{"report_id":"9cabec6b-c3d4-4c88-8b80-ec4fbdfeb62f","version":6,"status":"done","tags":[],"date":"2026-01-06T01:11:39Z","url":{"schema":"http","addr":"tta2069.com/","fqdn":"tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"www.tta2069.com/","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"title":"타이탄","dom":{"size":79881,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (54456), with no line terminators","md5":"927aa6def75c6b05f2912740634d4647","sha1":"2696048afc8be33352851b53859a3e71320541ed","sha256":"01286e904c1c5fe55e831973d87ef6035d630e973e3e8b305167a83df3cd5d95","sha512":"0633af2ea82f441c557b2a6567705916f4e6d9142a784581a4efd74cb3389450c496a75c0c1686e30bfa0a5f8b456ca92c6e59233c9aa9a7f3d990d003e6c394","ssdeep":"1536:8vvVQ/pbVJli3KDMBy7Eg0mQCZKCGIDU3Ke7Suvt9pADy:V/pLaS1y","tlshash":"1b731ba07845d29bb5638a556de0ea4072d6e103ffb78bacea61d5800fd3c9e0d1e670","dom_hash":"domhash3eabfa39573f10259b331bf621fa4f38","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"tta2069.com/","fqdn":"tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-10T01:11:39Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.tta2069.com","ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2025-11-07","domain_rank":0,"first_seen":"2026-01-06T01:11:41.139112Z","last_seen":"2026-01-06T01:11:41.139112Z","alert_count":72,"request_count":74,"received_data":9880256,"sent_data":51336,"comment":"","tags":null,"fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Webpack","description":"Webpack is an open-source JavaScript module bundler.","website":"https://webpack.js.org/","common_platform_enumeration":"","icon":"Webpack.svg","categories":["Miscellaneous"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Next.js","description":"Next.js is a React framework for developing single page Javascript applications.","website":"https://nextjs.org","common_platform_enumeration":"cpe:2.3:a:zeit:next.js:*:*:*:*:*:*:*:*","icon":"Next.js.svg","categories":["JavaScript frameworks","Web frameworks"]},{"name":"jQuery:1.12.3","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Slick","description":"","website":"https://kenwheeler.github.io/slick","common_platform_enumeration":"","icon":"Slick.svg","categories":["JavaScript libraries"]},{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]},{"name":"NextAuth.js","description":"NextAuth.js is a complete open-source authentication solution for Next.js applications.","website":"https://next-auth.js.org","common_platform_enumeration":"","icon":"Next-Auth.png","categories":["Authentication"]},{"name":"bxSlider","description":"Add a respsonsive image slider to any website.","website":"https://bxslider.com/","common_platform_enumeration":"","icon":"bxSlider.png","categories":["Photo galleries","JavaScript libraries"]},{"name":"Bootstrap:4.5.1","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"BootstrapCDN:4.5.1","description":"BootstrapCDN is a powerful and reliable Content Delivery Network (CDN) that delivers static resources, including CSS, JavaScript, and font files, for the widely-used Bootstrap framework. By leveraging multiple server locations worldwide, BootstrapCDN accelerates website loading times, ensuring a smooth and visually appealing user experience. Additionally, it ensures website compatibility with various devices and browsers. The service reduces bandwidth usage and server load, improving web performance for developers and end-users alike.","website":"https://www.bootstrapcdn.com/","common_platform_enumeration":"","icon":"BootstrapCDN.png","categories":["CDN"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.193.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-01-04T22:27:18.120727Z","alert_count":0,"request_count":1,"received_data":81288,"sent_data":469,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"kr03.tocplus007.com","ip":{"addr":"13.209.140.87","port":443,"asn":16509,"as":"AMAZON-02","country":"South Korea","country_code":"KR"},"domain_registered":"2008-06-09","domain_rank":0,"first_seen":"2014-01-15T18:58:20Z","last_seen":"2025-12-18T23:01:34.170351Z","alert_count":0,"request_count":1,"received_data":1024,"sent_data":434,"comment":"","tags":null,"fingerprints":null},{"fqdn":"stackpath.bootstrapcdn.com","ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-25","domain_rank":21970,"first_seen":"2018-04-05T04:41:29Z","last_seen":"2026-01-04T23:46:08.267685Z","alert_count":0,"request_count":2,"received_data":222279,"sent_data":916,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-01-04T22:17:15.216142Z","alert_count":0,"request_count":1,"received_data":97082,"sent_data":493,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"tta2069.com","ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":1,"request_count":1,"received_data":40986,"sent_data":480,"comment":"","tags":null,"fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"use.fontawesome.com","ip":{"addr":"172.67.142.