{"report_id":"8656e824-ea54-4cef-9e11-bc2b9900e028","version":6,"status":"done","tags":[],"date":"2026-03-21T06:08:49Z","url":{"schema":"http","addr":"www.www6hao3.cc/","fqdn":"www.www6hao3.cc","domain":"www6hao3.cc","tld":"cc"},"ip":{"addr":"20.255.152.124","port":0,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"fn4vfrywyvuqmmqs.app/slotMachine/popular","fqdn":"fn4vfrywyvuqmmqs.app","domain":"fn4vfrywyvuqmmqs.app","tld":"app"},"title":"fn4vfrywyvuqmmqs.app/slotMachine/popular","dom":{"size":344,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (344), with no line terminators","md5":"9368286d66f5d40c1ce7ce4d89c9a04f","sha1":"ab612f0cd162a7c31ede775fcc468c4bf7da4803","sha256":"74290c63773ccf2bcf79ad5eb67e744b267f40f0101ecb16006bad709688a480","sha512":"4ed669e0410e65925d2ce1de8fe654ac73e71bfd88b62e8f804854e61934dc4924d414fde21834b32e3c390d825609327e1e7ee11fe3c91434b67f09d77a2317","ssdeep":"","tlshash":"78e026e95db9c83464a4138a20f1f39c1a30a5a0b721e60883d9dc3b9e10feb4c92988","dom_hash":"domhashfa92bf49a0529f3ae8099507699ba65b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"www.www6hao3.cc/","fqdn":"www.www6hao3.cc","domain":"www6hao3.cc","tld":"cc"},"ip":{"addr":"20.255.152.124","port":0,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-25T06:08:49Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-21","alert":"Sinkholed","trigger":"lkcj6am6jo8g7qhv.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"009bhtpeu4xrn-tiger-fluid.rlawxq03.com","ip":{"addr":"172.67.171.130","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-03-13","domain_rank":0,"first_seen":"2025-07-31T02:25:48.218449Z","last_seen":"2026-03-14T09:22:38.23283Z","alert_count":0,"request_count":5,"received_data":4303,"sent_data":2387,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.178.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-03-15T22:23:30.202114Z","alert_count":0,"request_count":1,"received_data":467038,"sent_data":441,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"lkcj6am6jo8g7qhv.app","ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":2,"request_count":2,"received_data":2086,"sent_data":978,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}]},{"fqdn":"www.www6hao3.cc","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2025-07-28","domain_rank":0,"first_seen":"2026-03-21T06:08:50.616062Z","last_seen":"2026-03-21T06:08:50.616062Z","alert_count":0,"request_count":2,"received_data":344,"sent_data":884,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fn4vfrywyvuqmmqs.app","ip":{"addr":"20.6.181.237","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":2,"received_data":92257,"sent_data":969,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"fn4vfrywyvuqmmqs.app/slotMachine/popular","fqdn":"fn4vfrywyvuqmmqs.app","domain":"fn4vfrywyvuqmmqs.app","tld":"app"},"ip":{"addr":"20.6.181.237","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"59aa672da0a9ef6b46bf6048f76d0de1","sha1":"a748c5a0cd76a722d9167b133405b4d04ba9a5aa","sha256":"3ea864d0ac5db6729822cb1dd666fd62c160f7cbe114fce56785c1598853a535","sha512":"68247b230fca5ebf6238d3aa81c5378c8c82d9efbfcf75d9e9c947b5051ff0ca544d1bc711ff3af51fb7bc84908a6cdce46b38f13edfebc6049d168ef2eaf20f","ssdeep":"","tlshash":"6621ccdc6f42568543df2ada75262dcadbedd46b3ce881114820bdf03c92414c2f3a31","size":1385,"data":"","first_seen":"2026-03-21T06:09:08.077154Z","last_seen":"2026-03-21T23:36:25.03747Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fn4vfrywyvuqmmqs.app/slotMachine/popular","fqdn":"fn4vfrywyvuqmmqs.app","domain":"fn4vfrywyvuqmmqs.app","tld":"app"},"ip":{"addr":"20.6.181.237","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"fe3e918d4d085b82eed3941ae2031af5","sha1":"52cc200808a918bb55186713687fbce38482186f","sha256":"78811db4831526c4a49a4