{"report_id":"9ac0c966-e389-4ff4-b9e6-11e0524d21c1","version":6,"status":"done","tags":[],"date":"2026-04-22T15:05:12Z","url":{"schema":"https","addr":"961.lol/","fqdn":"961.lol","domain":"961.lol","tld":"lol"},"ip":{"addr":"104.21.18.182","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"961.lol/","fqdn":"961.lol","domain":"961.lol","tld":"lol"},"title":"JUP — Claim Your Allocation","dom":{"size":26550,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"ba19df9443437b48a257e36cefc3c245","sha1":"46764267d59e77e695e6568e081464c3671928b4","sha256":"386adcfc045fb486d5d4956e2eac53c18182336172bc20e7e899b68b6105672b","sha512":"54edef49008235d0a345feb0c67b57b76202e14d06f75f730a23c7da4aa6da7c9f8963c7c7698ec86bef190ed9dce4a24b17641e8168a33b0bf7660e07a3051b","ssdeep":"192:YNirOQO72Rv0RJmhaFJ+tRMBmiSrP4HR2XHqwPTqriw8n9F5mdBwUZ1oh6iw0wyP:iirqmbz3F8uwR+i2shwLEMilNTIuPbNs","tlshash":"26c2b637126740367813d9ad7bfa5f5e2274b403f509c8297add3248cfcd6d88992ab8","dom_hash":"domhash62855e921c03c7608b4a683ea2a6ce8c","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"961.lol/","fqdn":"961.lol","domain":"961.lol","tld":"lol"},"ip":{"addr":"104.21.18.182","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-27T15:05:12Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"961.lol","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"961.lol","ip":{"addr":"104.21.18.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-03-26","domain_rank":0,"first_seen":"2026-04-22T15:05:12.594565Z","last_seen":"2026-04-22T15:05:12.594565Z","alert_count":9,"request_count":9,"received_data":813024,"sent_data":4152,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"961.lol/","fqdn":"961.lol","domain":"961.lol","tld":"lol"},"ip":{"addr":"104.21.18.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"0af7ca6444a4800b68c972c3cf1507d8","sha1":"0c86807977d1d02a868d825d1304b1de169a811e","sha256":"8907c868987d7546263ffaa0b6b2cf8387c3c782196e3dd699b18f22020565f1","sha512":"6ae2263d1e411b349ee61af632dc4e81dd505a565497c7c53a0f6980a2a885f51057ee212dbcf82b1ae7b70ad1f6c93d5ee88924506ec9bf22d8ca0a018927f9","ssdeep":"","tlshash":"eac0225d8a304ba1032e209aa17d9288399024a90082908bc2fd4aca404cf812908900","size":186,"data":"","first_seen":"2026-04-18T20:52:28.43243Z","last_seen":"2026-04-28T19:19:51.42122Z","times_seen":16,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"961.lol/","fqdn":"961.lol","domain":"961.lol","tld":"lol"},"ip":{"addr":"104.21.18.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"8c1a79c0cc73ff3a71080cdd9156fd7c","sha1":"6ee6b00b9743264d029700665b37487c99e04d18","sha256":"56a80d15ca9634e3fcc7c7a918633fd87f320843830e5708c05e572107d8e252","sha512":"1dd0b5f41863d285c2466dad13f620cc425d4ca827bf283889f3058abe9c225f60cd6998e95f38e8ab62c9b26129b472c69bf28cea583257096bb687c9f0b7a6","ssdeep":"","tlshash":"1801cefb3c65082111a705ee016f5a117532c2162cdae3d02d3eec816ff879583cabd4","size":791,"data":"","first_seen":"2026-04-18T20:52:28.433884Z","last_seen":"2026-04-28T19:19:51.422073Z","times_seen":16,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"961.lol/secureproxy?s=%2Fipfs%2FZGKISq-a-yKKSbFJ4o9dTA2dc2e7b44f9b1ac914f4fc72dff4e9f6%3Ft%3D1776870289416","fqdn":"961.lol","domain":"961.lol","tld":"lol"},"ip":{"addr":"104.21.18.