{"report_id":"8507651f-a3e0-4c0b-87f5-e0a00a31c353","version":0,"status":"done","tags":[],"date":"2026-06-27T11:47:17Z","url":{"schema":"http","addr":"cryptoexchangebinancenigerialawsuit.lol","fqdn":"cryptoexchangebinancenigerialawsuit.lol","domain":"cryptoexchangebinancenigerialawsuit.lol","tld":"lol"},"ip":{"addr":"186.243.119.104","port":0,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"final":{"url":{"schema":"http","addr":"cryptoexchangebinancenigerialawsuit.lol/","fqdn":"cryptoexchangebinancenigerialawsuit.lol","domain":"cryptoexchangebinancenigerialawsuit.lol","tld":"lol"},"title":"Binance Nigeria Legal Case: Comprehensive Updates \u0026 Regulatory Analysis","dom":{"size":4002,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (532)","md5":"99887b8f3645d7b9e2171b084c46100b","sha1":"1ffbe6f8fdd65bf29df8470e428be4943cb49160","sha256":"6ff35dd7e45f22276d802b205c78d59ddf12898101155e8ea78b2aaa8e8dc9ec","sha512":"966009c974c8f2fd3f28566d9629eee1944b56361a88f9207936ae8cf34c57d9a96c76fd0de6be9cddd0df97adbdd0e000de2ad22db162952e5bbf58e6f1cac8","ssdeep":"","tlshash":"6281c71726b5a136a2a360916776e3c95698a607f70286707afd005cdfc8cc5cbfb1dc","dom_hash":"domhash193071772e44ebfc90573042584ad0d9","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"cryptoexchangebinancenigerialawsuit.lol","fqdn":"cryptoexchangebinancenigerialawsuit.lol","domain":"cryptoexchangebinancenigerialawsuit.lol","tld":"lol"},"ip":{"addr":"186.243.119.104","port":0,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-01T11:47:17Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-06-21T22:30:18.963204Z","alert_count":0,"request_count":6,"received_data":483037,"sent_data":5114,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"zq3388a.com","ip":{"addr":"157.119.95.5","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"domain_registered":"2026-06-18","domain_rank":0,"first_seen":"2026-06-27T09:08:10.389542Z","last_seen":"2026-06-27T09:08:10.389542Z","alert_count":0,"request_count":17,"received_data":1061684,"sent_data":8830,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"cryptoexchangebinancenigerialawsuit.lol","ip":{"addr":"186.243.119.104","port":80,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"domain_registered":"2026-06-25","domain_rank":0,"first_seen":"2026-06-27T11:46:49.66076Z","last_seen":"2026-06-27T11:46:49.66076Z","alert_count":0,"request_count":6,"received_data":557359,"sent_data":2619,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"zq3388a.com/zb_system/script/c_html_js_add.php","fqdn":"zq3388a.com","domain":"zq3388a.com","tld":"com"},"ip":{"addr":"157.119.95.5","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"d86596af730ea444918fe5e959d64564","sha1":"413bf2b1d55471b95e8261091a768be4bc39dcbe","sha256":"15030c5f2b1d3ec10421cf54df8de5164f18b714d0592826d3c85025250ec7e5","sha512":"5efc53b1683907e01e038922255430bfb0dcd543858e8ccea6b04bd2194ef6efed774ebe68c1995f6ba58385fc9ceb3c1e15d6042ee336881e4051cbdc21eb74","ssdeep":"96:6EY06qZuiMRd1BhXJnbZ2THKkuiMMKDg8E:6Nvf1BhXJnNAHMiMNDLE","tlshash":"3a91b855595a11b6243723bbc8af5504fea212ab4014cc16fdbc50a42f75f849163fbe","size":4550,"data":"","first_seen":"2026-06-27T09:08:14.937647Z","last_seen":"2026-06-30T03:26:28.635017Z","times_seen":27,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"cryptoexchangebinancenigerialawsuit.lol/tj.js","fqdn":"cryptoexchangebinancenigerialawsuit.lol","domain":"cryptoexchangebinancenigerialawsuit.lol","tld":"lol"},"ip":{"addr":"186.243.119.104","port":80,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":false,"md5":"b0520cd4f0780f4d394719ef27640310","sha1":"a9a00e29dec7d5e5cc4066576c56f26f888714e3","sha256":"d9f1b14e0b95f8434b7af4abb4d030060c38e75a0be1893af066df29b6247e1f","sha512":"55469248749513f3bfbb45b3d32cbef4019aa6d92329d63d6e06df190832d88c26ffafc24cae51ccb53334b3b3c4125512e482f0cb5a76f848bbd48c25a58d51","ssdeep":"","tlshash":"95f030e57b296a73136511607ebae7ec38f9f130ec737650009f18241194f8a9eccd42","size":484,"data":"","first_seen":"2026-06-27T09:08:14.940861Z","last_seen":"2026-06-30T03:26:28.630869Z","times_seen":26,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zq3388a.com/zb_system/script/jquery-latest.min.js","fqdn":"zq3388a.com","domain":"zq3388a.com","tld":"com"},"ip":{"addr":"157.119.95.5","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"c9a1b0aa0167c8a4df724d18d06814a8","sha1":"f3f468ccf735476c87e3b49e274eb3752a884607","sha256":"7aa6b0e08f48a0f95d8df7ea89e4cbfe1ef3d1e8c0f7373f7f25edfb4e4a325e","sha512":"05352a89084c3b747c375eea2107b9b3c660ffb5989d48f10ee30e4acf917db21fa7ce56f9b385de0fcfd0873c4c4e9d96c48f2f38e26d5cd5dd28ed792c3e06","ssdeep":"1536:3RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:vHNwcv9VBQpLl88SMBQ47GKO","tlshash":"3783f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87535,"data":"","first_seen":"2023-10-05T13:52:49Z","last_seen":"2026-06-30T06:01:44.162874Z","times_seen":6426,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zq3388a.com/zb_users/plugin/UEditor/third-party/prism/prism.js","fqdn":"zq3388a.com","domain":"zq3388a.com","tld":"com"},"ip":{"addr":"157.119.95.5","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"436e8870ba117885ef700bbeaf798ba6","sha1":"7b242c9b1698d8cf69310101c64535c442b97949","sha256":"5867cef615756cb75b523c11e29d88f770ddb40fd51bc39cd60e3ba86d004fdc","sha512":"bd5f55dcdeb34fa64f49cc8badbe57a68cf0b2aa9d2799e31e998a44018352ee8d2326800975c914eb951069bf7024e9197aefa08e1a16e0c038aae1bf8acd71","ssdeep":"768:m5Y2fNvMbzlD2nW6uY45AHdw7UECX3b1ivdpMOxkKda2U6PDFDnNLDSAkvZrE/Jk:IYKEvN2W6uY4EwV1l42vd3gZAccRRx78","tlshash":"de535cbc5eb73d010ac7e1a6f8a29500e9221975d929791bf7e8d648c0f390742d3b6f","size":61131,"data":"","first_seen":"2023-03-07T12:24:55Z","last_seen":"2026-06-30T05:57:06.242432Z","times_seen":1898,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zq3388a.com/zb_users/theme/erx_Forum/script/theia-sticky-sidebar.min.js","fqdn":"zq3388a.com","domain":"zq3388a.com","tld":"com"},"ip":{"addr":"157.119.95.5","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"038d4cd5f8ebbdc3a79a9220577984f1","sha1":"6f5743c7cc7ca7a653a9b4da9c437208f5476ea3","sha256":"9835eaa807f9d7d42e61f7837603857b42ee2a09846b2d04c1439303403e2a09","sha512":"12063cae5413b9a2c161870cf64baeeddcf5811a2e338b400b7b31b9b58f582cab954090bae02b7b87343677cbf6e502625ba1704e7e18168305154d55dd2533","ssdeep":"96:8CErPpnMTDqfVNsArPF1DYvDRGuPHB+qCuS5+6F:FEz96DqfVOXEuPHB+qC9x","tlshash":"98b1325e2f507139e097f8cf90cfa028906e4da75bcad079870c85d81da676891e2fde","size":5371,"data":"","first_seen":"2023-03-07T18:52:06Z","last_seen":"2026-06-30T03:40:16.482132Z","times_seen":23875,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zq3388a.com/zb_users/theme/erx_Forum/script/custom.js?v=2.6.2","fqdn":"zq3388a.com","domain":"zq3388a.com","tld":"com"},"ip":{"addr":"157.119.95.5","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"eaf8f776e9b36d282289b3c23a5d2497","sha1":"4795ca0182cdb551353bc7649106196dcd44119a","sha256":"c7dbab205e55184ab08503362a441d34268a40fa5c8ef8dc608dba244baf96cd","sha512":"ad45ea24b67a718bf11db0ab21f1800ef37a879b482c66fe141adeba20d7300b549a55b71ffe0c02e7941fde7e4c99f0d0ea1387ff854d470a309dcac99075ed","ssdeep":"384:PDM9zAt0m8/Q+IDxqfmrz4vaJA+AEs7FlFqFknuvlyAH:PDM5At05INcfmxP+/mPyAH","tlshash":"d392830efa4d4b6e82f63365113ea840ed7dd93b850595a2fcac10603f7cf985366e68","size":20020,"data":"","first_seen":"2025-11-23T15:31:40.472667Z","last_seen":"2026-06-30T03:40:16.470511Z","times_seen":87,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zq3388a.com/g.js","fqdn":"zq3388a.com","domain":"zq3388a.com","tld":"com"},"ip":{"addr":"157.119.95.5","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"523e4301250d297f5547325afb0504b3","sha1":"7caaa17380bc931e10d66f9298c5a60533d2865d","sha256":"856ee5aeb6dd98d57783c196b9e888c8ffb1a4a8a8bd1268640021f371e17bea","sha512":"3f376020a17edb393f629e3a14df356be9487ab44470abee661ad7b6c34a1e651b916072e1da5125872acfc9c7d2eab7e1c385b9de479c610ca9ba16