d729b31ac5ae20316b6977b88544ba0bfb3e6b665e5","sha512":"824340844a1250fa2be2d2f680576dde8f71e26e07a32178414d5bedc12317fcd6f787df58a810c379eb3210bf9c210d9d8d356a5a154a934ca5571351476080","ssdeep":"","tlshash":"0a2169d81900359817de1ef6ac2738c5ee2998df3cde00962513b6b03b5091fe1a7a78","size":1438,"data":"","first_seen":"2026-03-21T06:09:08.08203Z","last_seen":"2026-03-21T06:09:08.08203Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fn4vfrywyvuqmmqs.app/slotMachine/popular","fqdn":"fn4vfrywyvuqmmqs.app","domain":"fn4vfrywyvuqmmqs.app","tld":"app"},"ip":{"addr":"20.6.181.237","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"26477753545c47922dd42021ab4dd158","sha1":"e2ab940954ff2b123d652d845cecf6ee6ad38ed2","sha256":"ac44d29d15383be3cb9e242f5ac62342e166670ee4bb2d14f7f405509a02fca2","sha512":"62fbccb22e627ad733f50919eaf6a4b46ff0989cfc0fa0dd065abd3596593d1a46e95bc4bf800b8ad9b69ea0ac2c8af0a2cb6c179f744296307f96ed5b574935","ssdeep":"768:FAmiasmOKF04Ov4vYIPOzqUlMySURMyIVuu:J2KFkm5N","tlshash":"7cb2457bbbc8d183b6442cd76927b0e0d809bc0591815caafcc67a5c743e579e9b8b70","size":25579,"data":"","first_seen":"2026-03-21T06:09:08.085367Z","last_seen":"2026-03-21T06:09:08.085367Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fn4vfrywyvuqmmqs.app/slotMachine/popular","fqdn":"fn4vfrywyvuqmmqs.app","domain":"fn4vfrywyvuqmmqs.app","tld":"app"},"ip":{"addr":"20.6.181.237","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"a3d227863147b85766c65a04c81f32c6","sha1":"1df78c6e0e40bd1bdce0ac63e51b199e88e565e2","sha256":"e7b780ff89486936b90b249915f788c93595c4aa8e0f590621e3b2a4f72ebfd2","sha512":"2ff39067669f0836a5b2a1c7a5ae9730eff91199ae7052a6ea921699e6b1f7d3c58c4c6b6d682e6b07404ab4de86317fafabe4ed1bab64b2c98ea7b9847f0e3a","ssdeep":"","tlshash":"38317477c690a491abd5d289009abf0b993f434b4e48bc94faaf8d447fdd03a01761b7","size":1790,"data":"","first_seen":"2026-03-21T06:09:08.087872Z","last_seen":"2026-03-23T13:29:37.993648Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fn4vfrywyvuqmmqs.app/slotMachine/popular","fqdn":"fn4vfrywyvuqmmqs.app","domain":"fn4vfrywyvuqmmqs.app","tld":"app"},"ip":{"addr":"20.6.181.237","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"8170c6a8190b47822f08c7260dbd2f89","sha1":"75bfd93f50d465951fbe1b3988de33f180c7cf90","sha256":"0da4e941163b897ec27303d1334bfd27aacda1a54e771b5c5550ec9af51a25af","sha512":"40d124852065d97f16f235f4c35debabab0418d999f590adbef85da877a36f7a77b5c0469203a05012ef207f11be9cbd1abee7ca10571988acfa20c2e5c1ec4e","ssdeep":"","tlshash":"91d012fca21fac7041b626004f2bf700f00b2132d4a19a213e0ea304af30d0bdb682d0","size":208,"data":"","first_seen":"2025-06-19T08:36:25.952115Z","last_seen":"2026-04-05T01:06:55.164534Z","times_seen":234,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fn4vfrywyvuqmmqs.app/slotMachine/popular","fqdn":"fn4vfrywyvuqmmqs.app","domain":"fn4vfrywyvuqmmqs.app","tld":"app"},"ip":{"addr":"20.6.181.237","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"c3584e4c25fb14bb8adcba90f7c9d5af","sha1":"539c0568bbf45d72e8ae6ce336e1aff78d12cf68","sha256":"b8428f8405379f8db3d3c6c8594f3cd7d41bd2ba6b1c54284e0dccdabc54b2ea","sha512":"c70258a2694a5feb9b5b9761999815cba7b1783c9b9316aeb107b97bfd489b7e6c7771cf2cd3d9ae24e3b371c59d32a0d00ad743c92d00874deb3ed6a3c329a7","ssdeep":"","tlshash":"1621ab292e81cc5623d367abfe6b91d6d1edce172af008039060b7497ac0915c9f3a70","size":1363,"data":"","first_seen":"2026-03-21T06:09:08.092383Z","last_seen":"2026-03-21T23:36:25.045488Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fn4vfrywyvuqmmqs.app/slotMachine/popular","fqdn":"fn4vfrywyvuqmmqs.app","domain":"fn4vfrywyvuqmmqs.app","tld":"app"},"ip":{"addr":"20.6.181.237","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"96d351cb4d65931d21685a80a5aa4916","sha1":"0f32585dfaf423fdbf4aa75724aca4773