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5a7fa96393fced9d79225bcd9989a4af","sha1":"cc9a4cd081f458d985a3946a08fd362e49043391","sha256":"f65b94fe0d46327996df6db529317f9a7b02a6ff038f6402d7af44f34ed65c22","sha512":"8a59f1fa769fc2c8d856ce47a27171b79eb546989b8c7c952bed20bb2255e6236f801edcc9aa44ab8dcf82c3a86ae8e2ffe16fa78c9a28918116e2e0b5feb6ea","ssdeep":"6144:Ih5gDkAOsstbFZFSXwRTMsS8chPcsdJs3wFYYH/3h8qcPOQA12Lcv0q:oskAnXwRTMP8chPc730WW","tlshash":"add4eac2ab09157340ca2eb5047b42afdf882d4d078ba85077f9afd9d74578230eee59","size":622849,"data":"","first_seen":"2026-04-22T15:05:15.267235Z","last_seen":"2026-04-22T15:05:15.267235Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"961.lol/assets/KHTekaMono-Regular.woff2","fqdn":"961.lol","domain":"961.lol","tld":"lol"},"ip":{"addr":"104.21.18.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://961.lol/","date":"2026-04-22T15:04:49.449Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"961.lol","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 13:56:29 GMT","end":"Tue, 21 Jul 2026 13:56:28 GMT"},"fingerprint":{"sha1":"27:C5:E7:23:93:69:BE:49:65:CB:FE:6A:73:43:89:D0:E5:12:7E:DA","sha256":"72:6F:54:E4:52:6B:10:00:39:A8:36:26:BA:0B:0B:87:A5:0D:FB:A9:4D:58:C4:A2:60:7B:D0:26:AD:2E:AA:F9"}}},"request":{"raw":"GET /assets/KHTekaMono-Regular.woff2 HTTP/1.1\r\nHost: 961.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://961.lol/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 22 Apr 2026 15:04:49 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 35836\r\ncast-mode: default\r\nlast-modified: Wed, 22 Apr 2026 14:53:39 GMT\r\netag: \"69e8e0f3-8bfc\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=o3N11iQ91iw9xq%2FRuFT73UZPSQVmyiusFRNdJ55pI1qoMsHK6FuEVFfEdeU9g3t9xYCjuR4TF%2BfidCgcKbtNReOU7lJCMsnNhpjfIatVCMaPgdnQshixNblK\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f0585ed18e1b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":35836,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 35836, version 1.0","md5":"d9f04a87559c7cb8fd4dc85e16f292c6","sha1":"b1c409b4512757654e78381b461e4eae303bd5c3","sha256":"6f0fb7a71d24385e53113fd29c812c8923649e3063e12f8465d3e45a1b183457","sha512":"ee5be9d9cb4ac195c35f0285e971c4db7a6d0c26852ffc7d2c4eaf4c3b3ea311ffed98a20c1afbaf57c6159224cb108d9894a07c999b2f59615397040a28ef2d","ssdeep":"768:rhftQee8/9NOz7HTIMqJVDQtFDGHR91lSIO960XN1zu+aXw:DHe8VNOnzqV8GHj3S5XzubXw","tlshash":"bdf2e16bd8194560f9fcc87a0d8520ca2d81197635738d77f3999342bb9e33b21c789b","first_seen":"2025-09-26T22:05:13.133134Z","last_seen":"2026-04-30T17:13:22.009576Z","times_seen":331,"resource_available":false,"data":null}},"time_used":288,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":230,"receive":58,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"961.lol","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"961.lol/secureproxy?s=%2Fjmpd%2F","fqdn":"961.lol","domain":"961.lol","tld":"lol"},"ip":{"addr":"104.21.18.