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-10-18","domain_rank":6983,"first_seen":"2017-01-30T04:43:25Z","last_seen":"2026-01-04T23:43:53.267493Z","alert_count":0,"request_count":1,"received_data":55111,"sent_data":449,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"ka-f.fontawesome.com","ip":{"addr":"104.21.26.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-10-18","domain_rank":58377,"first_seen":"2019-12-17T06:36:13Z","last_seen":"2026-01-05T04:31:07.491285Z","alert_count":0,"request_count":1,"received_data":155282,"sent_data":539,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.tta2069.com/js/jquery.cookie.js","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"0f1f6cd6e0036897019b376d38593403","sha1":"498b29de6e170fffc8535183b7d6550490f0a159","sha256":"8c0301b3dba5061632d7321cd8bb7bd527f48288d5cb15ff614ea0c1dcc1ad69","sha512":"453746159a0f43273675676ac96681dc0e20242ab7cd96ba043d05f3ebee3b89a57ae28b4102033113a0467f55825e4ae4bed6c61186be20eb4dc0ee6cc49d8b","ssdeep":"","tlshash":"b5516554b6cc375f07ab22416b6f50aca63cbf72255808dc885965f82c60c37db9bd2a","size":3140,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-26T16:38:17.53491Z","times_seen":7458,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/_next/static/chunks/webpack-c8d42f0b9de18bc9.js?dpl=dpl_7FZ25ufYf6V1AgqCQPKys9tMznqS","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"c47217d3000e2edc5f88b19f3ac964a4","sha1":"f048c133493ab318244edf434a91e80239f22c5f","sha256":"48cefb7d3e20c09de8c018aa8508b86ca6e23f692d5f6b7a140a0d5710b816a0","sha512":"4156e5ffdc2ef55b8880fbf9245323c36c678932c1be1b78d87df9dd4da5f190cdd2a5320b2afc02f57ed90df1f056f110f54237670a205f617c290abe16f643","ssdeep":"","tlshash":"3381d6ba3614fab11af104c4983fd141f6197137051af8a0e71bdcb96428ee14561ff3","size":4029,"data":"","first_seen":"2026-01-06T01:11:55.493625Z","last_seen":"2026-01-06T01:11:55.493625Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/_next/static/chunks/pages/index-9d950aad0e4fa9b9.js?dpl=dpl_7FZ25ufYf6V1AgqCQPKys9tMznqS","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"7ccbaae4c8a3377ac5b0a9ba24b05233","sha1":"35d732ba01ed7d3f41e3d520ea818c6f0e7e50cc","sha256":"b5f160ea1462d373dbbeba6a10c3e7affa0444018fbc14accf67e58696a0b991","sha512":"30717124490dd0fa2772622b187297dfb8c82140f31afd47566697c3804f158309e5fb1b1b9f2ff0d80cf5f7c8ffbedbfc4ccae62384e9230d7c2c5f542c43b0","ssdeep":"","tlshash":"5be0c0b03053b49cb1ab0848063b15117478151c3c5ee9f4c3d44ce43c609444604d9d","size":349,"data":"","first_seen":"2026-01-06T01:11:55.477438Z","last_seen":"2026-01-06T01:11:55.477438Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/_next/static/PNYUt7kLcPr96LFV1WZKf/_buildManifest.js?dpl=dpl_7FZ25ufYf6V1AgqCQPKys9tMznqS","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"ad2754689e62742c620fcc44bb9a29c0","sha1":"35b7659d4483173ca45e1f0176453393b8d0c89d","sha256":"3f6ebbca8aa81729e30b6e3c132df0cb0fec00181e978d398627cca5bd799a1c","sha512":"2d01d1223cc477c5942084ab6c745db87e76922cbf1d0622d81494f197f2db0bc41e8d4a81233d26b268cfb299c1ebd31c84dcfe1e430183f0d1ef323a122ab6","ssdeep":"","tlshash":"32119bdb460ae1030fa1ed4431775a23df6145b7563d0626d7ac4e6825972b2cf89c36","size":1043,"data":"","first_seen":"2026-01-06T01:11:55.443861Z","last_seen":"2026-01-06T01:11:55.443861Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/js/odometer.min.js","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"137173424eea612b37a46854e4884fc1","sha1":"7e1b08b8104c7a83a1b5a855f1977a6686796609","sha256":"eb94751b98ab535553fa4f0be1ca2a81ddec692bcefd6b9fb289ffc3ebf621dc","sha512":"e755834d5ee1683f4104373c4561f6af94e7b92891c80a849db1b2b8a1d89feaa9602ac2724c457aa96bd48e54a0e50b8a3c8b576be71cef4b4b832b0331f1c1","ssdeep":"192:HABzlvQK8QecCHAOcu2a+OdI5s/GMb8Xuulj:gBhv18QecCxVxz+7dlj","tlshash":"f8228580ba11a725835371e151bf0609b7bb99aea404401df67c9dd9be29c38e12bf74","size":10264,"data":"","first_seen":"2023-03-07T01:20:07Z","last_seen":"2026-04-26T16:38:45.371054Z","times_seen":609,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/js/jquery-1.12.3.min.js","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"c07f2267a050732b752cc3e7a06850ac","sha1":"220dad6750fba4898e10b8d9b78ca46f4f774544","sha256":"69a3831c082fc105b56c53865cc797fa90b83d920fb2f9f6875b00ad83a18174","sha512":"9b1d0bf71b3e4798c543a3a805b4bda0e7dd3f2ca6417b2b4808c9f2b9dcb82c40f453cfae5ac2c6bafc5f0a3e376e3a8ce807b483c1474785eb5390b8f4a80e","ssdeep":"1536:kYE1JVoiB9JqZdXXe2pD3