cc50194","sha256":"b2f6abe00c802d84c6bcc0aee4ab8ea94bbee044fe0e6d4799816cd6c56404d0","sha512":"66811a91fe9283027bf1504adf452a4ed6bdcdf4d4d33b1d1febec00d2e9fc2f5c2ad3f76e193bf2515fdd494d39c5b8310a387ca1ffcbeaa7468e89fcdfa264","ssdeep":"768:X49ChlE0jq3jscIwNTWVFHty6K/STz69fr7giWL:Wqj00kM69faL","tlshash":"8d13e833ac11a123067ae76bb23ff744d25e160ee45c2c7ce04524199dbd39ada6f235","size":41744,"data":"","first_seen":"2026-03-21T06:09:08.09387Z","last_seen":"2026-03-21T23:36:25.046135Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fn4vfrywyvuqmmqs.app/slotMachine/popular","fqdn":"fn4vfrywyvuqmmqs.app","domain":"fn4vfrywyvuqmmqs.app","tld":"app"},"ip":{"addr":"20.6.181.237","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"cd7a34e714de94d5c29b8ac5acdde24b","sha1":"b722bccb435490630d97ef88cafeb02d92f70fd0","sha256":"312ebfdc50a0e168cff60c206811b02e944263a7d9060c2685509dacfacd7f71","sha512":"a724bc648a508c24e5bb1788e1f02b47030893bbb0b80a99e380d95480095983a35d8ec11193c53f0a67db47a289ab608fcbc9dbca846bfdd5d61a8832290f43","ssdeep":"","tlshash":"58e07d48ff28c7f316ce28ab516e770858d104d58c1b58024cebccc86935ed87291527","size":314,"data":"","first_seen":"2023-03-11T11:23:25Z","last_seen":"2026-04-05T01:33:16.56106Z","times_seen":29649,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fn4vfrywyvuqmmqs.app/slotMachine/popular","fqdn":"fn4vfrywyvuqmmqs.app","domain":"fn4vfrywyvuqmmqs.app","tld":"app"},"ip":{"addr":"20.6.181.237","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"528dd01eb509d1fc3c68b48e165c9d77","sha1":"8d702f33d869eb8c53cf75c17014f96385322395","sha256":"b508dff20bdbd9138e31aa48c45bc501805e509d2fd4709b39c4a60cd5c6b43a","sha512":"4c1edeec560f431005363ff5291acc80c1c42edf7c9a6d6e4fde2f7539b6a35a8e36f0bc228503263277bf5df4525dc579575faadca614c32e5dfa885a2d343b","ssdeep":"","tlshash":"78a012bb71b851710cd51ba7a40455e01c20123105052c101c8d5151c011c171d394c0","size":84,"data":"","first_seen":"2023-04-07T06:55:59Z","last_seen":"2026-04-05T01:33:16.566457Z","times_seen":33553,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"de3019efa0a8f22b9c0797d2973c9ff3","sha1":"58b4b5e376ac2ed403375056c675ed7d594bb138","sha256":"5ea049d1ed67e33b08fc219ec8ea4de65278757efebcc8cfbdf9ef4536130181","sha512":"54726d23b068b4de612b5d5e719fd646ddd77bb124eebb46ca5c60861be12551da75c07e15b1a25e95e7f9139d48fb934d4e2d956cbb698cd6e486c67ac9dcb3","ssdeep":"","tlshash":"99d023655db98930519c024e10b5f394257065607731e504c3cdcc2f7e11df718b555c","size":217,"data":"","first_seen":"2026-03-21T06:09:08.097254Z","last_seen":"2026-03-21T06:09:08.097254Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-BPTEMPZW0E","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e5b191643961eb801633cbffe6e06b66","sha1":"aae28092350c9658ff7e20eaf14fd450288ca3ff","sha256":"877eaef5cd21db6607e8e4f12eafd858e39c5209acf7396d1e9d84fddec67b61","sha512":"5d0a7da908aeb04970d732ad6c13f5c548a4d9fa6ca24949fb2e6e6d3f76a967db1a15856b465c367496733931560034b52a7a466c5ccab0d99831f250f90dfd","ssdeep":"6144:NAG6hIFyKht23cw3KH4V8qCxkur5/wPPAPH8tiBM4QuAX7qO4UF:waygCcH28xoH4vi","tlshash":"2da4f8deb3d670225396f478903f018ba57b28a2b45cc899f189cce42e7465a4277f7c","size":466434,"data":"","first_seen":"2026-03-21T06:09:08.044507Z","last_seen":"2026-03-21T06:09:08.044507Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fn4vfrywyvuqmmqs.app/slotMachine/popular","fqdn":"fn4vfrywyvuqmmqs.app","domain":"fn4vfrywyvuqmmqs.app","tld":"app"},"ip":{"addr":"20.6.181.237","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"2b4ff8db8db80c07df75649faaba627e","sha1":"3e75cfe9d838cd16cc152887619f0be582c7815b","sha256":"0c0e122a9fc062a95999394cceaf1af5186287f2bb0748386f1463852061dc31","sha512":"e791b0b10c62e650047017a8d12024c80d4d02805f02507971a7e642c261f3f85d0fd6b1dfbe30b60d1d53dd7836ac4dcf9cb091aa6638eb051fd85317fd5966","ssdeep":"","tlshash":"15119c757f2a5534c585418b317ef7a93d3260617a12a044c36ccc295918e9714afcbe","size":902,"data":"","first_seen":"2026-03-21T06:09:08.109193Z","last_seen":"2026-03-21T06:09:08.109193Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"www.www6hao3.cc/","fqdn":"www.www6hao3.cc","domain":"www6hao3.cc","tld":"cc"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-21T06:08:27.163Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: www.www6hao3.