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://961.lol/","date":"2026-04-22T15:04:51.073Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"961.lol","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 13:56:29 GMT","end":"Tue, 21 Jul 2026 13:56:28 GMT"},"fingerprint":{"sha1":"27:C5:E7:23:93:69:BE:49:65:CB:FE:6A:73:43:89:D0:E5:12:7E:DA","sha256":"72:6F:54:E4:52:6B:10:00:39:A8:36:26:BA:0B:0B:87:A5:0D:FB:A9:4D:58:C4:A2:60:7B:D0:26:AD:2E:AA:F9"}}},"request":{"raw":"POST /secureproxy?s=%2Fjmpd%2F HTTP/1.1\r\nHost: 961.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://961.lol/\r\ncontent-type: application/json\r\nContent-Length: 1431\r\nOrigin: https://961.lol\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1431,"data":"{\"route\":\"n9POyFeFG1tUtiSU-z9JOx3n\",\"payload\":\"0hqM-6_N52QBpwIqAywADwDrAtUCLgD-AhMAAAIBOQMAAO8nhn2XtsKCAda6zZsftv4ew99buF4CAABPTrjmq35McUUMUipKIrFYoW5rEGE0ivgCMhaexiumY1t6pQZZa2DWaDwVXqa4a9F11YmgxNYvuVbUCB2EUUiS7GoU-EC5tpuft6AQEccEJ0c7t3dIFiogeT65h6sRpdTU8zd7pkpgSrrpmj-rOJ3WIe9gdClRJKsp-MPJ2m1WOYQC7M3ICnw--2Lwg0UToS9hTqC21Uv9Zmu7OuWVQOHiiUOuyHHs7DTeWZVCR1nLKJR9GSPN0Jh6KaXYDMFKmXaLfRl31l_674O_Lrh1yFWF84Wd2ve6IwNYGJyBr5gb4ECjgdg9SSesT1LNsCIEprJgsDM2l8Do6Po_kAcTyLnxvUSga8FDOfiU8FIe5P6cToC4vx7BrZjCPEfOAO9w3L1_9EI4OGugycAL1jnE_fkk-QqytRZsyWvY7nErZUnaGOyiPL36z2lAXTQm-IgYrz7mYFlxhqElezjQr-HW4mE5_VFcCqCILXmg-IFK1EpURmczg5LBnYS9YiFo8OxeE3hI2Lj76kghi3A1P0pwQSDPNTs0L8slBea45Gn8jQr1Pcj_8riIAb9SItLjjCs8KSIsY9qGkxLnFCzfJSUyEP3zHyJyzi9PhEaZj1jKRJSJzb5Tgi8oKuT__1zboHSshVVfvfFQP0dbRB2ZbTWQjLgmm93eM9hdllhbH3a4-N9muddvnaCMG7IyU9shRYBD7bHPR67Ldy-630PGIuAesH3eGSVyXZmrJApM35dvFHAItWRlGnf02reQ6pWbJ3gWBFQaJr7Dr9belzWCpFMpt5zhHqGYG6K-ccbeiZTWvXi5wIhTCBL23Lnt6pF2jQ8_rUUpd_aTzJ95qlf56mLAEAU49CnVuJfl13BTNR0ingPt5ppM4UO3czzqeXsBgCl9wMpy8y69s9CQsVBtsyytrROHbdJ_rKwagaNbKzsFYU2rHmQ5PhXwD079lq40JXhPBHRAYlikIGoPAl72NHEftkabG31YHkDm28bn6vSLgU7UTB5RyF0xr-wr8_xqFSE_kgrwPWk7QKOnn1TJq3WvJ7rWhXvuACSLT-aSmqmOvZNFNRK448KEs9HWPGIEHf4HfKGbx5WHj_YdCjx8Kb47_8oL1A2v33Nm3pRqoWHUoF_XthA\",\"challenge\":\"eyJpZCI6IjkwX0xTVk4xYlJWaUZmbU9YbDNsYnciLCJub25jZSI6NywiaGFzaCI6IjAwMmRlM2EwMmNkZTYzZWQ4MjEyY2I5MDBmMzc0ZjZkNWU2ZDUwMTlkZjMzZTFiYjQ3MjBiZTA0NTkxZjBkOTYifQ==\"}"}},"response":{"raw":"HTTP/3 204 No Content\r\nserver: cloudflare\r\ndate: Wed, 22 Apr 2026 15:04:51 GMT\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\ncdn-pullzone: 4623665\r\ncdn-requestcountrycode: NL\r\ncache-control: no-cache\r\netag: W/\"a-bAsFyilMr4Ra1hIU5PyoyFRunpI\"\r\nx-ratelimit-limit: 20\r\nx-ratelimit-remaining: 19\r\nx-ratelimit-reset: 1776870351235\r\ncdn-proxyver: 1.50\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 204\r\ncdn-cachedat: 04/22/2026 15:04:51\r\ncdn-edgestorageid: 883\r\ncdn-requestid: dbcae7879557d424498b253e793b8a94\r\ncdn-requesttime: 