b2d974a6","ssdeep":"","tlshash":"3df02bbb09f061475e1241a4951cffbcf862e1f45f534c509d2d5fe95891b158c28a8d","size":543,"data":"","first_seen":"2026-06-27T09:08:14.946424Z","last_seen":"2026-06-27T11:47:19.82581Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"cryptoexchangebinancenigerialawsuit.lol/ad.js","fqdn":"cryptoexchangebinancenigerialawsuit.lol","domain":"cryptoexchangebinancenigerialawsuit.lol","tld":"lol"},"ip":{"addr":"186.243.119.104","port":80,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":false,"md5":"c465199b27b76bfa2a4a9af378728f2e","sha1":"f46263d726e024817f8601005d0b381d5b9ed8e3","sha256":"5227d7f6426fbbc9e84068fe74441d7dc6e0630abf1ef73af4bcb4e666aadf59","sha512":"8cbfc5c079d59910886e02e584bdf1647ed7d0444d48d67ee5c0a2c39da378d5b9cab2004a8c850ddcac19d6e2279016744ef9d93030a405394500f1f53c13a4","ssdeep":"","tlshash":"f231c8714167b43c52308034f464caa82afdd138ffbb9b2549af3c9844cca880caedd8","size":1444,"data":"","first_seen":"2026-06-27T09:08:14.931336Z","last_seen":"2026-06-30T03:26:28.629499Z","times_seen":27,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"cryptoexchangebinancenigerialawsuit.lol/","fqdn":"cryptoexchangebinancenigerialawsuit.lol","domain":"cryptoexchangebinancenigerialawsuit.lol","tld":"lol"},"ip":{"addr":"186.243.119.104","port":80,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":false,"md5":"739db1ed8eda4230824ec82f7f16daad","sha1":"bae799bee597180105a357089eb9f1af281c5ae9","sha256":"96056a50f4b1b1a6c358624deaef97c1c3cacb2d891ce8b09a7979b0c8824495","sha512":"d88498334d9e116b241b94f381e55ac07549fd5ddebb6e68f7a9e25f6bc0a9df8ec48e156a2a78134d34376741f4b0421bdad015980b67de4c982bd5eed89f2f","ssdeep":"","tlshash":"a1d08c88e20a4cb151a626b08bbfb608b0023214d4a17921480a23045e24e07e748820","size":211,"data":"","first_seen":"2026-06-27T11:47:19.8264Z","last_seen":"2026-06-27T11:47:19.8264Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-KW9F2L44RD","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"fa29e7b089191b542996a316bb519049","sha1":"5119e5ab42f6e73ae7d1e826db00dc482fb35861","sha256":"89d36eaedc9b690b1e098c8529bb3db8e341a0789792c600cb32eaf4dec4829f","sha512":"bc5dbf28400f8884507ce96436e4f73486abb8b81fb083c18ad1c4c0576057140e1c9ffc64a7e722f31f3eef1837a982c90237e436860e7ffabdc98597ceabc4","ssdeep":"6144:PIgwrmk0EUmKtdNjyXkVCva/h/ge1CWMHub0rYxUOgcshQAGYo:PnwemkYvfxruURGX","tlshash":"cba4e9cdb3d674625396f478903f018ba57b28a2b44cc899f189cce42e7465a8277f7c","size":481423,"data":"","first_seen":"2026-06-27T11:47:19.818747Z","last_seen":"2026-06-27T11:47:19.818747Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zq3388a.com/zb_system/script/zblogphp.js","fqdn":"zq3388a.com","domain":"zq3388a.com","tld":"com"},"ip":{"addr":"157.119.95.5","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"5e8d86eb2c5abc94804fd6176a35b281","sha1":"921d2cc4615a58a094ddbcc6366437a94508fc5f","sha256":"11b10a45b9fc3622b9a8eaf5181e0bd403af74ecfbbc9541cdce396a8e47b332","sha512":"6504e48f68d98800228db18dc63711b216c299dad8d95e57d0f014c18a24a2ffbc62f6cfe98f5d0152d06da577efb550c20bc947c08101ea3c94d659f572ea17","ssdeep":"192:msL4JVH9jIULy46KgHlQGwH0Dx5qjplLO:m/jIUkHlQGwH0Kt9O","tlshash":"2fe1315cf5c476a103ab30b4088f028a64fb17ae6011d998d264e4e46fbdf8b5623f3c","size":7204,"data":"","first_seen":"2023-03-07T23:31:01Z","last_seen":"2026-06-30T05:57:06.215864Z","times_seen":2324,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":[{"level":"log","text":"\n  Z-Blog erx_Forum  尔今作品 \n","filename":"https://zq3388a.com/zb_users/theme/erx_Forum/script/custom.js?v=2.6.2","line_number":387,"column_number":13},{"level":"log","text":" https://app.zblogcn.com/?id=7240","filename":"https://zq3388a.com/zb_users/theme/erx_Forum/script/custom.js?v=2.6.2","line_number":388,"column_number":13}]},"http":[{"url":{"schema":"https","addr":"www.googletagmanager.com/a?id=G-KW9F2L44RD\u0026v=3\u0026t=t\u0026pid=1289895046\u0026gtm=45je66o1v9256505553za200zd9256505553\u0026cv=1\u0026rv=66o1\u0026tc=16\u0026tag_exp=115938466~115938469~119027224~119576891~119576895~119724321\u0026es=1\u0026e=gtm.init\u0026eid=2\u0026h=Ag\u0026tr=1ogtautoevents.1ogt1pdatav2.1ccdgafirst.1setproductsettings.1ccdgaregscope.1ccdemdownload.1ccdemform.1ccdemoutboundclick.1ccdempageview.1ccdemscroll.1ccdemsitesearch.1ccdemvideo.1ccdconversionmarking.1ccdautoredact.1ccdgalast\u0026ti=2ogtautoevents.2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ccdgaregscope.2ccdemdownload.2ccdemform.2ccdemoutboundclick.2ccdempageview.2ccdemscroll.2ccdemsitesearch.2ccdemvideo.2ccdconversionmarking.2ccdautoredact.2ccdgalast\u0026z=0","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://cryptoexchangebinancenigerialawsuit.lol/","date":"2026-06-27T11:46:56.396Z","timestamp":1782560816396,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:36:11 GMT","end":"Mon, 31 Aug 2026 08:36:10 GMT"},"fingerprint":{"sha1":"0B:C5:65:06:DD:0F:AB:EB:1E:E7:97:52:C4:27:4E:58:4A:36:E4:7C","sha256":"0E:AA:42:5A:CD:B0:51:92:3F:AE:F6:35:E6:BB:66:30:A9:D3:23:7B:B0:56:D8:00:C7:B7:6C:67:06:C4:33:73"}}},"request":{"raw":"GET /a?id=G-KW9F2L44RD\u0026v=3\u0026t=t\u0026pid=1289895046\u0026gtm=45je66o1v9256505553za200zd9256505553\u0026cv=1\u0026rv=66o1\u0026tc=16\u0026tag_exp=115938466~115938469~119027224~119576891~119576895~119724321\u0026es=1\u0026e=gtm.init\u0026eid=2\u0026h=Ag\u0026tr=1ogtautoevents.1ogt1pdatav2.1ccdgafirst.1setproductsettings.1ccdgaregscope.1ccdemdownload.1ccdemform.1ccdemoutboundclick.1ccdempageview.1ccdemscroll.1ccdemsitesearch.1ccdemvideo.1ccdconversionmarking.1ccdautoredact.1ccdgalast\u0026ti=2ogtautoevents.2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ccdgaregscope.2ccdemdownload.2ccdemform.2ccdemoutboundclick.2ccdempageview.2ccdemscroll.2ccdemsitesearch.2ccdemvideo.2ccdconversionmarking.2ccdautoredact.2ccdgalast\u0026z=0 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://cryptoexchangebinancenigerialawsuit.lol/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Sat, 27 Jun 2026 11:46:56 GMT\r\ncontent-type: text/html\r\nserver: Google Tag Manager\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":202,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T06:32:23.418387Z","times_seen":16848511,"resource_available":true,"data":null}},"time_used":63,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":63,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/a?id=G-KW9F2L44RD\u0026v=3\u0026t=t\u0026pid=1289895046\u0026gtm=45je66o1v9256505553za200zd9256505553\u0026cv=1\u0026rv=66o1\u0026tc=16\u0026tag_exp=115938466~115938469~119027224~119576891~119576895~119724321\u0026es=1\u0026e=gtm.js\u0026eid=3\u0026h=Ag\u0026tr=1gct\u0026ti=2gct\u0026z=0","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://cryptoexchangebinancenigerialawsuit.lol/","date":"2026-06-27T11:46:56.403Z","timestamp":1782560816403,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:36:11 GMT","end":"Mon, 31 Aug 2026 08:36:10 GMT"},"fingerprint":{"sha1":"0B:C5:65:06:DD:0F:AB:EB:1E:E7:97:52:C4:27:4E:58:4A:36:E4:7C","sha256":"0E:AA:42:5A:CD:B0:51:92:3F:AE:F6:35:E6:BB:66:30:A9:D3:23:7B:B0:56:D8:00:C7:B7:6C:67:06:C4:33:73"}}},"request":{"raw":"GET /a?id=G-KW9F2L44RD\u0026v=3\u0026t=t\u0026pid=1289895046\u0026gtm=45je66o1v9256505553za200zd9256505553\u0026cv=1\u0026rv=66o1\u0026tc=16\u0026tag_exp=115938466~115938469~119027224~119576891~119576895~119724321\u0026es=1\u0026e=gtm.js\u0026eid=3\u0026h=Ag\u0026tr=1gct\u0026ti=2gct\u0026z=0 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://cryptoexchangebinancenigerialawsuit.lol/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Sat, 27 Jun 2026 11:46:56 GMT\r\ncontent-type: text/html\r\nserver: Google Tag Manager\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":202,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T06:32:23.418387Z","times_seen":16848511,"resource_available":true,"data":null}},"time_used":87,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":87,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zq3388a.com/zb_users/theme/erx_Forum/script/theia-sticky-sidebar.min.js","fqdn":"zq3388a.com","domain":"zq3388a.com","tld":"com"},"ip":{"addr":"157.119.95.5","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://zq3388a.com/","date":"2026-06-27T11:46:56.938Z","timestamp":1782560816938,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.zq3388a.