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T01:47:03.978699Z","times_seen":13354468,"resource_available":true,"data":null}},"time_used":2382,"timings":{"blocked":2382,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.www6hao3.cc/","fqdn":"www.www6hao3.cc","domain":"www6hao3.cc","tld":"cc"},"ip":{"addr":"20.2.8.45","port":80,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-21T06:08:29.773Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: www.www6hao3.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: text/html; charset=utf-8\r\nConnection: close\r\nCache-Control: max-age=60\r\nContent-Length: 218\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":218,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"a05f59c9a36b8e6c63fbf6689d441da6","sha1":"1aa5345c66be6a4c32f6cb08aee6cefc5f981cb5","sha256":"4da7a64d41c4054dddf3d2a89cfb5fd6ddf34013fff98c80fc3cf7544ed7e29f","sha512":"1605ea09353fffcb13e17fe73d6c55a5205c23108e641d3cecd26c0ee93e4515ffd8433a9ff4ce709c172875764368c93be298859923a352ef5182c4acca2d59","ssdeep":"","tlshash":"2cd0a7fa5880065966f633829ae27309182342d92c41c40202846520f80d76f8d1b6cd","first_seen":"2026-03-21T06:09:08.038849Z","last_seen":"2026-03-21T23:36:25.034187Z","times_seen":3,"resource_available":true,"data":null}},"time_used":610,"timings":{"blocked":204,"dns":1,"connect":203,"send":0,"wait":202,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fn4vfrywyvuqmmqs.app/slotMachine/popular","fqdn":"fn4vfrywyvuqmmqs.app","domain":"fn4vfrywyvuqmmqs.app","tld":"app"},"ip":{"addr":"20.6.181.237","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-21T06:08:32.282Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"fn4vfrywyvuqmmqs.app","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 13 Mar 2026 08:21:22 GMT","end":"Sun, 27 Sep 2026 08:21:22 GMT"},"fingerprint":{"sha1":"74:53:0A:84:06:F8:C5:55:5E:05:83:6E:5D:61:67:71:4A:24:6F:77","sha256":"66:4C:CF:6A:93:C9:CA:02:40:A5:FB:03:46:71:51:4A:F6:6E:E1:D4:00:AD:48:E2:70:50:C2:3B:7E:4A:27:20"}}},"request":{"raw":"GET /slotMachine/popular HTTP/1.1\r\nHost: fn4vfrywyvuqmmqs.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lkcj6am6jo8g7qhv.app/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 21 Mar 2026 06:08:33 GMT\r\ncontent-type: text/html; charset=utf-8\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\ncontent-security-policy: frame-ancestors 'none'\r\netag: W/\"16611-SlcNHxQgd2Sua9I52+zDo+WE8RI\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]}],"data":{"size":91665,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (25537)","md5":"0d84f9ed59200d961dfd5c20f08a49ae","sha1":"4a570d1f14207764ae6bd239dbecc3a3e584f112","sha256":"c1e3bddfd6fe97e523ba95c2639c12bb81565544074de6aad9343034a10ece84","sha512":"b2d4dbc5c6c3f270baec68e0f5f11e6bbb715dad6abd7edec5d755f008c34384792ac74d1c3db8331cb273db3a59a41e9ce80ed243f64a1133cfea3fb078c779","ssdeep":"1536:We3l71eM29n2KFkm5pjH8Np5qj00kM69faIrx/k:/eVLggQnh9Vk","tlshash":"3293d873be50e003161aaaaba53bb284d51e180ee54c5cbcf4ce254caf7d269c57b731","first_seen":"2026-03-21T06:09:08.041433Z","last_seen":"2026-03-21T06:09:08.041433Z","times_seen":1,"resource_available":true,"data":null}},"time_used":2935,"timings":{"blocked":1166,"dns":516,"connect":216,"send":0,"wait":602,"receive":0,"ssl":433},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"009bhtpeu4xrn-tiger-fluid.rlawxq03.com/assets/index-f1d7c1c2.css","fqdn":"009bhtpeu4xrn-tiger-fluid.rlawxq03.com","domain":"rlawxq03.com","tld":"com"},"ip":{"addr":"172.67.171.130","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://fn4vfrywyvuqmmqs.app/slotMachine/popular","date":"2026-03-21T06:08:34.185Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rlawxq03.