PgoIiulrUdTJSFk/zkZ4HjL5o8srOa99TwkEb7/Jp9s:P4J+R3jL5TCOaLTwkEFdnCVQwNa98HrV","tlshash":"b293d7d9b6d6706287b734a851bf410bb17aa8eab40c4c60f058c8e47e74e9d507bf2d","size":97180,"data":"","first_seen":"2023-03-07T01:29:55Z","last_seen":"2026-04-26T15:22:41.408213Z","times_seen":3550,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/js/flux.js","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"1789a5c908dee6faf2cd23b990e086eb","sha1":"c746434aa9f4690a8a9e8f0698ac475cd42eccd3","sha256":"c038c247e372e9c36d38f97882851c40315f5e9e9af6f0e8b7ea2962c971cd04","sha512":"4226c28a3f6e3463ec7c54fa4635d531b7c5e0ec6f23deb6e1da77af863491227e210c24af0b0fc5de04133cd63f19d45af648bd56654bc44b4679923133f497","ssdeep":"384:8uswmT+qCSTK2frxMwt6KNdX5X5ABBW4ol2ZkWUuXqPxgYg3un/45S2pKWtyQYrI:sv9iBB5Xq6A6/3uWwsUD69s63rck","tlshash":"f1e2931473a1335881d7629661df5d08d13ad533b902c32cf666e2de88d094eab3bbb6","size":32879,"data":"","first_seen":"2025-09-25T21:59:23.187904Z","last_seen":"2026-01-06T01:11:55.453346Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/_next/static/chunks/main-2bdef149e6c81cee.js?dpl=dpl_7FZ25ufYf6V1AgqCQPKys9tMznqS","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b4ee63b86d2b5897e28e26683dba69a8","sha1":"7ce5620b7bf6c20390655abbb23716af3595dc28","sha256":"b5803f3db06c60c4b7b4dc6076d42f1954939f83b1833c4b4a18b7ff1754aac5","sha512":"551ffe190236d65cd6820dafdaee606e115d11915bf421935336b4546b7aa3280f69acf39c591bac7cb1bb70daabb6cb00752e1fa823c1f27b221129ea4fd2d9","ssdeep":"1536:2Jd5bOaUAWeTYtofOM7wL8oM+gerLbKx7ETw4nPRw9PXp7QIJa:29ZrWeTSo17wL8chrLbKx7Bt/O8a","tlshash":"4ac31bb672d1fca203c741d4883b0006f3691dba146f6095b3eadcd6b99499da0f2f79","size":120588,"data":"","first_seen":"2026-01-06T01:11:55.455127Z","last_seen":"2026-01-06T01:11:55.455127Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/_next/static/PNYUt7kLcPr96LFV1WZKf/_ssgManifest.js?dpl=dpl_7FZ25ufYf6V1AgqCQPKys9tMznqS","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b6652df95db52feb4daf4eca35380933","sha1":"65451d110137761b318c82d9071c042db80c4036","sha256":"6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e","sha512":"3390c5663ef9081885df8cdbc719f6c2f1597a4e25168529598097e9472608a4a62ec7f7e0bc400d22aac81bf6ea926532886e4dc6e4e272d3b588490a090473","ssdeep":"","tlshash":"98a001e0943cdc60aa63dd1c136413128fa05122651d28938afd3044c0301510300d90","size":77,"data":"","first_seen":"2023-03-07T01:03:02Z","last_seen":"2026-04-26T16:09:12.427157Z","times_seen":210563,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"stackpath.bootstrapcdn.com/bootstrap/4.5.1/js/bootstrap.min.js","fqdn":"stackpath.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"aa073ec0db74966cc0dcf16632b2bd07","sha1":"a52652263d8f72dd9125a982d76f6ce96b454ca2","sha256":"d0889aa19088fbef68000be609be58d2bf775e4ba1bc9a516a564b7df4172e89","sha512":"6b4623c2dbc2b776809c93df7568bbd1ba05937314db560f2e3744b1c391f7b1a7b9636d1e54770a2c44d63a7754bde0e1d1d0e75e9a8f89041065a732310e2f","ssdeep":"768:zfAnnay0Ik8HVheIE8Dg76TXfI4v+KMTK6viTlCDqm4n6xOp6Pxg3atCkaYk2:zfUnQlzHw6xJxgOaYz","tlshash":"6c43a54a7254787206df747a817b060bb3366c99a50a816cb8699ced2f7cd483277f3c","size":60044,"data":"","first_seen":"2023-03-07T12:39:55Z","last_seen":"2026-04-25T00:43:35.281739Z","times_seen":104,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/_next/static/chunks/framework-56bbe3ca90f9e4b0.js?dpl=dpl_7FZ25ufYf6V1AgqCQPKys9tMznqS","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b36ac85e26eed1b240d98556b0f90750","sha1":"68411a04410082e3978b492efe46878466e4802c","sha256":"ead2af20e233e486b8e923244debad090a0fc2eb22967120d3a4d34bbe07ffa9","sha512":"f3a0512df0233da3ad430b23254b794448d1e2732990a8820a53d422a6dc3539b7fe77b8ce70b8d5d39adda48045d807ffb8a4a6b5de0f981c413300550d5726","ssdeep":"1536:06+oWdmwBpecEir4zCslI6yvGwR5q34rO9SBb3Kwt8Qqi45GY4bOiwEFe/oAAzTi:FiecqzCokjMz9SBbpt8wi+7TFA","tlshash":"6b04f9e83955f1526eb312b710af2803737c262b280d4d60a211fd9db5b845eb17bf9e","size":182720,"data":"","first_seen":"2026-01-06T01:11:55.444733Z","last_seen":"2026-01-06T01:11:55.444733Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/_next/static/chunks/pages/_app-682071621d5d4f70.js?dpl=dpl_7FZ25ufYf6V1AgqCQPKys9tMznqS","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"11a2c476a1cda3d94b70a4b7b4b49ca4","sha1":"02e7664dda67fdcdfb3fca1f66b867e6e23c445c","sha256":"c3bcb6206e2da8838a0f2627db693ef482de22b7af39b30a9bf99e5775c85b0f","sha512":"83a9384fa12221ee0e8a8d42732e42736642f97cd4b9d41d15e0779e9857ecc9bd21eef21753befaa71dd4370d360558761166c58dbd07b2623636eb5de5224b","ssdeep":"3072:eNRI6Kl73EQbSsBS5nOIQp3nqjKuro671UWvYKBI/I510iFdNG6CLXhhch/pfccu:eRAl73EQrcaiFnCLXhw/mcazl2U","tlshash":"57545ed57281f13653eb80a9807b9009f27d5d19ec0e4864f264e8d12dfac8d62b7fb9","size":300611,"data":"","first_seen":"2026-01-06T01:11:55.449956Z","last_seen":"2026-01-06T01:11:55.449956Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"www.tta2069.com/api/routes/get-sport-setting","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:16.842Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"POST /api/routes/get-sport-setting HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 2\r\nOrigin: https://www.tta2069.