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 12:24:50 GMT","end":"Thu, 24 Sep 2026 12:24:49 GMT"},"fingerprint":{"sha1":"68:DB:D4:8E:4B:31:6A:42:13:9D:AE:29:A9:21:06:A3:DD:3B:52:63","sha256":"35:B4:E2:32:3F:D5:FF:18:E4:BC:1D:87:F6:06:E3:02:88:E8:98:C7:9C:07:11:64:C7:11:2F:E4:03:99:6D:D1"}}},"request":{"raw":"GET /zb_users/theme/erx_Forum/script/theia-sticky-sidebar.min.js HTTP/1.1\r\nHost: zq3388a.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://zq3388a.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 11:46:57 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 26 Jun 2026 13:34:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a3e8002-14fb\"\r\nexpires: Sat, 27 Jun 2026 23:46:57 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5371,"size_decoded":2273,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5370)","md5":"038d4cd5f8ebbdc3a79a9220577984f1","sha1":"6f5743c7cc7ca7a653a9b4da9c437208f5476ea3","sha256":"9835eaa807f9d7d42e61f7837603857b42ee2a09846b2d04c1439303403e2a09","sha512":"12063cae5413b9a2c161870cf64baeeddcf5811a2e338b400b7b31b9b58f582cab954090bae02b7b87343677cbf6e502625ba1704e7e18168305154d55dd2533","ssdeep":"96:8CErPpnMTDqfVNsArPF1DYvDRGuPHB+qCuS5+6F:FEz96DqfVOXEuPHB+qC9x","tlshash":"98b1325e2f507139e097f8cf90cfa028906e4da75bcad079870c85d81da676891e2fde","first_seen":"2023-03-07T18:52:06Z","last_seen":"2026-06-30T03:40:16.482132Z","times_seen":23875,"resource_available":true,"data":null}},"time_used":751,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":751,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zq3388a.com/bc.gif","fqdn":"zq3388a.com","domain":"zq3388a.com","tld":"com"},"ip":{"addr":"157.119.95.5","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zq3388a.com/","date":"2026-06-27T11:46:58.073Z","timestamp":1782560818073,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.zq3388a.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 12:24:50 GMT","end":"Thu, 24 Sep 2026 12:24:49 GMT"},"fingerprint":{"sha1":"68:DB:D4:8E:4B:31:6A:42:13:9D:AE:29:A9:21:06:A3:DD:3B:52:63","sha256":"35:B4:E2:32:3F:D5:FF:18:E4:BC:1D:87:F6:06:E3:02:88:E8:98:C7:9C:07:11:64:C7:11:2F:E4:03:99:6D:D1"}}},"request":{"raw":"GET /bc.gif HTTP/1.1\r\nHost: zq3388a.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://zq3388a.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 11:46:58 GMT\r\ncontent-type: image/gif\r\nlast-modified: Sat, 27 Jun 2026 08:54:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a3f8fce-96839\"\r\nexpires: Mon, 27 Jul 2026 11:46:58 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":616505,"size_decoded":616181,"mime_type":"image/gif","magic":"GIF image data, version 89a, 970 x 250","md5":"30ce0abc7a45d8c30ed2d06d29cc9972","sha1":"4d67664d6a508bd9b163ebbde2f853d641bb4dad","sha256":"858a2e8cd0e78490dbddec6eda363801e75903f89798849c4482d30f5179e681","sha512":"138634d65ffbc94adc1fd3f27e4f635cba7095454691d23991f81842da32eabf3c2f89d7f85c99f58150a480f2e4a5f465366ffcd667bfa69bc64074854cf265","ssdeep":"12288:/2XU4bTGQ6k53JT+R3/7K53o6MbXDSYjUa36iUEHmoUhaBOxNFv:r4nGMZwE35MbeYA66iUEHmFbv","tlshash":"a7d423a79798bd464b330e741428238c524973fc0abbbca45f5634b5e75083fa1bb1e5","first_seen":"2026-06-27T11:47:19.810904Z","last_seen":"2026-06-30T03:26:28.650795Z","times_seen":3,"resource_available":false,"data":null}},"time_used":755,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":755,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zq3388a.com/zb_users/theme/erx_Forum/fonts/fontawesome-webfont.woff2?v=4.7.0","fqdn":"zq3388a.com","domain":"zq3388a.com","tld":"com"},"ip":{"addr":"157.119.95.5","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://zq3388a.com/","date":"2026-06-27T11:46:58.106Z","timestamp":1782560818106,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.zq3388a.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 12:24:50 GMT","end":"Thu, 24 Sep 2026 12:24:49 GMT"},"fingerprint":{"sha1":"68:DB:D4:8E:4B:31:6A:42:13:9D:AE:29:A9:21:06:A3:DD:3B:52:63","sha256":"35:B4:E2:32:3F:D5:FF:18:E4:BC:1D:87:F6:06:E3:02:88:E8:98:C7:9C:07:11:64:C7:11:2F:E4:03:99:6D:D1"}}},"request":{"raw":"GET /zb_users/theme/erx_Forum/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1\r\nHost: zq3388a.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://zq3388a.com/zb_users/theme/erx_Forum/css/font-awesome.min.css?v=4.7\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 11:46:58 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 77160\r\nlast-modified: Fri, 26 Jun 2026 13:34:58 GMT\r\netag: \"6a3e8002-12d68\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":77160,"size_decoded":77601,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 77160, version 4.459","md5":"af7ae505a9eed503f8b8e6982036873e","sha1":"d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c","sha256":"2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe","sha512":"838fefdbc14901f41edf995a78fdac55764cd4912ccb734b8bea4909194582904d8f2afdf2b6c428667912ce4d65681a1044d045d1bc6de2b14113f0315fc892","ssdeep":"1536:/MkbAPfd1vyBKwHz4kco36ZvIaBfRPlajyXUA2jVTc:L0nXnHdfRVEAS2","tlshash":"7d7302e63b6c4943e03d6460708abe9f104b3ab42fe057e5c876db7f2722992b71552c","first_seen":"2023-04-05T03:30:47Z","last_seen":"2026-06-30T06:26:40.578274Z","times_seen":505314,"resource_available":false,"data":null}},"time_used":978,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":722,"receive":256,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"cryptoexchangebinancenigerialawsuit.lol/","fqdn":"cryptoexchangebinancenigerialawsuit.lol","domain":"cryptoexchangebinancenigerialawsuit.lol","tld":"lol"},"ip":{"addr":"186.243.119.104","port":80,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-27T11:46:54.854Z","timestamp":1782560814854,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: cryptoexchangebinancenigerialawsuit.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 27 Jun 2026 11:46:55 GMT\r\nContent-Type: text/html\r\nLast-Modified: Thu, 25 Jun 2026 09:39:04 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"6a3cf738-cd4\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3284,"size_decoded":1705,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"9381621c710110d8b6b5a94e5d316bad","sha1":"679e0c23d1ac5d12e56e1423c0933fe7b796c0de","sha256":"4cfae6ca963d634c76306a0987d6d0da3e5cecc89a5fe5397f3f7c796cf9f500","sha512":"daa6f610a59966ca29101f704bb6804c9c039cac9f062da103c893529b88e781bb05bcefef4f1e076a31f68877a75b50377a0f29f1b72c13152f0d9ca52f9609","ssdeep":"","tlshash":"2161c60726f0b226a293209157a6a3da56e8a617f30186b17afd005cdfc4c84cbfb1dd","first_seen":"2026-06-27T11:47:19.81316Z","last_seen":"2026-06-27T11:47:19.81316Z","times_seen":1,"resource_available":true,"data":null}},"time_used":489,"timings":{"blocked":-1,"dns":3,"connect":242,"send":0,"wait":243,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"cryptoexchangebinancenigerialawsuit.lol/tj.js","fqdn":"cryptoexchangebinancenigerialawsuit.lol","domain":"cryptoexchangebinancenigerialawsuit.lol","tld":"lol"},"ip":{"addr":"186.243.119.104","port":80,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://cryptoexchangebinancenigerialawsuit.lol/","date":"2026-06-27T11:46:55.464Z","timestamp":1782560815464,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /tj.js HTTP/1.1\r\nHost: cryptoexchangebinancenigerialawsuit.