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:46:37 GMT","end":"Sun, 03 May 2026 09:45:11 GMT"},"fingerprint":{"sha1":"32:F2:5A:25:CB:BC:6A:70:BF:EF:DB:90:3E:13:B6:DE:4A:D9:15:C9","sha256":"43:6C:5A:BA:14:C5:F5:9A:53:B1:61:12:63:94:0B:6D:77:53:A5:A4:FF:9A:A9:65:3D:64:A4:6F:FB:94:6B:8B"}}},"request":{"raw":"GET /assets/index-f1d7c1c2.css HTTP/1.1\r\nHost: 009bhtpeu4xrn-tiger-fluid.rlawxq03.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://fn4vfrywyvuqmmqs.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fn4vfrywyvuqmmqs.app/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Sat, 21 Mar 2026 06:08:34 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\nx-frame-options: SAMEORIGIN\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GR317ZNdR30p%2BsceE%2BYvzvVYiejWBaJ5c7BmKyj31ykUZgzJBsO937PKOHczPA5Vz%2BM6wVRu3hWQmAjc69Xd6JJRDMqRiezZUuN%2FwpsLeRi1n%2Fd%2Ff3YKyDLH7ytKLlf22EnJnvw1\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpect-ct: max-age=86400, enforce\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9dfac865e8ecb1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T01:47:03.978699Z","times_seen":13354468,"resource_available":true,"data":null}},"time_used":80,"timings":{"blocked":35,"dns":7,"connect":3,"send":0,"wait":4,"receive":0,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-BPTEMPZW0E","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://fn4vfrywyvuqmmqs.app/slotMachine/popular","date":"2026-03-21T06:08:34.191Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 18:19:52 GMT","end":"Mon, 18 May 2026 18:19:51 GMT"},"fingerprint":{"sha1":"82:91:12:6B:AB:F4:47:8F:61:18:A5:AF:A2:98:9D:B7:9F:15:F9:08","sha256":"C1:E9:29:DD:F3:D3:23:4D:03:E4:0E:2B:90:5B:69:F3:7F:A9:48:3B:18:70:6B:75:A1:77:F0:A0:90:D2:64:49"}}},"request":{"raw":"GET /gtag/js?id=G-BPTEMPZW0E HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fn4vfrywyvuqmmqs.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 21 Mar 2026 06:08:34 GMT\r\nexpires: Sat, 21 Mar 2026 06:08:34 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 154588\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":466434,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"e5b191643961eb801633cbffe6e06b66","sha1":"aae28092350c9658ff7e20eaf14fd450288ca3ff","sha256":"877eaef5cd21db6607e8e4f12eafd858e39c5209acf7396d1e9d84fddec67b61","sha512":"5d0a7da908aeb04970d732ad6c13f5c548a4d9fa6ca24949fb2e6e6d3f76a967db1a15856b465c367496733931560034b52a7a466c5ccab0d99831f250f90dfd","ssdeep":"6144:NAG6hIFyKht23cw3KH4V8qCxkur5/wPPAPH8tiBM4QuAX7qO4UF:waygCcH28xoH4vi","tlshash":"2da4f8deb3d670225396f478903f018ba57b28a2b45cc899f189cce42e7465a4277f7c","first_seen":"2026-03-21T06:09:08.044507Z","last_seen":"2026-03-21T06:09:08.044507Z","times_seen":1,"resource_available":true,"data":null}},"time_used":430,"timings":{"blocked":164,"dns":1,"connect":16,"send":0,"wait":40,"receive":53,"ssl":148},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fn4vfrywyvuqmmqs.app/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"fn4vfrywyvuqmmqs.app","domain":"fn4vfrywyvuqmmqs.app","tld":"app"},"ip":{"addr":"20.6.181.237","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://fn4vfrywyvuqmmqs.app/slotMachine/popular","date":"2026-03-21T06:08:34.376Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"fn4vfrywyvuqmmqs.app","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 13 Mar 2026 08:21:22 GMT","end":"Sun, 27 Sep 2026 08:21:22 GMT"},"fingerprint":{"sha1":"74:53:0A:84:06:F8:C5:55:5E:05:83:6E:5D:61:67:71:4A:24:6F:77","sha256":"66:4C:CF:6A:93:C9:CA:02:40:A5:FB:03:46:71:51:4A:F6:6E:E1:D4:00:AD:48:E2:70:50:C2:3B:7E:4A:27:20"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1\r\nHost: fn4vfrywyvuqmmqs.