0\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Wh%2Fc%2Fx4Pq%2BFtuEZcWnvPrTZ9m5WwVgjXCKqwh2U4Ll6btWx6mJDWvt3Ex8XMc2xr7h5qhjtS%2B2bNt%2FY3j0jCB%2B4TneCW8Rfyuwx%2BiiLvaEsesbf67obt2c1U\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f0585f73a57b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-01T08:39:29.766435Z","times_seen":14463273,"resource_available":true,"data":null}},"time_used":730,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":730,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"961.lol","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"961.lol/assets/favicon-96x96.png","fqdn":"961.lol","domain":"961.lol","tld":"lol"},"ip":{"addr":"104.21.18.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://961.lol/","date":"2026-04-22T15:04:49.425Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"961.lol","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 13:56:29 GMT","end":"Tue, 21 Jul 2026 13:56:28 GMT"},"fingerprint":{"sha1":"27:C5:E7:23:93:69:BE:49:65:CB:FE:6A:73:43:89:D0:E5:12:7E:DA","sha256":"72:6F:54:E4:52:6B:10:00:39:A8:36:26:BA:0B:0B:87:A5:0D:FB:A9:4D:58:C4:A2:60:7B:D0:26:AD:2E:AA:F9"}}},"request":{"raw":"GET /assets/favicon-96x96.png HTTP/1.1\r\nHost: 961.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://961.lol/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 22 Apr 2026 15:04:49 GMT\r\ncontent-type: image/png\r\ncontent-length: 11348\r\ncast-mode: default\r\nlast-modified: Wed, 22 Apr 2026 14:53:39 GMT\r\netag: \"69e8e0f3-2c54\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sZ68YreHKU2yXSHLG8N9jyV5%2Byh3qbXx3pVQ2pZJVpoHt0sbHZZCBVR%2B4sLFDCf5N9pBM9Z2rFLlLFh3TTkUHb%2Fr0yTC%2FzUKkKR5C71E6LtyOGV2nBEGots6\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f0585ece8bbb1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11348,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced","md5":"7c0b6ba49c75cdbd3e6f0c4e42ae830a","sha1":"0a8964a5b1ae2c6087ea46e4a117fa3dde6f03d0","sha256":"6d18cee31f3539885f84e635b88b690954f193e35eb4ecff7e991163c00308fa","sha512":"69c8f55f386c3566362fadd11124065552c29cb104b4ba56244c5edb6d9e48d0a64478afc761c60ba632536ed1f3d73fbac09d91c1960f3f54b02769a8df5e2f","ssdeep":"192:A9QyVqCp0LuOHPF5PFW+XgMi2kvMoykgRQXPewzBjwmXg1Qw:AxL0KONW+XgBvSkgRQXvKmRw","tlshash":"e632d0fb6d955b8afa8331e2005815b1f166cd1990befafc612b34189f2c187524e3c3","first_seen":"2025-10-18T17:47:24.924043Z","last_seen":"2026-04-28T19:19:51.404514Z","times_seen":46,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":172,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"961.lol","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"961.lol/secureproxy?s=%2Fipfs%2FZGKISq-a-yKKSbFJ4o9dTA2dc2e7b44f9b1ac914f4fc72dff4e9f6%3Ft%3D1776870289416","fqdn":"961.lol","domain":"961.lol","tld":"lol"},"ip":{"addr":"104.21.18.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://961.lol/","date":"2026-04-22T15:04:49.428Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"961.lol","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 13:56:29 GMT","end":"Tue, 21 Jul 2026 13:56:28 GMT"},"fingerprint":{"sha1":"27:C5:E7:23:93:69:BE:49:65:CB:FE:6A:73:43:89:D0:E5:12:7E:DA","sha256":"72:6F:54:E4:52:6B:10:00:39:A8:36:26:BA:0B:0B:87:A5:0D:FB:A9:4D:58:C4:A2:60:7B:D0:26:AD:2E:AA:F9"}}},"request":{"raw":"GET /secureproxy?s=%2Fipfs%2FZGKISq-a-yKKSbFJ4o9dTA2dc2e7b44f9b1ac914f4fc72dff4e9f6%3Ft%3D1776870289416 HTTP/1.1\r\nHost: 961.