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://cryptoexchangebinancenigerialawsuit.lol/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 27 Jun 2026 11:46:55 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 484\r\nLast-Modified: Thu, 25 Jun 2026 02:29:07 GMT\r\nConnection: keep-alive\r\nETag: \"6a3c9273-1e4\"\r\nExpires: Sat, 27 Jun 2026 23:46:55 GMT\r\nCache-Control: max-age=43200\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":484,"size_decoded":798,"mime_type":"application/javascript","magic":"HTML document, ASCII text","md5":"b0520cd4f0780f4d394719ef27640310","sha1":"a9a00e29dec7d5e5cc4066576c56f26f888714e3","sha256":"d9f1b14e0b95f8434b7af4abb4d030060c38e75a0be1893af066df29b6247e1f","sha512":"55469248749513f3bfbb45b3d32cbef4019aa6d92329d63d6e06df190832d88c26ffafc24cae51ccb53334b3b3c4125512e482f0cb5a76f848bbd48c25a58d51","ssdeep":"","tlshash":"95f030e57b296a73136511607ebae7ec38f9f130ec737650009f18241194f8a9eccd42","first_seen":"2026-06-27T09:08:14.940861Z","last_seen":"2026-06-30T03:26:28.630869Z","times_seen":26,"resource_available":true,"data":null}},"time_used":484,"timings":{"blocked":-1,"dns":0,"connect":247,"send":0,"wait":243,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/a?id=G-KW9F2L44RD\u0026v=3\u0026t=t\u0026pid=1289895046\u0026gtm=45je66o1v9256505553za200zd9256505553\u0026cv=1\u0026rv=66o1\u0026tc=16\u0026tag_exp=115938466~115938469~119027224~119576891~119576895~119724321\u0026es=1\u0026e=gtag.config\u0026eid=11\u0026u=AAAAAAAAAAAAAIA\u0026h=Ag\u0026epr=1G.2G\u0026z=0","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://cryptoexchangebinancenigerialawsuit.lol/","date":"2026-06-27T11:46:56.408Z","timestamp":1782560816408,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:36:11 GMT","end":"Mon, 31 Aug 2026 08:36:10 GMT"},"fingerprint":{"sha1":"0B:C5:65:06:DD:0F:AB:EB:1E:E7:97:52:C4:27:4E:58:4A:36:E4:7C","sha256":"0E:AA:42:5A:CD:B0:51:92:3F:AE:F6:35:E6:BB:66:30:A9:D3:23:7B:B0:56:D8:00:C7:B7:6C:67:06:C4:33:73"}}},"request":{"raw":"GET /a?id=G-KW9F2L44RD\u0026v=3\u0026t=t\u0026pid=1289895046\u0026gtm=45je66o1v9256505553za200zd9256505553\u0026cv=1\u0026rv=66o1\u0026tc=16\u0026tag_exp=115938466~115938469~119027224~119576891~119576895~119724321\u0026es=1\u0026e=gtag.config\u0026eid=11\u0026u=AAAAAAAAAAAAAIA\u0026h=Ag\u0026epr=1G.2G\u0026z=0 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://cryptoexchangebinancenigerialawsuit.lol/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Sat, 27 Jun 2026 11:46:56 GMT\r\ncontent-type: text/html\r\nserver: Google Tag Manager\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":202,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T06:32:23.418387Z","times_seen":16848511,"resource_available":true,"data":null}},"time_used":87,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":87,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/a?id=G-KW9F2L44RD\u0026v=3\u0026t=t\u0026pid=1289895046\u0026gtm=45je66o1v9256505553za200zd9256505553\u0026cv=1\u0026rv=66o1\u0026tc=16\u0026tag_exp=115938466~115938469~119027224~119576891~119576895~119724321\u0026es=1\u0026e=gtm.dom\u0026eid=12\u0026u=AAAAAAAAAAAAAIA\u0026h=Ag\u0026z=0","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://cryptoexchangebinancenigerialawsuit.lol/","date":"2026-06-27T11:46:56.410Z","timestamp":1782560816410,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:36:11 GMT","end":"Mon, 31 Aug 2026 08:36:10 GMT"},"fingerprint":{"sha1":"0B:C5:65:06:DD:0F:AB:EB:1E:E7:97:52:C4:27:4E:58:4A:36:E4:7C","sha256":"0E:AA:42:5A:CD:B0:51:92:3F:AE:F6:35:E6:BB:66:30:A9:D3:23:7B:B0:56:D8:00:C7:B7:6C:67:06:C4:33:73"}}},"request":{"raw":"GET /a?id=G-KW9F2L44RD\u0026v=3\u0026t=t\u0026pid=1289895046\u0026gtm=45je66o1v9256505553za200zd9256505553\u0026cv=1\u0026rv=66o1\u0026tc=16\u0026tag_exp=115938466~115938469~119027224~119576891~119576895~119724321\u0026es=1\u0026e=gtm.dom\u0026eid=12\u0026u=AAAAAAAAAAAAAIA\u0026h=Ag\u0026z=0 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://cryptoexchangebinancenigerialawsuit.lol/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Sat, 27 Jun 2026 11:46:56 GMT\r\ncontent-type: text/html\r\nserver: Google Tag Manager\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":202,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T06:32:23.418387Z","times_seen":16848511,"resource_available":true,"data":null}},"time_used":92,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":92,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zq3388a.com/zb_users/theme/erx_Forum/style/default.css?v=2.6.2","fqdn":"zq3388a.com","domain":"zq3388a.com","tld":"com"},"ip":{"addr":"157.119.95.5","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://zq3388a.com/","date":"2026-06-27T11:46:56.929Z","timestamp":1782560816929,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.zq3388a.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 12:24:50 GMT","end":"Thu, 24 Sep 2026 12:24:49 GMT"},"fingerprint":{"sha1":"68:DB:D4:8E:4B:31:6A:42:13:9D:AE:29:A9:21:06:A3:DD:3B:52:63","sha256":"35:B4:E2:32:3F:D5:FF:18:E4:BC:1D:87:F6:06:E3:02:88:E8:98:C7:9C:07:11:64:C7:11:2F:E4:03:99:6D:D1"}}},"request":{"raw":"GET /zb_users/theme/erx_Forum/style/default.css?v=2.6.2 HTTP/1.1\r\nHost: zq3388a.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://zq3388a.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 11:46:57 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 26 Jun 2026 13:34:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a3e8002-9d5f\"\r\nexpires: Sat, 27 Jun 2026 23:46:57 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":40287,"size_decoded":9412,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (325), with CRLF line terminators","md5":"e5079fd2f0f47582ff140d2dd6cbdf39","sha1":"b666d81711dcb543b69bfce132eb50d37e562d17","sha256":"6a566ea6525ce1dbd56ea56f2d0673e3541817b0854286f0da7f6366e2a8ff2f","sha512":"cc6a4606c6ec1554be9660496504c6068e3b0fd2c3cbd0862fa6d81afa35113ce138b9e3082f36ce89781d274500a74fb84466cbb9c8adeaa52c3107444013bf","ssdeep":"384:eiQyGknfEw1QOaRnG8LON+XoETwovQErwkCEevNyRiiwOZkC0EDNJjjI5hKlQtA:pQWff+4ETjptPZwOZkTEvYeSW","tlshash":"710394216584156ca23be267fae39bce3d2fa066d0633af9f055355cc68a09f3771b04","first_seen":"2025-11-23T15:31:40.478981Z","last_seen":"2026-06-30T03:40:16.481126Z","times_seen":84,"resource_available":false,"data":null}},"time_used":255,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":255,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zq3388a.com/zb_users/theme/erx_Forum/images/erxtop.jpg","fqdn":"zq3388a.com","domain":"zq3388a.com","tld":"com"},"ip":{"addr":"157.119.95.5","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zq3388a.com/","date":"2026-06-27T11:46:58.079Z","timestamp":1782560818079,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.zq3388a.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 12:24:50 GMT","end":"Thu, 24 Sep 2026 12:24:49 GMT"},"fingerprint":{"sha1":"68:DB:D4:8E:4B:31:6A:42:13:9D:AE:29:A9:21:06:A3:DD:3B:52:63","sha256":"35:B4:E2:32:3F:D5:FF:18:E4:BC:1D:87:F6:06:E3:02:88:E8:98:C7:9C:07:11:64:C7:11:2F:E4:03:99:6D:D1"}}},"request":{"raw":"GET /zb_users/theme/erx_Forum/images/erxtop.jpg HTTP/1.1\r\nHost: zq3388a.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://zq3388a.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 11:46:58 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Fri, 26 Jun 2026 13:34:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a3e8002-966e\"\r\nexpires: Mon, 27 Jul 2026 11:46:58 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":38510,"size_decoded":27335,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=580, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=1920], progressive, precision 8, 1280x200, components 3","md5":"03a5a3e75aa9c27ae1681cc2e1d25934","sha1":"d7effc4bba4128745ffa6b4049b25096426d97df","sha256":"b2041da82c25494ae2a361e464f5a7e0ff8e5a292b4a7a47d3f3e7aa74604c30","sha512":"72b5e16ddd6fbd08e186be8e4bb0a8db923add176b90961518b95b26b8fe328ff13d53cc0b0c8c509c5445479984cf074f6e6d1b787bcf9fd50d241cda73203c","ssdeep":"768:8YyZPuYyRIEgq6mTIa9i8cEMb6U9HyF2CZo:88aEtpIa9nc+En","tlshash":"f9039e35eb538e12ebdd1339ea9ad7926312fb5cd3a32252358c679037e06c08d1d35a","first_seen":"2025-11-23T15:31:40.467797Z","last_seen":"2026-06-30T03:40:16.491442Z","times_seen":57,"resource_available":false,"data":null}},"time_used":748,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":748,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"cryptoexchangebinancenigerialawsuit.lol/ad.js","fqdn":"cryptoexchangebinancenigerialawsuit.lol","domain":"cryptoexchangebinancenigerialawsuit.lol","tld":"lol"},"ip":{"addr":"186.243.119.104","port":80,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://cryptoexchangebinancenigerialawsuit.lol/","date":"2026-06-27T11:46:55.461Z","timestamp":1782560815461,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /ad.js HTTP/1.1\r\nHost: cryptoexchangebinancenigerialawsuit.