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sat, 21 Mar 2026 06:08:34 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 185\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src 'none'\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T01:47:03.978699Z","times_seen":13354468,"resource_available":true,"data":null}},"time_used":285,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":285,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lkcj6am6jo8g7qhv.app/?p=/","fqdn":"lkcj6am6jo8g7qhv.app","domain":"lkcj6am6jo8g7qhv.app","tld":"app"},"ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-21T06:08:30.262Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lkcj6am6jo8g7qhv.app","organization":""},"issuer":{"commonName":"GeoTrust TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 19 Mar 2026 00:00:00 GMT","end":"Sat, 19 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:B9:B5:A0:F8:9B:F9:CC:59:E8:84:B2:7A:69:63:8F:91:13:1A:4B","sha256":"89:50:1C:8B:3D:E8:9E:2E:58:F2:CD:9F:38:B9:F4:E0:19:31:24:E7:F3:80:A7:D2:66:FA:BD:C3:1F:EF:B3:89"}}},"request":{"raw":"GET /?p=/ HTTP/1.1\r\nHost: lkcj6am6jo8g7qhv.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.www6hao3.cc/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 21 Mar 2026 06:08:32 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-encoding: gzip\r\nx-cache: CONFIG_NOCACHE\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: Innj7NU9T5Ns_CCNs1-ipe2kpik08qhFiWa8MZulIgz8_xbV5tpdtA==\r\nis-cache: true\r\nvary: accept-encoding, Origin\r\nx-azure-ref: 20260321T060831Z-16c6dc4f4d6sw9vdhC1SVGpcps00000011d000000000442w\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":1184,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"5b3fe0dd0f1e849fb60518fe34ba009a","sha1":"e438ec27511f6cb88f5672b445c1da286097d748","sha256":"0c051aa5f7e402c8163a31b2630d739d45cd8fc8a9c27b0713c1f6da03b425a9","sha512":"392d241a26c63444bcfc8ecbafb0f8435997c978c58bcdba3ed8a49dcadb01341c14618fbd9029d6edd40ed975af09c6e6c3f4d7311e645074530faac17fd461","ssdeep":"","tlshash":"1e213b760da100fa5051d16609937c045982e0079f08f8467bade2854fcbf69edfbfaa","first_seen":"2026-03-21T06:09:08.047246Z","last_seen":"2026-03-23T13:29:37.976137Z","times_seen":3,"resource_available":true,"data":null}},"time_used":3278,"timings":{"blocked":1455,"dns":894,"connect":8,"send":0,"wait":368,"receive":0,"ssl":549},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-21","alert":"Sinkholed","trigger":"lkcj6am6jo8g7qhv.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lkcj6am6jo8g7qhv.app/favicon.ico","fqdn":"lkcj6am6jo8g7qhv.app","domain":"lkcj6am6jo8g7qhv.app","tld":"app"},"ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lkcj6am6jo8g7qhv.app/?p=/","date":"2026-03-21T06:08:32.385Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lkcj6am6jo8g7qhv.app","organization":""},"issuer":{"commonName":"GeoTrust TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 19 Mar 2026 00:00:00 GMT","end":"Sat, 19 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:B9:B5:A0:F8:9B:F9:CC:59:E8:84:B2:7A:69:63:8F:91:13:1A:4B","sha256":"89:50:1C:8B:3D:E8:9E:2E:58:F2:CD:9F:38:B9:F4:E0:19:31:24:E7:F3:80:A7:D2:66:FA:BD:C3:1F:EF:B3:89"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: lkcj6am6jo8g7qhv.