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2,"data":"{}"}},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-encoding: br\r\ncontent-type: application/json; charset=utf-8\r\ndate: Tue, 06 Jan 2026 01:11:17 GMT\r\netag: W/\"inn7hxkef73vn\"\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /api/routes/get-sport-setting\r\nx-vercel-cache: MISS\r\nx-vercel-id: arn1::iad1::5b9fn-1767661876839-6bef4d2a527b\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5027,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"39b9e9e527f430a755965378b832acd2","sha1":"372b159515399e5a734557257a003419653b2e3e","sha256":"a6b7c25118c7b58e6c3bb917ef45962758a4bf94b423016bef8698f271778746","sha512":"77980641799d5f4aee95b022d1183baece8801b1e797e976e8d1d94e4186a3c9624a449af57dfdc873f169bd2e92956657d3328082dd9ec20c77dc2534b12bcb","ssdeep":"96:GWnz5mEQcOtPAQEVU/5eeu3ftzFjI3Apxym4KWVjLX6KOEVKlleEskWE1PhUto9I:GWz5tOpAZU/0euvtz5IwpH4K6jT6K+lQ","tlshash":"a3a1cd2e540cfd9c7c7b7af90cdf69e9607d1497d7de528e0cdaba2d204a3081a07968","first_seen":"2026-01-06T01:11:55.417705Z","last_seen":"2026-01-06T01:11:55.417705Z","times_seen":1,"resource_available":false,"data":null}},"time_used":739,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":739,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/api/routes/get-user-notices","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:16.849Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"POST /api/routes/get-user-notices HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 2\r\nOrigin: https://www.tta2069.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2,"data":"{}"}},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-type: application/json; charset=utf-8\r\ndate: Tue, 06 Jan 2026 01:11:16 GMT\r\netag: \"wkzjoz77n5y\"\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /api/routes/get-user-notices\r\nx-vercel-cache: MISS\r\nx-vercel-id: arn1::iad1::k2tnk-1767661876842-7ba6a4963602\r\ncontent-length: 34\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":34,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"68c32d1221431d9324822755bc28ed15","sha1":"191d7819842bcf14bb65e3754704ec1a7e1cebd5","sha256":"a04e363ecb9780d2ac0818189703dafb4ba14b3421be75d47e4b4fb6cbc031e8","sha512":"608e68abf719679aec854997121881343f2905a23e47ebeb55cf084840cdb8bcaea327b6e3c32846476b2489288f65446f56b91e303a1f6ead443034e223a6db","ssdeep":"","tlshash":"5b800410d7400c53c54041d0410415414534333100c01400544d74c4401d4155054453","first_seen":"2025-11-10T04:53:39.94548Z","last_seen":"2026-01-06T01:11:55.421241Z","times_seen":2,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":155,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/slot/evolution.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:17.667Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/slot/evolution.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"evolution.png\"\r\ncontent-type: image/png\r\ndate: Tue, 06 Jan 2026 01:11:17 GMT\r\netag: \"10da199c6226ec362e204f75ca26214f\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:17 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /img/slot/evolution.png\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::k2tnk-1767661877652-0cf81b1994c6\r\ncontent-length: 61020\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":61020,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 310 x 157, 8-bit/color RGB, non-interlaced","md5":"10da199c6226ec362e204f75ca26214f","sha1":"9c308243589e1f97a219ac8634bdda544907e276","sha256":"bf6264ea819d37a69e0f9e1873c7cdca215e197f5dc18987101d7f4eeaf09244","sha512":"a21c80bad72518514970059ddb4b311135a637593523ec833fd6fee1859f9b9744c6ac4851ee04cd54907afddc382962a98ff815e60e8d401cdc4f2b35dddd2b","ssdeep":"1536:bptHec0ypdO50tl7xxof++tvW5CzoRK7AO6Qq9HNQH57kQ:XHfvpM50nNj+1WKAOLq9NuAQ","tlshash":"265302b92810b60a46078fc1fdb058ef680a929acf74f0bc1b8e78474eb95742f55d75","first_seen":"2026-01-06T01:11:55.424322Z","last_seen":"2026-01-06T01:11:55.424322Z","times_seen":1,"resource_available":false,"data":null}},"time_used":214,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":212,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-06T01:11:14.649Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nage: 