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://961.lol/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 22 Apr 2026 15:04:50 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\ncdn-pullzone: 4623665\r\ncdn-requestcountrycode: NL\r\ncache-control: max-age=2592000\r\netag: W/\"98101-zJpM0IH0WNmFo5RqCP02LkkEM5E\"\r\nexpires: 0\r\npragma: no-cache\r\ncontent-disposition: attachment; filename=uWdkFPzRX9au1hz3Yj6EVQ.js\r\ncdn-proxyver: 1.50\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 04/22/2026 15:04:50\r\ncdn-edgestorageid: 879\r\ncdn-requestid: a886bb1be9ee2c22f347715d8d485d6c\r\ncdn-cache: MISS\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iqqjf%2Fn8bSdnyPwyB9F2%2Bd%2Bqg%2BFW2lyLhltoA3wFfqGMEvmwa8al6gZ%2FTOtHlNY6rO%2F%2BqbcXA3sKM5cp0HHyXjljBuPf%2BLwOP3HuruNfJmk6X1UsTrIEfm2Y\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f0585ece8bcb1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":622849,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"5a7fa96393fced9d79225bcd9989a4af","sha1":"cc9a4cd081f458d985a3946a08fd362e49043391","sha256":"f65b94fe0d46327996df6db529317f9a7b02a6ff038f6402d7af44f34ed65c22","sha512":"8a59f1fa769fc2c8d856ce47a27171b79eb546989b8c7c952bed20bb2255e6236f801edcc9aa44ab8dcf82c3a86ae8e2ffe16fa78c9a28918116e2e0b5feb6ea","ssdeep":"6144:Ih5gDkAOsstbFZFSXwRTMsS8chPcsdJs3wFYYH/3h8qcPOQA12Lcv0q:oskAnXwRTMP8chPc730WW","tlshash":"add4eac2ab09157340ca2eb5047b42afdf882d4d078ba85077f9afd9d74578230eee59","first_seen":"2026-04-22T15:05:15.267235Z","last_seen":"2026-04-22T15:05:15.267235Z","times_seen":1,"resource_available":true,"data":null}},"time_used":874,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":699,"receive":175,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"961.lol","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"961.lol/assets/KHTeka-Regular.woff2","fqdn":"961.lol","domain":"961.lol","tld":"lol"},"ip":{"addr":"104.21.18.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://961.lol/","date":"2026-04-22T15:04:49.440Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"961.lol","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 13:56:29 GMT","end":"Tue, 21 Jul 2026 13:56:28 GMT"},"fingerprint":{"sha1":"27:C5:E7:23:93:69:BE:49:65:CB:FE:6A:73:43:89:D0:E5:12:7E:DA","sha256":"72:6F:54:E4:52:6B:10:00:39:A8:36:26:BA:0B:0B:87:A5:0D:FB:A9:4D:58:C4:A2:60:7B:D0:26:AD:2E:AA:F9"}}},"request":{"raw":"GET /assets/KHTeka-Regular.woff2 HTTP/1.1\r\nHost: 961.