrNEtIGl21ZgjXaanFtW7T6TjN3SbKysZqzMVay7hu614OsM7NmY4Y0%2F5d1GqV%2B%2BtS9S%2BvRcR0h5Ld5e3rOjyLoVAXt0ZbdZPaM\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e60b5237d7a56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1656,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"b39d8841e3895aa64a1d151d2d4eee1c","sha1":"bfdc3a5a4c2e141fea21632bd000ad05f6c2a529","sha256":"0a8990ac0d7ed9ebfb947b915b4e7a8eb72a4917f162626f579eb44516ee73d9","sha512":"91c2a34908aa61d63d6eb7a8e10f3f034102a7ef23c138261d5c10bebf82ebf380ba7fb21a817b513a739bdcbd29c2bc476f70ee70f1eb819e33ae6b81ce797c","ssdeep":"","tlshash":"ad31c8728bd868989e90ff769ad23be326438905d4abcc2c01876995505404ab0713a9","first_seen":"2026-03-25T07:56:58.857585Z","last_seen":"2026-04-09T14:52:23.239207Z","times_seen":54,"resource_available":false,"data":null}},"time_used":517,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":517,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"33007u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-02","alert":"Phishing Block","trigger":"33007u.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"33007u.com/bface/natsu/btn.webp","fqdn":"33007u.com","domain":"33007u.com","tld":"com"},"ip":{"addr":"172.67.218.250","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://33007u.com/","date":"2026-04-02T15:01:13.058Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"33007u.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 19:48:44 GMT","end":"Tue, 05 May 2026 20:47:17 GMT"},"fingerprint":{"sha1":"39:3E:54:FB:93:41:1F:2F:0D:1F:1A:CA:AB:F8:8D:69:AF:B7:DB:B3","sha256":"97:78:9E:34:D9:DD:60:A7:22:9F:22:15:47:11:95:01:59:C5:49:DC:1F:31:4D:58:EE:29:8F:79:55:32:65:55"}}},"request":{"raw":"GET /bface/natsu/btn.webp HTTP/1.1\r\nHost: 33007u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://33007u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 02 Apr 2026 15:01:13 GMT\r\ncontent-type: image/webp\r\ncontent-length: 630\r\npriority: u=4,i=?0\r\netag: \"276-3wwwDqIo7R4Zu8R0syy9U25+jh8\"\r\nlast-modified: Thu, 05 Mar 2026 03:21:20 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nRQglE6%2Bxl7ZkBrOltpKvytnjV2ZAAJ1A%2BbigqFqMNCkdBeOrTkYq%2FI6RdnN0bmYbUwEr9uk3qEcvh4w6xTJTwCVcjYUaaWvtBmo4QdQLQZPJTPnzyUqr60ZegmR\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e60b5249d8a56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":630,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"bedd5ca4f10ce79ff2510163f6b4b231","sha1":"df0c300ea228ed1e19bbc474b32cbd536e7e8e1f","sha256":"d8a12a951dbff6dad71b6847567411bca1824e0428362aa5b1f7ada8b199699c","sha512":"15daa2b753f1630b56fd2094be2aae991c53aeb6581c4ea159c227e615d4ba430b11ec474e63cc5fe52f488146c569a84b6aaecf6e12abc2fcbc4257b62efde8","ssdeep":"","tlshash":"c9f068c40781877c672c1c27da4c3955954d6530c374b972e4e5d0155b6cda8ffdb5a0","first_seen":"2024-07-18T18:09:39Z","last_seen":"2026-04-09T14:52:23.241267Z","times_seen":3059,"resource_available":false,"data":null}},"time_used":565,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":565,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"33007u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-02","alert":"Phishing Block","trigger":"33007u.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}