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lkcj6am6jo8g7qhv.app/?p=/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sat, 21 Mar 2026 06:08:32 GMT\r\ncontent-type: text/plain\r\ncontent-length: 18\r\nx-cache: CONFIG_NOCACHE\r\nvia: 1.1 e6220bd7bee9300eb5b87a282645e6ec.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: Az_g2w9yH8q55oZRn7Bot2M0EKffndDPV4JyB5mUBg1QsaCOVqqzVA==\r\nis-cache: true\r\nvary: Origin\r\nx-azure-ref: 20260321T060832Z-16c6dc4f4d6sw9vdhC1SVGpcps00000011d0000000004438\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":18,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"53af239ee5d3e261545dededcb6ffd57","sha1":"04ca7e137e1e9feead96a7df45bb67d5ab3de190","sha256":"99eb12f2ab3c4866a353e098ffa3cb7a967e617c49b98480394ec5d8ea92b094","sha512":"c734e4a5ff5d335a91518dbf47861bdaf8012af49371dcd2e3350e269c9a5a1cc094114d17c4f5b053f3757b4b07487ebd0d309c91ef97acf4665cc5d5c9a2d3","ssdeep":"","tlshash":"ec70000c080202082020002822800020080802002a802220000aa00882000000800888","first_seen":"2023-04-05T07:16:36Z","last_seen":"2026-04-05T01:06:55.141688Z","times_seen":3703,"resource_available":true,"data":null}},"time_used":366,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":366,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-21","alert":"Sinkholed","trigger":"lkcj6am6jo8g7qhv.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"009bhtpeu4xrn-tiger-fluid.rlawxq03.com/assets/index-1b369284.js","fqdn":"009bhtpeu4xrn-tiger-fluid.rlawxq03.com","domain":"rlawxq03.com","tld":"com"},"ip":{"addr":"172.67.171.130","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://fn4vfrywyvuqmmqs.app/slotMachine/popular","date":"2026-03-21T06:08:34.182Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rlawxq03.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:46:37 GMT","end":"Sun, 03 May 2026 09:45:11 GMT"},"fingerprint":{"sha1":"32:F2:5A:25:CB:BC:6A:70:BF:EF:DB:90:3E:13:B6:DE:4A:D9:15:C9","sha256":"43:6C:5A:BA:14:C5:F5:9A:53:B1:61:12:63:94:0B:6D:77:53:A5:A4:FF:9A:A9:65:3D:64:A4:6F:FB:94:6B:8B"}}},"request":{"raw":"GET /assets/index-1b369284.js HTTP/1.1\r\nHost: 009bhtpeu4xrn-tiger-fluid.rlawxq03.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://fn4vfrywyvuqmmqs.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fn4vfrywyvuqmmqs.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Sat, 21 Mar 2026 06:08:34 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\nx-frame-options: SAMEORIGIN\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TUR3HIAxWZvo7lnhRhGzMydkygR3kJUPwtWsaepybHjAb7XpYN9SMA48mV128R6sfndf7XWGwRSquzCal18t15xaaz7ZH%2BAMveAsSIK5P6bZrLEybLQU%2Btt5O8RznL43LrNtQgGJ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpect-ct: max-age=86400, enforce\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9dfac865d8e2b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T01:47:03.978699Z","times_seen":13354468,"resource_available":true,"data":null}},"time_used":81,"timings":{"blocked":35,"dns":8,"connect":1,"send":0,"wait":7,"receive":0,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"009bhtpeu4xrn-tiger-fluid.rlawxq03.com/registerSW.js","fqdn":"009bhtpeu4xrn-tiger-fluid.rlawxq03.com","domain":"rlawxq03.com","tld":"com"},"ip":{"addr":"172.67.171.130","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://fn4vfrywyvuqmmqs.app/slotMachine/popular","date":"2026-03-21T06:08:34.188Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rlawxq03.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:46:37 GMT","end":"Sun, 03 May 2026 09:45:11 GMT"},"fingerprint":{"sha1":"32:F2:5A:25:CB:BC:6A:70:BF:EF:DB:90:3E:13:B6:DE:4A:D9:15:C9","sha256":"43:6C:5A:BA:14:C5:F5:9A:53:B1:61:12:63:94:0B:6D:77:53:A5:A4:FF:9A:A9:65:3D:64:A4:6F:FB:94:6B:8B"}}},"request":{"raw":"GET /registerSW.js HTTP/1.1\r\nHost: 009bhtpeu4xrn-tiger-fluid.rlawxq03.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fn4vfrywyvuqmmqs.