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://961.lol/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 22 Apr 2026 15:04:49 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 42188\r\ncast-mode: default\r\nlast-modified: Wed, 22 Apr 2026 14:53:39 GMT\r\netag: \"69e8e0f3-a4cc\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=syaax8ttID1txRDQ5dFHzeNCwaNEiECdiZEDrsMgimijB5i4LYZtwvXyuj7ir3n25FVYvlk5FPuX%2F8VVGMDsJNjK%2BLlqNFVzJdI%2FHck1jxPV73pDDacIVauF\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f0585ed08cbb1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":42188,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 42188, version 1.0","md5":"a918aa94460a2a95ccfffcf7224df6e4","sha1":"9c690a4d67ca4f8fa4295524af06b4d061f8c8f0","sha256":"1491e6d9a713e703891bb7cff67f2f785c9616df0b81504a37be6c15a4706bc3","sha512":"7859869f84323541884bd97b25c2a8bb60af834457f17ef41ac12669fce15e442a5212acbc00a4f28fd6eb7bd2ea148f45de3b7195edc4b4f066f0a4e541fb39","ssdeep":"768:oIKoK4lzWnuGeZ660HRzqx1V13F3Eej9qtLzoq9Yps4me3Jw/GW6Pf:xKD+yu63ZqLV1V3ut/ENkGW6n","tlshash":"1c13f1a0590670217d2f91784a67d8cfbcb0b47e1e4a774f6c7cab5c0930916fcae585","first_seen":"2025-09-26T22:05:13.153365Z","last_seen":"2026-04-30T17:13:22.126421Z","times_seen":332,"resource_available":false,"data":null}},"time_used":242,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":193,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"961.lol","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"961.lol/assets/KHTeka-Medium.woff2","fqdn":"961.lol","domain":"961.lol","tld":"lol"},"ip":{"addr":"104.21.18.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://961.lol/","date":"2026-04-22T15:04:49.443Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"961.lol","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 13:56:29 GMT","end":"Tue, 21 Jul 2026 13:56:28 GMT"},"fingerprint":{"sha1":"27:C5:E7:23:93:69:BE:49:65:CB:FE:6A:73:43:89:D0:E5:12:7E:DA","sha256":"72:6F:54:E4:52:6B:10:00:39:A8:36:26:BA:0B:0B:87:A5:0D:FB:A9:4D:58:C4:A2:60:7B:D0:26:AD:2E:AA:F9"}}},"request":{"raw":"GET /assets/KHTeka-Medium.woff2 HTTP/1.1\r\nHost: 961.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://961.lol/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 22 Apr 2026 15:04:49 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 42388\r\ncast-mode: default\r\nlast-modified: Wed, 22 Apr 2026 14:53:39 GMT\r\netag: \"69e8e0f3-a594\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tbhaVSXIJwZZDaPrQ53Ap1krZbnCp18u2RDtNp2guEFMush4moX4gv12200fEB2oTJJfDPLAc%2BnELphCUuONl%2FblkBSKCkGbqNUZkYsVoHVnF2wm%2FZc1GZmx\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f0585ed08ccb1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":42388,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 42388, version 1.0","md5":"b4654ab0ae548e33ee07aa61dcffc61a","sha1":"a76a9e6e214dbb1442d49384ddc04ab15f646f8c","sha256":"72b1a6bb274ab9bec5b0c7ffa3294d57aeb40e5e1ddcd636608f7b303a5a188a","sha512":"b4c066a098813b2c9ece27477bea99378b5e228b466c19175a01f75a324f3a28d8003b50ac4202263774492d90c7c32f3911987b79816eec3e86f146a4c703ce","ssdeep":"768:lvEK+O85aFN+GawIrhD6BC07w+/m29yWiaZMPhpEqAJhxyCd9/xk7VremoV:qK+O2aD8hD6BC07w+xqPEtJhxyCdxxks","tlshash":"2313e002c08249d79ed6913b3232aa1b3ab1b6d8d634e5fc42349df824e6c1f989d324","first_seen":"2025-09-26T22:05:13.166396Z","last_seen":"2026-04-30T17:13:22.156524Z","times_seen":334,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":198,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"961.lol","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"961.lol/assets/favicon-96x96.png","fqdn":"961.lol","domain":"961.lol","tld":"lol"},"ip":{"addr":"104.21.18.