0\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Tue, 06 Jan 2026 01:11:14 GMT\r\netag: W/\"qq5hzltk9shpq\"\r\nserver: Vercel\r\nset-cookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; Path=/; HttpOnly; Secure; SameSite=Lax\n__Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com; Path=/; HttpOnly; Secure; SameSite=Lax\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /ko\r\nx-powered-by: Next.js\r\nx-vercel-cache: MISS\r\nx-vercel-id: arn1::iad1::5b9fn-1767661874684-556ff57183ef\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Webpack","description":"Webpack is an open-source JavaScript module bundler.","website":"https://webpack.js.org/","common_platform_enumeration":"","icon":"Webpack.svg","categories":["Miscellaneous"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Next.js","description":"Next.js is a React framework for developing single page Javascript applications.","website":"https://nextjs.org","common_platform_enumeration":"cpe:2.3:a:zeit:next.js:*:*:*:*:*:*:*:*","icon":"Next.js.svg","categories":["JavaScript frameworks","Web frameworks"]},{"name":"jQuery:1.12.3","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Slick","description":"","website":"https://kenwheeler.github.io/slick","common_platform_enumeration":"","icon":"Slick.svg","categories":["JavaScript libraries"]},{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]},{"name":"NextAuth.js","description":"NextAuth.js is a complete open-source authentication solution for Next.js applications.","website":"https://next-auth.js.org","common_platform_enumeration":"","icon":"Next-Auth.png","categories":["Authentication"]},{"name":"bxSlider","description":"Add a respsonsive image slider to any website.","website":"https://bxslider.com/","common_platform_enumeration":"","icon":"bxSlider.png","categories":["Photo galleries","JavaScript libraries"]},{"name":"Bootstrap:4.5.1","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}],"data":{"size":40670,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (22952), with no line terminators","md5":"62c67448416d4530ead1b6576c931121","sha1":"0eacdac402373169918a35917dc3223b3d060c94","sha256":"77b818988064d6951200f5ea3ce8d0925dcac7c11b190f305f048e2749a1a2d8","sha512":"48951dd8b0fe73c15c80d8f3395d31597ac60096ca1e79672741d414f6e8ae3f7d6605112d50cf5b12d8a11d5803f1886df3a49356d158f39994637e6bd96453","ssdeep":"768:P+Kk6pV+uvtZ8nWk7wp0LYc43QFUdAJvDjoPvNH5fY2szN4zGMVmEoWwpbUiqR67:2D4V+uvt9pADn","tlshash":"570386a13c5656d860d1ce81aea0989183c7d233ff6bcbb8cfd35a451d268df484ba71","first_seen":"2026-01-06T01:11:55.426305Z","last_seen":"2026-01-06T01:11:55.426305Z","times_seen":1,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":31,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.193.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:15.078Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: text/css; charset=utf-8\r\nx-jsd-version: 1.8.1\r\nx-jsd-version-type: version\r\netag: W/\"13a7e-T26mnA4DQx/6Ggl6RUU7WzskbYs\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Tue, 06 Jan 2026 01:11:15 GMT\r\nage: 1785715\r\nx-served-by: cache-fra-etou8220096-FRA, cache-hel1410025-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 10912\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":80510,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"79877fb82de8ca50845081e3c9a201c5","sha1":"4f6ea69c0e03431ffa1a097a45453b5b3b246d8b","sha256":"af35cc6aba34e5005de77099dfa72d4c1a7715d28ddcec343f48031dc8cb08bc","sha512":"a0ac6c78d553964668b515be45822f1dacbe616e0c7c341526a156cbd67d6e495a160eb15858f30f2c7501571684380b0b797510a00bd0074a7e894abe75db15","ssdeep":"768:Uqnm8OAL1Mzocm4KyH2CuwZwmij34k4RDl8Ibgo:JOocm4FuwZ5ijINRDl8o","tlshash":"0c73eeba914f05f9d341e4d92743674297aab93ce1813c7ad342399ee3c16188ad73ec","first_seen":"2023-04-05T17:13:40Z","last_seen":"2026-04-26T13:54:24.941975Z","times_seen":4230,"resource_available":false,"data":null}},"time_used":323,"timings":{"blocked":133,"dns":1,"connect":28,"send":0,"wait":27,"receive":2,"ssl":129},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/js/jquery-1.12.3.min.js","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:15.081Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /js/jquery-1.12.3.min.js HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"jquery-1.12.3.min.js\"\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Tue, 06 Jan 2026 01:11:15 GMT\r\netag: \"c77f26312313f5505a669a380bd56cc9\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:15 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /js/jquery-1.12.3.min.js\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::xsns2-1767661875059-2453c5b0c268\r\ncontent-length: 