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://cryptoexchangebinancenigerialawsuit.lol/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 27 Jun 2026 11:46:55 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 27 Jun 2026 05:29:54 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"6a3f5fd2-5a4\"\r\nExpires: Sat, 27 Jun 2026 23:46:55 GMT\r\nCache-Control: max-age=43200\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1444,"size_decoded":873,"mime_type":"application/javascript","magic":"HTML document, ASCII text","md5":"c465199b27b76bfa2a4a9af378728f2e","sha1":"f46263d726e024817f8601005d0b381d5b9ed8e3","sha256":"5227d7f6426fbbc9e84068fe74441d7dc6e0630abf1ef73af4bcb4e666aadf59","sha512":"8cbfc5c079d59910886e02e584bdf1647ed7d0444d48d67ee5c0a2c39da378d5b9cab2004a8c850ddcac19d6e2279016744ef9d93030a405394500f1f53c13a4","ssdeep":"","tlshash":"f231c8714167b43c52308034f464caa82afdd138ffbb9b2549af3c9844cca880caedd8","first_seen":"2026-06-27T09:08:14.931336Z","last_seen":"2026-06-30T03:26:28.629499Z","times_seen":27,"resource_available":true,"data":null}},"time_used":243,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":243,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"cryptoexchangebinancenigerialawsuit.lol/favicon.png","fqdn":"cryptoexchangebinancenigerialawsuit.lol","domain":"cryptoexchangebinancenigerialawsuit.lol","tld":"lol"},"ip":{"addr":"186.243.119.104","port":80,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://cryptoexchangebinancenigerialawsuit.lol/","date":"2026-06-27T11:46:56.366Z","timestamp":1782560816366,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.png HTTP/1.1\r\nHost: cryptoexchangebinancenigerialawsuit.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://cryptoexchangebinancenigerialawsuit.lol/\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 27 Jun 2026 11:46:56 GMT\r\nContent-Type: image/png\r\nLast-Modified: Thu, 25 Jun 2026 02:28:54 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"6a3c9266-c0d\"\r\nExpires: Mon, 27 Jul 2026 11:46:56 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3085,"size_decoded":3450,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit colormap, non-interlaced","md5":"6aa16747474e7729e73a841731b1b777","sha1":"bdbd5d7d7a5f1fe254f39d158607109212e97a6b","sha256":"e0ab0a4ea8bbcc87536ae9c4356df9d96a1009ae9ae14ae1f56b5a4bef0d8767","sha512":"9ca33469731892fcbf87a3d59a826b019b5f892fe3681f7c86ca718f6d8408a92b9c1da5675737f4f02a935418fee825f1205acf949259b2ab76bd41f9ece3ee","ssdeep":"","tlshash":"6f513ce7e4ecc1b5caceca6713670402fe0066cb35d1b1486bf99b148759457f2c978a","first_seen":"2026-06-27T09:08:14.949482Z","last_seen":"2026-06-28T06:08:39.118754Z","times_seen":7,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":243,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zq3388a.com/zb_users/plugin/UEditor/third-party/prism/prism.css","fqdn":"zq3388a.com","domain":"zq3388a.com","tld":"com"},"ip":{"addr":"157.119.95.5","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://zq3388a.com/","date":"2026-06-27T11:46:57.737Z","timestamp":1782560817737,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.zq3388a.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 12:24:50 GMT","end":"Thu, 24 Sep 2026 12:24:49 GMT"},"fingerprint":{"sha1":"68:DB:D4:8E:4B:31:6A:42:13:9D:AE:29:A9:21:06:A3:DD:3B:52:63","sha256":"35:B4:E2:32:3F:D5:FF:18:E4:BC:1D:87:F6:06:E3:02:88:E8:98:C7:9C:07:11:64:C7:11:2F:E4:03:99:6D:D1"}}},"request":{"raw":"GET /zb_users/plugin/UEditor/third-party/prism/prism.css HTTP/1.1\r\nHost: zq3388a.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://zq3388a.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 11:46:57 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 11 Jul 2023 23:18:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"64ade32a-1039\"\r\nexpires: Sat, 27 Jun 2026 23:46:57 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4153,"size_decoded":1960,"mime_type":"text/css","magic":"ASCII text, with very long lines (446), with CRLF line terminators","md5":"b723c2f958f530879d534e05628b401a","sha1":"2a7ba0076d94322373e6033e8e7d414c77b11592","sha256":"e82e0b58f5c11f55f08603ea35e2aa7612d4e5986e5cb6bc2d4c53e3c1c9c149","sha512":"f5537e2e51c8e8c210a639646fad3230e2180e5c5ad2597115b24d1253e73981469a2d3155e28b8ba38e77776fc6933a2ba45d0e9f00fd5876d7264f7d6e46fb","ssdeep":"96:FJpT8IVUVLK5oSXX1V1VIHvtVtVQnVAf5rVKHVlVaBkBABvBUBQBBOB9BlBWBnBb:B8dLK5oSXXzzIHvLLQVy5xK1DiQcpgQ5","tlshash":"958110219d7b159d30076a67e8f1b0243816aa19c993267cbf30d2909f43fdeebb3519","first_seen":"2023-04-08T15:33:58Z","last_seen":"2026-06-30T05:57:06.234366Z","times_seen":1807,"resource_available":false,"data":null}},"time_used":254,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":254,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-KW9F2L44RD","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://cryptoexchangebinancenigerialawsuit.lol/","date":"2026-06-27T11:46:55.981Z","timestamp":1782560815981,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:36:11 GMT","end":"Mon, 31 Aug 2026 08:36:10 GMT"},"fingerprint":{"sha1":"0B:C5:65:06:DD:0F:AB:EB:1E:E7:97:52:C4:27:4E:58:4A:36:E4:7C","sha256":"0E:AA:42:5A:CD:B0:51:92:3F:AE:F6:35:E6:BB:66:30:A9:D3:23:7B:B0:56:D8:00:C7:B7:6C:67:06:C4:33:73"}}},"request":{"raw":"GET /gtag/js?id=G-KW9F2L44RD HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://cryptoexchangebinancenigerialawsuit.lol/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: zstd\r\nvary: Accept-Encoding\r\ndate: Sat, 27 Jun 2026 11:46:56 GMT\r\nexpires: Sat, 27 Jun 2026 11:46:56 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 163451\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":481423,"size_decoded":164055,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6033)","md5":"fa29e7b089191b542996a316bb519049","sha1":"5119e5ab42f6e73ae7d1e826db00dc482fb35861","sha256":"89d36eaedc9b690b1e098c8529bb3db8e341a0789792c600cb32eaf4dec4829f","sha512":"bc5dbf28400f8884507ce96436e4f73486abb8b81fb083c18ad1c4c0576057140e1c9ffc64a7e722f31f3eef1837a982c90237e436860e7ffabdc98597ceabc4","ssdeep":"6144:PIgwrmk0EUmKtdNjyXkVCva/h/ge1CWMHub0rYxUOgcshQAGYo:PnwemkYvfxruURGX","tlshash":"cba4e9cdb3d674625396f478903f018ba57b28a2b44cc899f189cce42e7465a8277f7c","first_seen":"2026-06-27T11:47:19.818747Z","last_seen":"2026-06-27T11:47:19.818747Z","times_seen":1,"resource_available":true,"data":null}},"time_used":249,"timings":{"blocked":-1,"dns":2,"connect":30,"send":0,"wait":71,"receive":96,"ssl":50},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zq3388a.com/zb_system/script/c_html_js_add.php","fqdn":"zq3388a.com","domain":"zq3388a.com","tld":"com"},"ip":{"addr":"157.119.95.5","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://zq3388a.com/","date":"2026-06-27T11:46:56.936Z","timestamp":1782560816936,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.zq3388a.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 12:24:50 GMT","end":"Thu, 24 Sep 2026 12:24:49 GMT"},"fingerprint":{"sha1":"68:DB:D4:8E:4B:31:6A:42:13:9D:AE:29:A9:21:06:A3:DD:3B:52:63","sha256":"35:B4:E2:32:3F:D5:FF:18:E4:BC:1D:87:F6:06:E3:02:88:E8:98:C7:9C:07:11:64:C7:11:2F:E4:03:99:6D:D1"}}},"request":{"raw":"GET /zb_system/script/c_html_js_add.php HTTP/1.1\r\nHost: zq3388a.