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://961.lol/","date":"2026-04-22T15:04:49.841Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"961.lol","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 13:56:29 GMT","end":"Tue, 21 Jul 2026 13:56:28 GMT"},"fingerprint":{"sha1":"27:C5:E7:23:93:69:BE:49:65:CB:FE:6A:73:43:89:D0:E5:12:7E:DA","sha256":"72:6F:54:E4:52:6B:10:00:39:A8:36:26:BA:0B:0B:87:A5:0D:FB:A9:4D:58:C4:A2:60:7B:D0:26:AD:2E:AA:F9"}}},"request":{"raw":"GET /assets/favicon-96x96.png HTTP/1.1\r\nHost: 961.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://961.lol/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 22 Apr 2026 15:04:49 GMT\r\ncontent-type: image/png\r\ncontent-length: 11348\r\ncast-mode: default\r\nlast-modified: Wed, 22 Apr 2026 14:53:39 GMT\r\netag: \"69e8e0f3-2c54\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=L0RWgSeVUF2ct2YAIeSBq2GKXhISkGYq50Ph1emhIfkTQvtMDH8y32R2OeuRxY%2FNoVj%2F0wQQpw%2FZ8Z%2BIbAAtkyPwMg6wllxdEuezbHYgI5fUk7cGarWZBFMX\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\ncf-ray: 9f0585ef8932b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11348,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced","md5":"7c0b6ba49c75cdbd3e6f0c4e42ae830a","sha1":"0a8964a5b1ae2c6087ea46e4a117fa3dde6f03d0","sha256":"6d18cee31f3539885f84e635b88b690954f193e35eb4ecff7e991163c00308fa","sha512":"69c8f55f386c3566362fadd11124065552c29cb104b4ba56244c5edb6d9e48d0a64478afc761c60ba632536ed1f3d73fbac09d91c1960f3f54b02769a8df5e2f","ssdeep":"192:A9QyVqCp0LuOHPF5PFW+XgMi2kvMoykgRQXPewzBjwmXg1Qw:AxL0KONW+XgBvSkgRQXvKmRw","tlshash":"e632d0fb6d955b8afa8331e2005815b1f166cd1990befafc612b34189f2c187524e3c3","first_seen":"2025-10-18T17:47:24.924043Z","last_seen":"2026-04-28T19:19:51.404514Z","times_seen":46,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"961.lol","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"961.lol/assets/favicon-96x96.png","fqdn":"961.lol","domain":"961.lol","tld":"lol"},"ip":{"addr":"104.21.18.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://961.lol/","date":"2026-04-22T15:04:49.840Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"961.lol","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 13:56:29 GMT","end":"Tue, 21 Jul 2026 13:56:28 GMT"},"fingerprint":{"sha1":"27:C5:E7:23:93:69:BE:49:65:CB:FE:6A:73:43:89:D0:E5:12:7E:DA","sha256":"72:6F:54:E4:52:6B:10:00:39:A8:36:26:BA:0B:0B:87:A5:0D:FB:A9:4D:58:C4:A2:60:7B:D0:26:AD:2E:AA:F9"}}},"request":{"raw":"GET /assets/favicon-96x96.png HTTP/1.1\r\nHost: 961.