35655\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":97180,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (32029)","md5":"c07f2267a050732b752cc3e7a06850ac","sha1":"220dad6750fba4898e10b8d9b78ca46f4f774544","sha256":"69a3831c082fc105b56c53865cc797fa90b83d920fb2f9f6875b00ad83a18174","sha512":"9b1d0bf71b3e4798c543a3a805b4bda0e7dd3f2ca6417b2b4808c9f2b9dcb82c40f453cfae5ac2c6bafc5f0a3e376e3a8ce807b483c1474785eb5390b8f4a80e","ssdeep":"1536:kYE1JVoiB9JqZdXXe2pD3PgoIiulrUdTJSFk/zkZ4HjL5o8srOa99TwkEb7/Jp9s:P4J+R3jL5TCOaLTwkEFdnCVQwNa98HrV","tlshash":"b293d7d9b6d6706287b734a851bf410bb17aa8eab40c4c60f058c8e47e74e9d507bf2d","first_seen":"2023-03-07T01:29:55Z","last_seen":"2026-04-26T15:22:41.408213Z","times_seen":3550,"resource_available":true,"data":null}},"time_used":186,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":185,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/include/js/jquery.bxslider.min.js","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:15.085Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /include/js/jquery.bxslider.min.js HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 2611001\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"404\"\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Tue, 06 Jan 2026 01:11:15 GMT\r\netag: \"fbf92a20c035c1c8186c8d7ef7c5cc31\"\r\nlast-modified: Sat, 06 Dec 2025 19:54:33 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /ko/404\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::gwlrq-1767661875066-e07b69d6d4d6\r\ncontent-length: 2809\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"BootstrapCDN:4.5.1","description":"BootstrapCDN is a powerful and reliable Content Delivery Network (CDN) that delivers static resources, including CSS, JavaScript, and font files, for the widely-used Bootstrap framework. By leveraging multiple server locations worldwide, BootstrapCDN accelerates website loading times, ensuring a smooth and visually appealing user experience. Additionally, it ensures website compatibility with various devices and browsers. The service reduces bandwidth usage and server load, improving web performance for developers and end-users alike.","website":"https://www.bootstrapcdn.com/","common_platform_enumeration":"","icon":"BootstrapCDN.png","categories":["CDN"]},{"name":"bxSlider","description":"Add a respsonsive image slider to any website.","website":"https://bxslider.com/","common_platform_enumeration":"","icon":"bxSlider.png","categories":["Photo galleries","JavaScript libraries"]},{"name":"Slick","description":"","website":"https://kenwheeler.github.io/slick","common_platform_enumeration":"","icon":"Slick.svg","categories":["JavaScript libraries"]},{"name":"Bootstrap:4.5.1","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jQuery:1.12.3","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7022,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (6502), with no line terminators","md5":"fbf92a20c035c1c8186c8d7ef7c5cc31","sha1":"09af721ebb817b4ca8e5ce7f0e81f4ca9a85f3d2","sha256":"f1c2096b348eb9294e5f4626ffd5fe2ec621591bb5d1f99c4f2481d23baf40f2","sha512":"440fdc90bbf7e3cd40e5609a0e81b97cf199f1e3ba385ac7b15391f1620e7d69024602a82380d51b4ecac53abcd2ee180917af803ae5cac68dce92f069f6223e","ssdeep":"192:yU+Kqjsm8qbT1V4GzAzdLTFIh+ejWqzIaEqj:yU+KqjsmT1VKV5m+OWSEqj","tlshash":"08e1d833ac17d59711120ce9f273bb1de0c6a219cea9987c7afa55145f91fcf0d0a80a","first_seen":"2026-01-06T01:11:55.431588Z","last_seen":"2026-01-06T01:11:55.431588Z","times_seen":1,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/icon/sports-icon.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:15.099Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/icon/sports-icon.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"sports-icon.png\"\r\ncontent-type: image/png\r\ndate: Tue, 06 Jan 2026 01:11:15 GMT\r\netag: \"66fdd09c682ce5f90c7e7325eec8c375\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:15 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /img/icon/sports-icon.png\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::sgcgm-1767661875077-17934403c9e6\r\ncontent-length: 26225\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":26225,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 224 x 224, 8-bit/color RGBA, non-interlaced","md5":"66fdd09c682ce5f90c7e7325eec8c375","sha1":"ccabbededaac3ad40f20b64183beb92886157386","sha256":"d87f9f8bc74e3818c3e669ba3ecfa4f4cc1a5a40aa52c9945d28fe34c0317211","sha512":"3dd7aaf7e0f936a0119cd7b54c3f09a5697fa42da987444e3a6d87a80e7385b93449bf17b0fe06986484c43900c334c99d45799e888dae24158d6fa5b9036804","ssdeep":"384:F0w7n7gJQ28MOtcmL+MO7aV161/KMGzQVRgtNNbcxbledRJD3yql0olA9nt9K:FdqQ28M8veaVo1CMG0wdbYJed/yMA9tU","tlshash":"97c2e1cff344085d2215b0fe2edac8b94531908262df2d24a6fa664a55d12777d683cf","first_seen":"2026-01-06T01:11:55.43359Z","last_seen":"2026-01-06T01:11:55.43359Z","times_seen":1,"resource_available":false,"data":null}},"time_used":239,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":238,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/bg/mobilepartners.