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://zq3388a.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 11:46:57 GMT\r\ncontent-type: application/x-javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nproduct: Z-BlogPHP 1.7.5\r\netag: W/d86596af730ea444918fe5e959d64564\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4550,"size_decoded":2232,"mime_type":"application/x-javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1256), with CRLF line terminators","md5":"d86596af730ea444918fe5e959d64564","sha1":"413bf2b1d55471b95e8261091a768be4bc39dcbe","sha256":"15030c5f2b1d3ec10421cf54df8de5164f18b714d0592826d3c85025250ec7e5","sha512":"5efc53b1683907e01e038922255430bfb0dcd543858e8ccea6b04bd2194ef6efed774ebe68c1995f6ba58385fc9ceb3c1e15d6042ee336881e4051cbdc21eb74","ssdeep":"96:6EY06qZuiMRd1BhXJnbZ2THKkuiMMKDg8E:6Nvf1BhXJnNAHMiMNDLE","tlshash":"3a91b855595a11b6243723bbc8af5504fea212ab4014cc16fdbc50a42f75f849163fbe","first_seen":"2026-06-27T09:08:14.937647Z","last_seen":"2026-06-30T03:26:28.635017Z","times_seen":27,"resource_available":true,"data":null}},"time_used":753,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":753,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cryptoexchangebinancenigerialawsuit.lol/","fqdn":"cryptoexchangebinancenigerialawsuit.lol","domain":"cryptoexchangebinancenigerialawsuit.lol","tld":"lol"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-27T11:46:52.952Z","timestamp":1782560812952,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: cryptoexchangebinancenigerialawsuit.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T06:32:23.418387Z","times_seen":16848511,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zq3388a.com/1xbet.gif","fqdn":"zq3388a.com","domain":"zq3388a.com","tld":"com"},"ip":{"addr":"157.119.95.5","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zq3388a.com/","date":"2026-06-27T11:46:58.071Z","timestamp":1782560818071,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.zq3388a.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 12:24:50 GMT","end":"Thu, 24 Sep 2026 12:24:49 GMT"},"fingerprint":{"sha1":"68:DB:D4:8E:4B:31:6A:42:13:9D:AE:29:A9:21:06:A3:DD:3B:52:63","sha256":"35:B4:E2:32:3F:D5:FF:18:E4:BC:1D:87:F6:06:E3:02:88:E8:98:C7:9C:07:11:64:C7:11:2F:E4:03:99:6D:D1"}}},"request":{"raw":"GET /1xbet.gif HTTP/1.1\r\nHost: zq3388a.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://zq3388a.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 11:46:58 GMT\r\ncontent-type: image/gif\r\nlast-modified: Sat, 27 Jun 2026 05:19:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a3f5d48-270a71\"\r\nexpires: Mon, 27 Jul 2026 11:46:58 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T06:32:23.418387Z","times_seen":16848511,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"cryptoexchangebinancenigerialawsuit.lol/1.png","fqdn":"cryptoexchangebinancenigerialawsuit.lol","domain":"cryptoexchangebinancenigerialawsuit.lol","tld":"lol"},"ip":{"addr":"186.243.119.104","port":80,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://cryptoexchangebinancenigerialawsuit.lol/","date":"2026-06-27T11:46:55.472Z","timestamp":1782560815472,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /1.png HTTP/1.1\r\nHost: cryptoexchangebinancenigerialawsuit.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://cryptoexchangebinancenigerialawsuit.lol/\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 27 Jun 2026 11:46:55 GMT\r\nContent-Type: image/png\r\nLast-Modified: Thu, 25 Jun 2026 02:28:44 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"6a3c925c-85a83\"\r\nExpires: Mon, 27 Jul 2026 11:46:55 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":547459,"size_decoded":547920,"mime_type":"image/png","magic":"PNG image data, 544 x 544, 8-bit/color RGBA, non-interlaced","md5":"cb50809c3160749bffa7955ba97edf40","sha1":"f90d5ebdabe1edc9f86078371b8df5448b7fe232","sha256":"91a46fcec9d543e4bdc158c7f7d7d6a851c2672b0de6f0ccfa8e14119cfe1886","sha512":"30ac0f9604a70c9043517b2d50e5868f3575b6d5b93c415d3e20185823ed6acb537c5423517ad56cc89bc782c665a3d5699002556065b6ac63ce2c4a8844d493","ssdeep":"12288:Hev5knH7YPNjxgsk/V1xmoQQvkXOhmT5aiPWQqYyGL:+hEYPNjZ+V1xmobYGmQiPWkyg","tlshash":"abc423f065f4698da9c86bb08c405f481d579392c33a3def1900b2499d7e4ea6bf87b4","first_seen":"2026-03-22T06:52:27.247094Z","last_seen":"2026-06-30T03:40:16.492171Z","times_seen":109,"resource_available":false,"data":null}},"time_used":1716,"timings":{"blocked":-1,"dns":0,"connect":244,"send":0,"wait":247,"receive":1230,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zq3388a.com/zb_system/script/jquery-latest.min.js","fqdn":"zq3388a.com","domain":"zq3388a.com","tld":"com"},"ip":{"addr":"157.119.95.5","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://zq3388a.com/","date":"2026-06-27T11:46:56.932Z","timestamp":1782560816932,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.zq3388a.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 12:24:50 GMT","end":"Thu, 24 Sep 2026 12:24:49 GMT"},"fingerprint":{"sha1":"68:DB:D4:8E:4B:31:6A:42:13:9D:AE:29:A9:21:06:A3:DD:3B:52:63","sha256":"35:B4:E2:32:3F:D5:FF:18:E4:BC:1D:87:F6:06:E3:02:88:E8:98:C7:9C:07:11:64:C7:11:2F:E4:03:99:6D:D1"}}},"request":{"raw":"GET /zb_system/script/jquery-latest.min.js HTTP/1.1\r\nHost: zq3388a.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://zq3388a.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 11:46:57 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 03 Sep 2023 10:04:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"64f45a34-155ef\"\r\nexpires: Sat, 27 Jun 2026 23:46:57 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":87535,"size_decoded":31162,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65446), with CRLF line terminators","md5":"c9a1b0aa0167c8a4df724d18d06814a8","sha1":"f3f468ccf735476c87e3b49e274eb3752a884607","sha256":"7aa6b0e08f48a0f95d8df7ea89e4cbfe1ef3d1e8c0f7373f7f25edfb4e4a325e","sha512":"05352a89084c3b747c375eea2107b9b3c660ffb5989d48f10ee30e4acf917db21fa7ce56f9b385de0fcfd0873c4c4e9d96c48f2f38e26d5cd5dd28ed792c3e06","ssdeep":"1536:3RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:vHNwcv9VBQpLl88SMBQ47GKO","tlshash":"3783f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-10-05T13:52:49Z","last_seen":"2026-06-30T06:01:44.162874Z","times_seen":6426,"resource_available":true,"data":null}},"time_used":505,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":505,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/a?id=G-KW9F2L44RD\u0026v=3\u0026t=t\u0026pid=1289895046\u0026gtm=45je66o1v9256505553za200zd9256505553\u0026cv=1\u0026rv=66o1\u0026tc=16\u0026tag_exp=115938466~115938469~119027224~119576891~119576895~119724321\u0026e=gtm.init\u0026eid=2\u0026u=AAAAAAAAAAAAAIA\u0026h=Ag\u0026tr=5ogtautoevents.5ogt1pdatav2.5ccdgafirst.5setproductsettings.5ccdgaregscope.5ccdemdownload.5ccdemform.5ccdemoutboundclick.5ccdempageview\u0026ti=2ogtautoevents.2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ccdgaregscope.2ccdemdownload.2ccdemform.2ccdemoutboundclick.2ccdempageview\u0026z=0","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://cryptoexchangebinancenigerialawsuit.lol/","date":"2026-06-27T11:46:56.413Z","timestamp":1782560816413,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:36:11 GMT","end":"Mon, 31 Aug 2026 08:36:10 GMT"},"fingerprint":{"sha1":"0B:C5:65:06:DD:0F:AB:EB:1E:E7:97:52:C4:27:4E:58:4A:36:E4:7C","sha256":"0E:AA:42:5A:CD:B0:51:92:3F:AE:F6:35:E6:BB:66:30:A9:D3:23:7B:B0:56:D8:00:C7:B7:6C:67:06:C4:33:73"}}},"request":{"raw":"GET /a?id=G-KW9F2L44RD\u0026v=3\u0026t=t\u0026pid=1289895046\u0026gtm=45je66o1v9256505553za200zd9256505553\u0026cv=1\u0026rv=66o1\u0026tc=16\u0026tag_exp=115938466~115938469~119027224~119576891~119576895~119724321\u0026e=gtm.init\u0026eid=2\u0026u=AAAAAAAAAAAAAIA\u0026h=Ag\u0026tr=5ogtautoevents.5ogt1pdatav2.5ccdgafirst.5setproductsettings.5ccdgaregscope.5ccdemdownload.5ccdemform.5ccdemoutboundclick.5ccdempageview\u0026ti=2ogtautoevents.2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ccdgaregscope.2ccdemdownload.2ccdemform.2ccdemoutboundclick.2ccdempageview\u0026z=0 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://cryptoexchangebinancenigerialawsuit.lol/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Sat, 27 Jun 2026 11:46:56 GMT\r\ncontent-type: text/html\r\nserver: Google Tag Manager\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":202,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T06:32:23.418387Z","times_seen":16848511,"resource_available":true,"data":null}},"time_used":88,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":88,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zq3388a.com/zb_users/theme/erx_Forum/css/font-awesome.min.css?v=4.7","fqdn":"zq3388a.com","domain":"zq3388a.com","tld":"com"},"ip":{"addr":"157.119.95.5","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://zq3388a.com/","date":"2026-06-27T11:46:56.930Z","timestamp":1782560816930,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.zq3388a.