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://961.lol/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 22 Apr 2026 15:04:49 GMT\r\ncontent-type: image/png\r\ncontent-length: 11348\r\ncast-mode: default\r\nlast-modified: Wed, 22 Apr 2026 14:53:39 GMT\r\netag: \"69e8e0f3-2c54\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WaAXHWKA51B8V6o%2Bt2%2Fl02zUYQzjSy1WrXhh1NFnhKobibK2egk6jiB3UlfeTRp2clUDYc05w25jk3vkNjojSz6kHduKuSiuHNB1Et7N8dMeDVx6hLmiHGQ9\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\ncf-ray: 9f0585ef8931b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11348,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced","md5":"7c0b6ba49c75cdbd3e6f0c4e42ae830a","sha1":"0a8964a5b1ae2c6087ea46e4a117fa3dde6f03d0","sha256":"6d18cee31f3539885f84e635b88b690954f193e35eb4ecff7e991163c00308fa","sha512":"69c8f55f386c3566362fadd11124065552c29cb104b4ba56244c5edb6d9e48d0a64478afc761c60ba632536ed1f3d73fbac09d91c1960f3f54b02769a8df5e2f","ssdeep":"192:A9QyVqCp0LuOHPF5PFW+XgMi2kvMoykgRQXPewzBjwmXg1Qw:AxL0KONW+XgBvSkgRQXvKmRw","tlshash":"e632d0fb6d955b8afa8331e2005815b1f166cd1990befafc612b34189f2c187524e3c3","first_seen":"2025-10-18T17:47:24.924043Z","last_seen":"2026-04-28T19:19:51.404514Z","times_seen":46,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"961.lol","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"961.lol/","fqdn":"961.lol","domain":"961.lol","tld":"lol"},"ip":{"addr":"104.21.18.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-22T15:04:48.971Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"961.lol","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 13:56:29 GMT","end":"Tue, 21 Jul 2026 13:56:28 GMT"},"fingerprint":{"sha1":"27:C5:E7:23:93:69:BE:49:65:CB:FE:6A:73:43:89:D0:E5:12:7E:DA","sha256":"72:6F:54:E4:52:6B:10:00:39:A8:36:26:BA:0B:0B:87:A5:0D:FB:A9:4D:58:C4:A2:60:7B:D0:26:AD:2E:AA:F9"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 961.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 22 Apr 2026 15:04:49 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Wed, 22 Apr 2026 14:53:39 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wt7yDR2QiUDieHsXu1SKrWjIbUWOPAyYVLSGAghkp4PjTJTHL5O76BwkOi0v5RGpqSlKTjrp0iAp5Htx7bMqX5CanCmvxqcGerkLqaNubdECaXcmN%2F%2FG19ze\"}]}\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9f0585eabb9b568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26366,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"6a6b3a940671d12ac716e7c655b614e8","sha1":"2e01106e114a5b4b2629a9c45dda81445c56675f","sha256":"875cb4fbe53eb084988b6152c1fc9b1675ff1d0ebfe7974b4d0a2dbade7e8cdd","sha512":"5b5d2bb85c1b3a64625db0ecb4fcc3c0bd48c26c64bb1f3b0af792370015eee5f8c7bab54b7f4a799e55bd70d2ac8bb6dd0760f2b1d0ffba79d5424091d59c1e","ssdeep":"192:iN1rOQOOoRv0RJmhaFJ+tRMBmiSrP4HR2XHqwPTqriw8n9F5mdBwUZ1oh6iw0wya:g1rVmbz3F8uwR+i2shwLEMilNTI/x9e","tlshash":"60c2b637126740367813d5ad7bfa5f5e2274b403f509c82979dd3248cfcd6d88992ab8","first_seen":"2026-04-18T20:52:28.423111Z","last_seen":"2026-04-22T15:07:11.060896Z","times_seen":14,"resource_available":true,"data":null}},"time_used":404,"timings":{"blocked":99,"dns":88,"connect":1,"send":0,"wait":200,"receive":0,"ssl":11},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"961.lol","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}