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:15.106Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/bg/mobilepartners.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"mobilepartners.png\"\r\ncontent-type: image/png\r\ndate: Tue, 06 Jan 2026 01:11:15 GMT\r\netag: \"b63f1a3fa683cdf37e6143dddc1b8e99\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:15 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /img/bg/mobilepartners.png\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::kj7qt-1767661875079-b18df45bfe36\r\ncontent-length: 149275\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":149275,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 651 x 393, 8-bit/color RGBA, non-interlaced","md5":"b63f1a3fa683cdf37e6143dddc1b8e99","sha1":"ac0014d291466b29329cdb4f3454739aa1e50289","sha256":"83e0fd52d7a776db6c61f01728e70adb9e5924277848aefdba38e9c7a5a14290","sha512":"f85eeaef8afdc094d6191008d411e0bcf83e98e0c2000600bdd36de5c8d2626895f40a84f5086a25cef72dc02bfc4321005f64edc20b72715b7dd4affc7820a0","ssdeep":"3072:xRaZPcmlohU1hkDT7ibkIOYWt23CuDppt+n8G8t7OspI6s279J:xRaZEmlkwhkDxIOYWt2SuD3t+8G89OsB","tlshash":"4be312e339967d0a029c00d330aef1d2cab36b896dcc54a58710576a247b6e729f5bb1","first_seen":"2026-01-06T01:11:55.435342Z","last_seen":"2026-01-06T01:11:55.435342Z","times_seen":1,"resource_available":false,"data":null}},"time_used":217,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":212,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/api/routes/get-notice-popup","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:16.844Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"POST /api/routes/get-notice-popup HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 2\r\nOrigin: https://www.tta2069.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2,"data":"{}"}},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-type: application/json; charset=utf-8\r\ndate: Tue, 06 Jan 2026 01:11:17 GMT\r\netag: \"wkzjoz77n5y\"\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /api/routes/get-notice-popup\r\nx-vercel-cache: MISS\r\nx-vercel-id: arn1::iad1::54bqq-1767661876839-baf0badd98b9\r\ncontent-length: 34\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":34,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"68c32d1221431d9324822755bc28ed15","sha1":"191d7819842bcf14bb65e3754704ec1a7e1cebd5","sha256":"a04e363ecb9780d2ac0818189703dafb4ba14b3421be75d47e4b4fb6cbc031e8","sha512":"608e68abf719679aec854997121881343f2905a23e47ebeb55cf084840cdb8bcaea327b6e3c32846476b2489288f65446f56b91e303a1f6ead443034e223a6db","ssdeep":"","tlshash":"5b800410d7400c53c54041d0410415414534333100c01400544d74c4401d4155054453","first_seen":"2025-11-10T04:53:39.94548Z","last_seen":"2026-01-06T01:11:55.421241Z","times_seen":2,"resource_available":false,"data":null}},"time_used":354,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":354,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/slot/orientalgame.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:17.626Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/slot/orientalgame.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T16:08:29.690696Z","times_seen":14235158,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/_next/static/media/esamanru_Light.24c78eb4.ttf","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:16.852Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /_next/static/media/esamanru_Light.24c78eb4.ttf HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/_next/static/css/d5ce92bbc06185f8.css?dpl=dpl_7FZ25ufYf6V1AgqCQPKys9tMznqS\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public,max-age=31536000,immutable\r\ncontent-disposition: inline; filename=\"esamanru_Light.24c78eb4.ttf\"\r\ncontent-encoding: br\r\ncontent-type: font/ttf\r\ndate: Tue, 06 Jan 2026 01:11:17 GMT\r\netag: \"6b7e2efb02611bc37da328590803f1cd\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:17 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /_next/static/media/esamanru_Light.24c78eb4.ttf\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::887v8-1767661876849-ff3cfad7f219\r\ncontent-length: 587730\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":2168048,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, 