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Sat, 21 Mar 2026 06:08:34 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\nx-frame-options: SAMEORIGIN\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=r%2F%2BPlGkq7O9o5wthvHMDGRQ%2FFeeshS9nFsxqdEKGdjlyutJOTInWQKsfuBSk4CTrRYlMtL%2FYBcQqV%2B%2FdfuJ5aGXcHS0zGBVrZvIbbMcsCL3liuLyhmywCYJyPZLdMpkicy5Hh1X%2B\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpect-ct: max-age=86400, enforce\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9dfac865ef2649c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T01:47:03.978699Z","times_seen":13354468,"resource_available":true,"data":null}},"time_used":77,"timings":{"blocked":32,"dns":6,"connect":3,"send":0,"wait":6,"receive":0,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"009bhtpeu4xrn-tiger-fluid.rlawxq03.com/apple-touch-icon-180x180.png","fqdn":"009bhtpeu4xrn-tiger-fluid.rlawxq03.com","domain":"rlawxq03.com","tld":"com"},"ip":{"addr":"172.67.171.130","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fn4vfrywyvuqmmqs.app/slotMachine/popular","date":"2026-03-21T06:08:34.454Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rlawxq03.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:46:37 GMT","end":"Sun, 03 May 2026 09:45:11 GMT"},"fingerprint":{"sha1":"32:F2:5A:25:CB:BC:6A:70:BF:EF:DB:90:3E:13:B6:DE:4A:D9:15:C9","sha256":"43:6C:5A:BA:14:C5:F5:9A:53:B1:61:12:63:94:0B:6D:77:53:A5:A4:FF:9A:A9:65:3D:64:A4:6F:FB:94:6B:8B"}}},"request":{"raw":"GET /apple-touch-icon-180x180.png HTTP/1.1\r\nHost: 009bhtpeu4xrn-tiger-fluid.rlawxq03.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fn4vfrywyvuqmmqs.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sat, 21 Mar 2026 06:08:34 GMT\r\nx-frame-options: SAMEORIGIN\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2BmM4ixf8Zoe9W6qFEqdbcRy%2Fxst0i0lpbrnmToJjBCW328vUDZWwc4EJWhyh156r59ek6OUaMK6o528vtXVFg6b6LS7XXNMP2S%2FtulfDdqPDBmdDy10WTVQ1gy%2BSfnQhKq2wFFB\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpect-ct: max-age=86400, enforce\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: br\r\npriority: u=6,i=?0\r\nserver: cloudflare\r\ncf-ray: 9dfac8675badc759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T01:47:03.978699Z","times_seen":13354468,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"009bhtpeu4xrn-tiger-fluid.rlawxq03.com/favicon.ico","fqdn":"009bhtpeu4xrn-tiger-fluid.rlawxq03.com","domain":"rlawxq03.com","tld":"com"},"ip":{"addr":"172.67.171.130","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fn4vfrywyvuqmmqs.app/slotMachine/popular","date":"2026-03-21T06:08:34.455Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rlawxq03.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:46:37 GMT","end":"Sun, 03 May 2026 09:45:11 GMT"},"fingerprint":{"sha1":"32:F2:5A:25:CB:BC:6A:70:BF:EF:DB:90:3E:13:B6:DE:4A:D9:15:C9","sha256":"43:6C:5A:BA:14:C5:F5:9A:53:B1:61:12:63:94:0B:6D:77:53:A5:A4:FF:9A:A9:65:3D:64:A4:6F:FB:94:6B:8B"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 009bhtpeu4xrn-tiger-fluid.rlawxq03.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fn4vfrywyvuqmmqs.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Sat, 21 Mar 2026 06:08:34 GMT\r\nx-frame-options: SAMEORIGIN\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TlHgagjhqJZWVGXBDLldnEj5zW%2Be2f%2FvO%2BPsy3IJps%2BkqYx7ef7fXmvYRVwQ15c4sfx2fCkdzfM32h4EwvuCe%2F7XP9kKJkIdqLzJAIAYeepRlmvLfixXe%2FY9ilNTYDCAVZmFeyZU\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpect-ct: max-age=86400, enforce\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: br\r\npriority: u=6,i=?0\r\nserver: cloudflare\r\ncf-ray: 9dfac8675baec759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T01:47:03.978699Z","times_seen":13354468,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}