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 12:24:50 GMT","end":"Thu, 24 Sep 2026 12:24:49 GMT"},"fingerprint":{"sha1":"68:DB:D4:8E:4B:31:6A:42:13:9D:AE:29:A9:21:06:A3:DD:3B:52:63","sha256":"35:B4:E2:32:3F:D5:FF:18:E4:BC:1D:87:F6:06:E3:02:88:E8:98:C7:9C:07:11:64:C7:11:2F:E4:03:99:6D:D1"}}},"request":{"raw":"GET /zb_users/theme/erx_Forum/css/font-awesome.min.css?v=4.7 HTTP/1.1\r\nHost: zq3388a.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://zq3388a.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 11:46:57 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 26 Jun 2026 13:34:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a3e8002-7884\"\r\nexpires: Sat, 27 Jun 2026 23:46:57 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":30852,"size_decoded":7586,"mime_type":"text/css","magic":"ASCII text, with very long lines (30689)","md5":"e5f60d21389eba986452727f6b9a1258","sha1":"864a8a81345152030d1e5eb4ae116a342b9a9b41","sha256":"1466ab8573c328ba5c1be4334d3e1a9b9c4c688f67eac8fdcac8d1658048270f","sha512":"88b18cfc26e930e91e8140c4ff5881fee61a7ee91e8301646e31ab5e6e8b66bf8940d66a5dc9564a8f3123cf288a952c35215c744dd49f447480970242d43163","ssdeep":"384:Fu5yWeTUKW+KlkJ5de2UYDyVfwYUas2l8yQ/8dwmaU8G:elr+Klk3Yi+fwYUf2l8yQ/e9vf","tlshash":"59d241e8e54c01d66731c48bff81b36862b6fb3dd5854ca9f01f290c29d22a512c5fba","first_seen":"2025-11-23T15:31:40.471109Z","last_seen":"2026-06-30T03:40:16.467282Z","times_seen":89,"resource_available":false,"data":null}},"time_used":506,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":506,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zq3388a.com/zb_system/script/zblogphp.js","fqdn":"zq3388a.com","domain":"zq3388a.com","tld":"com"},"ip":{"addr":"157.119.95.5","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://zq3388a.com/","date":"2026-06-27T11:46:56.935Z","timestamp":1782560816935,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.zq3388a.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 12:24:50 GMT","end":"Thu, 24 Sep 2026 12:24:49 GMT"},"fingerprint":{"sha1":"68:DB:D4:8E:4B:31:6A:42:13:9D:AE:29:A9:21:06:A3:DD:3B:52:63","sha256":"35:B4:E2:32:3F:D5:FF:18:E4:BC:1D:87:F6:06:E3:02:88:E8:98:C7:9C:07:11:64:C7:11:2F:E4:03:99:6D:D1"}}},"request":{"raw":"GET /zb_system/script/zblogphp.js HTTP/1.1\r\nHost: zq3388a.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://zq3388a.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 11:46:57 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 30 Sep 2021 05:48:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61554fb2-1c24\"\r\nexpires: Sat, 27 Jun 2026 23:46:57 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7204,"size_decoded":2862,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (7204), with no line terminators","md5":"5e8d86eb2c5abc94804fd6176a35b281","sha1":"921d2cc4615a58a094ddbcc6366437a94508fc5f","sha256":"11b10a45b9fc3622b9a8eaf5181e0bd403af74ecfbbc9541cdce396a8e47b332","sha512":"6504e48f68d98800228db18dc63711b216c299dad8d95e57d0f014c18a24a2ffbc62f6cfe98f5d0152d06da577efb550c20bc947c08101ea3c94d659f572ea17","ssdeep":"192:msL4JVH9jIULy46KgHlQGwH0Dx5qjplLO:m/jIUkHlQGwH0Kt9O","tlshash":"2fe1315cf5c476a103ab30b4088f028a64fb17ae6011d998d264e4e46fbdf8b5623f3c","first_seen":"2023-03-07T23:31:01Z","last_seen":"2026-06-30T05:57:06.215864Z","times_seen":2324,"resource_available":true,"data":null}},"time_used":754,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":754,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zq3388a.com/zb_users/theme/erx_Forum/script/custom.js?v=2.6.2","fqdn":"zq3388a.com","domain":"zq3388a.com","tld":"com"},"ip":{"addr":"157.119.95.5","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://zq3388a.com/","date":"2026-06-27T11:46:56.939Z","timestamp":1782560816939,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.zq3388a.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 12:24:50 GMT","end":"Thu, 24 Sep 2026 12:24:49 GMT"},"fingerprint":{"sha1":"68:DB:D4:8E:4B:31:6A:42:13:9D:AE:29:A9:21:06:A3:DD:3B:52:63","sha256":"35:B4:E2:32:3F:D5:FF:18:E4:BC:1D:87:F6:06:E3:02:88:E8:98:C7:9C:07:11:64:C7:11:2F:E4:03:99:6D:D1"}}},"request":{"raw":"GET /zb_users/theme/erx_Forum/script/custom.js?v=2.6.2 HTTP/1.1\r\nHost: zq3388a.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://zq3388a.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 11:46:57 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 26 Jun 2026 13:34:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a3e8002-4e3b\"\r\nexpires: Sat, 27 Jun 2026 23:46:57 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":20027,"size_decoded":6713,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (326), with CRLF line terminators","md5":"eaf8f776e9b36d282289b3c23a5d2497","sha1":"4795ca0182cdb551353bc7649106196dcd44119a","sha256":"c7dbab205e55184ab08503362a441d34268a40fa5c8ef8dc608dba244baf96cd","sha512":"ad45ea24b67a718bf11db0ab21f1800ef37a879b482c66fe141adeba20d7300b549a55b71ffe0c02e7941fde7e4c99f0d0ea1387ff854d470a309dcac99075ed","ssdeep":"384:PDM9zAt0m8/Q+IDxqfmrz4vaJA+AEs7FlFqFknuvlyAH:PDM5At05INcfmxP+/mPyAH","tlshash":"d392830efa4d4b6e82f63365113ea840ed7dd93b850595a2fcac10603f7cf985366e68","first_seen":"2025-11-23T15:31:40.472667Z","last_seen":"2026-06-30T03:40:16.470511Z","times_seen":87,"resource_available":true,"data":null}},"time_used":749,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":749,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zq3388a.com/zb_users/theme/erx_Forum/images/avatar/u5.jpg","fqdn":"zq3388a.com","domain":"zq3388a.com","tld":"com"},"ip":{"addr":"157.119.95.5","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zq3388a.com/","date":"2026-06-27T11:46:56.946Z","timestamp":1782560816946,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.zq3388a.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 12:24:50 GMT","end":"Thu, 24 Sep 2026 12:24:49 GMT"},"fingerprint":{"sha1":"68:DB:D4:8E:4B:31:6A:42:13:9D:AE:29:A9:21:06:A3:DD:3B:52:63","sha256":"35:B4:E2:32:3F:D5:FF:18:E4:BC:1D:87:F6:06:E3:02:88:E8:98:C7:9C:07:11:64:C7:11:2F:E4:03:99:6D:D1"}}},"request":{"raw":"GET /zb_users/theme/erx_Forum/images/avatar/u5.jpg HTTP/1.1\r\nHost: zq3388a.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://zq3388a.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 11:46:57 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Fri, 26 Jun 2026 13:34:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a3e8002-4c1\"\r\nexpires: Mon, 27 Jul 2026 11:46:57 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1217,"size_decoded":1711,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3","md5":"2d5d352c10af5e761de37a7cd98d2230","sha1":"13f98324acea725231855002edf6b5eb538c3a5a","sha256":"8a26abdac8bc9c928a8769919a0a1da38f135133c5014056c039fda4e492796e","sha512":"97d8c8796c39ef3ce66cd8a5fce8d003802a386a01ed39194fc80df9db2a83c76434acfc7ff083999fb30bd5bb7f47f00840c986778c2a173885eb10ef65cfd5","ssdeep":"","tlshash":"602196165627c553fb400f742b833b3786a7070fd59d5b34228728b069e8eb03d17160","first_seen":"2026-06-27T11:47:19.823147Z","last_seen":"2026-06-29T01:38:13.721753Z","times_seen":2,"resource_available":false,"data":null}},"time_used":743,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":743,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zq3388a.com/zb_users/plugin/UEditor/third-party/prism/prism.js","fqdn":"zq3388a.com","domain":"zq3388a.com","tld":"com"},"ip":{"addr":"157.119.95.5","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://zq3388a.com/","date":"2026-06-27T11:46:57.735Z","timestamp":1782560817735,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.zq3388a.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 12:24:50 GMT","end":"Thu, 24 Sep 2026 12:24:49 GMT"},"fingerprint":{"sha1":"68:DB:D4:8E:4B:31:6A:42:13:9D:AE:29:A9:21:06:A3:DD:3B:52:63","sha256":"35:B4:E2:32:3F:D5:FF:18:E4:BC:1D:87:F6:06:E3:02:88:E8:98:C7:9C:07:11:64:C7:11:2F:E4:03:99:6D:D1"}}},"request":{"raw":"GET /zb_users/plugin/UEditor/third-party/prism/prism.js HTTP/1.1\r\nHost: zq3388a.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://zq3388a.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 11:46:57 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 11 Jul 2023 23:18:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"64ade32a-eecb\"\r\nexpires: Sat, 27 Jun 2026 23:46:57 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":61131,"size_decoded":23456,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4799), with CRLF line terminators","md5":"436e8870ba117885ef700bbeaf798ba6","sha1":"7b242c9b1698d8cf69310101c64535c442b97949","sha256":"5867cef615756cb75b523c11e29d88f770ddb40fd51bc39cd60e3ba86d004fdc","sha512":"bd5f55dcdeb34fa64f49cc8badbe57a68cf0b2aa9d2799e31e998a44018352ee8d2326800975c914eb951069bf7024e9197aefa08e1a16e0c038aae1bf8acd71","ssdeep":"768:m5Y2fNvMbzlD2nW6uY45AHdw7UECX3b1ivdpMOxkKda2U6PDFDnNLDSAkvZrE/Jk:IYKEvN2W6uY4EwV1l42vd3gZAccRRx78","tlshash":"de535cbc5eb73d010ac7e1a6f8a29500e9221975d929791bf7e8d648c0f390742d3b6f","first_seen":"2023-03-07T12:24:55Z","last_seen":"2026-06-30T05:57:06.242432Z","times_seen":1898,"resource_available":true,"data":null}},"time_used":256,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":256,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zq3388a.com/Stake.jpg","fqdn":"zq3388a.com","domain":"zq3388a.com","tld":"com"},"ip":{"addr":"157.119.95.5","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zq3388a.com/","date":"2026-06-27T11:46:58.069Z","timestamp":1782560818069,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.zq3388a.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 12:24:50 GMT","end":"Thu, 24 Sep 2026 12:24:49 GMT"},"fingerprint":{"sha1":"68:DB:D4:8E:4B:31:6A:42:13:9D:AE:29:A9:21:06:A3:DD:3B:52:63","sha256":"35:B4:E2:32:3F:D5:FF:18:E4:BC:1D:87:F6:06:E3:02:88:E8:98:C7:9C:07:11:64:C7:11:2F:E4:03:99:6D:D1"}}},"request":{"raw":"GET /Stake.jpg HTTP/1.1\r\nHost: zq3388a.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://zq3388a.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 11:46:58 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sat, 27 Jun 2026 04:47:53 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a3f55f9-d15a\"\r\nexpires: Mon, 27 Jul 2026 11:46:58 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":53594,"size_decoded":51230,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 970x90, components 3","md5":"d03b67f343047846c938152f40d97ff1","sha1":"289464ad43998110fd021bd7af3bbe290f1dffae","sha256":"76e40da55fb97c5ffeedee8a3ba599e8fceb75803101121626bcf6e192420dba","sha512":"66e34596d332d38a71e67dd39b36151b356c1126af33d86b208077a6102851599959c44baf9e7cf6b53a07761e2e52754944285fc05d9064680009616df36274","ssdeep":"1536:MADDFcvQKF8eSVrK+27okC+LfOXBYkulwvVWIi3LJtcDN:rJcvQKFtkK+27d7OXBYkulwtWZ3MJ","tlshash":"8c33e0eea8af5d02ff8442f045fcb69c81ba175befab846d32d535702bc8056b40491b","first_seen":"2026-06-19T06:44:14.604018Z","last_seen":"2026-06-30T03:26:28.649912Z","times_seen":16,"resource_available":false,"data":null}},"time_used":255,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":255,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zq3388a.com/","fqdn":"zq3388a.com","domain":"zq3388a.com","tld":"com"},"ip":{"addr":"157.119.95.5","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"http://cryptoexchangebinancenigerialawsuit.lol/","date":"2026-06-27T11:46:55.974Z","timestamp":1782560815974,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.zq3388a.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 12:24:50 GMT","end":"Thu, 24 Sep 2026 12:24:49 GMT"},"fingerprint":{"sha1":"68:DB:D4:8E:4B:31:6A:42:13:9D:AE:29:A9:21:06:A3:DD:3B:52:63","sha256":"35:B4:E2:32:3F:D5:FF:18:E4:BC:1D:87:F6:06:E3:02:88:E8:98:C7:9C:07:11:64:C7:11:2F:E4:03:99:6D:D1"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: zq3388a.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://cryptoexchangebinancenigerialawsuit.lol/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 11:46:56 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nproduct: Z-BlogPHP 1.7.5\r\nx-xss-protection: 1; mode=block\r\nupgrade-insecure-requests: 1\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4392,"size_decoded":2033,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (305), with CRLF, CR, LF line terminators","md5":"d97d5baf9b5db771edf59ac990d6cd02","sha1":"539eb440727b0e74117b23e11f8fef9d06b4fac0","sha256":"19315be79f9f556d1fa5d52680617f15fd0fdf98fb9c9bd1958e7989c28068af","sha512":"9d66e8f8d6efcdb0264b8212147dd6732c9733a5a2b6b71e3d981c7c81d134635662ab1c1901440bd6bbfd6f494ae498a8d6f20b3621773ee8a569b6c959c793","ssdeep":"48:9H3CVmJhHYKn6BjpZ39e5ipe3NCiV3TiPuTDpms5dTS1xH5wCZZyZigA9Y11fAcZ:9bh4KnujmiFnPux/dTS1xuogr1xBQb56","tlshash":"6d91323358c9043721a3a6c661b1bf1dade2b62bc9578809b5fc12d54fcdec9ac03a55","first_seen":"2026-06-27T11:47:19.824949Z","last_seen":"2026-06-27T11:47:19.824949Z","times_seen":1,"resource_available":false,"data":null}},"time_used":869,"timings":{"blocked":-1,"dns":7,"connect":252,"send":0,"wait":348,"receive":0,"ssl":262},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zq3388a.com/g.js","fqdn":"zq3388a.com","domain":"zq3388a.com","tld":"com"},"ip":{"addr":"157.119.95.5","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://zq3388a.com/","date":"2026-06-27T11:46:56.941Z","timestamp":1782560816941,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.zq3388a.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 12:24:50 GMT","end":"Thu, 24 Sep 2026 12:24:49 GMT"},"fingerprint":{"sha1":"68:DB:D4:8E:4B:31:6A:42:13:9D:AE:29:A9:21:06:A3:DD:3B:52:63","sha256":"35:B4:E2:32:3F:D5:FF:18:E4:BC:1D:87:F6:06:E3:02:88:E8:98:C7:9C:07:11:64:C7:11:2F:E4:03:99:6D:D1"}}},"request":{"raw":"GET /g.js HTTP/1.1\r\nHost: zq3388a.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://zq3388a.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 11:46:57 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 543\r\nlast-modified: Sat, 27 Jun 2026 08:59:50 GMT\r\netag: \"6a3f9106-21f\"\r\nexpires: Sat, 27 Jun 2026 23:46:57 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":543,"size_decoded":1062,"mime_type":"application/javascript","magic":"HTML document, ASCII text","md5":"523e4301250d297f5547325afb0504b3","sha1":"7caaa17380bc931e10d66f9298c5a60533d2865d","sha256":"856ee5aeb6dd98d57783c196b9e888c8ffb1a4a8a8bd1268640021f371e17bea","sha512":"3f376020a17edb393f629e3a14df356be9487ab44470abee661ad7b6c34a1e651b916072e1da5125872acfc9c7d2eab7e1c385b9de479c610ca9ba16b2d974a6","ssdeep":"","tlshash":"3df02bbb09f061475e1241a4951cffbcf862e1f45f534c509d2d5fe95891b158c28a8d","first_seen":"2026-06-27T09:08:14.946424Z","last_seen":"2026-06-27T11:47:19.82581Z","times_seen":2,"resource_available":true,"data":null}},"time_used":748,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":748,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}