15 tables, 1st \"GDEF\", name offset 0x210518","md5":"7be4d3c8aff100c466521818e4cc4f93","sha1":"4610921ac189054b50a1383d3d00e765578a78c5","sha256":"d68f15bd8bc37a504512e62c70922da9d6c9a7477060bb5dcf0e9bf51ddb2493","sha512":"445635092d9c1344d56d10bd8414d539e1ee7e181443f56419ef5ad75b5deab7c6d0efb095d1285485af096c3c0d4b22885226a75c7ac28f24ff92512d10e2cb","ssdeep":"12288:B+RL+S8xdFUpNH/DPTG3BE6oSXQQHeM055:sLYSx/7TGxEtS2x","tlshash":"a7250987db97f95cc361857ec952e90e56cbed3e4384035a4f896e220ca74eb280c57b","first_seen":"2026-01-06T01:11:55.437928Z","last_seen":"2026-04-08T10:11:25.144073Z","times_seen":2,"resource_available":false,"data":null}},"time_used":393,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":370,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/bg/gnb_line.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:17.274Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/bg/gnb_line.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"gnb_line.png\"\r\ncontent-type: image/png\r\ndate: Tue, 06 Jan 2026 01:11:17 GMT\r\netag: \"2f736e614ad72fe91664116f4fe65ef4\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:17 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /img/bg/gnb_line.png\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::mdcsg-1767661877289-c15a2d6c5b91\r\ncontent-length: 1119\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1119,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 12 x 21, 8-bit/color RGBA, non-interlaced","md5":"2f736e614ad72fe91664116f4fe65ef4","sha1":"644f9e0938a122a068be162831d148b61f7927aa","sha256":"92a823893dccd6983664907c51b3aca47886c18f885cff3c59e60e891e532d28","sha512":"6794c0a355cff6c74aa84fee52dd33e323b1005a109a6aa95053fe26d3b1b4f765c04016b53cf7e3f6a9a64ee1fcaf1be056eb09bd865bd9770db853ee68a5ae","ssdeep":"","tlshash":"5721008df550a94166a9a98328f5421b8a629a80a9e0f05a78dec82768b40fdc46d5cf","first_seen":"2026-01-06T01:11:55.439174Z","last_seen":"2026-01-06T01:11:55.439174Z","times_seen":1,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":12,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/slot/asiagaming.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:17.669Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/slot/asiagaming.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"asiagaming.png\"\r\ncontent-type: image/png\r\ndate: Tue, 06 Jan 2026 01:11:17 GMT\r\netag: \"05dbfbfa2f91d5da28f79666d31ecab3\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:17 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /img/slot/asiagaming.png\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::mdcsg-1767661877652-82ac8e1ff413\r\ncontent-length: 60571\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":60571,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 310 x 157, 8-bit/color RGB, non-interlaced","md5":"05dbfbfa2f91d5da28f79666d31ecab3","sha1":"7e6dff140355fb1dfb2aeac6eb1e7004fdaecea9","sha256":"56d7d0927db9a7c1471d644bec3546865298d1c4c028ac84613c1946b337b402","sha512":"a773295e5628406edc7b050a0a07ace7732aaee5612a73f240a579d6cf1d2a433a1f245ea9c732eb75c2bb725b23e303088b12ce181a502de4842b478f0cf8ff","ssdeep":"1536:TDWHi57Bs1sPOlvxn+AaTcqx1R2GN2v7Xq4da316ILQQ7Imz6R:TyHEBssONx+thM7XpdHEQQ7JuR","tlshash":"3343024f9e32f5b2a7f03901728136e38a13c8f4b5f511adfb8410b91a5ad6dd6998c3","first_seen":"2026-01-06T01:11:55.440441Z","last_seen":"2026-01-06T01:11:55.440441Z","times_seen":1,"resource_available":false,"data":null}},"time_used":205,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":204,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/slot/microgaming.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:17.671Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/slot/microgaming.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"microgaming.png\"\r\ncontent-type: image/png\r\ndate: Tue, 06 Jan 2026 01:11:17 GMT\r\netag: \"5bd0aec420b0629440f6590ab1d06110\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:17 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /img/slot/microgaming.png\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::xsns2-1767661877654-c7472e9c761d\r\ncontent-length: 58622\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":58622,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 310 x 157, 8-bit/color RGB, non-interlaced","md5":"5bd0aec420b0629440f6590ab1d06110","sha1":"876a280747f2a3cc7644c8321af5c5668a92fae5","sha256":"7904101329a812b417caa4718af7c293343d41eebf5a97dd702289857c10524d","sha512":"7ca268bfeeb402e7e67658d8520803031b62e2cb0979f9ed2678f20250a93c6f97c1874f75a10b25cf7397c8c4db80ed7e5202f9dde92138a22527636aa151d7","ssdeep":"768:0BFkB3SxAhPtmKyGW3on3jYK/mKBbyBWZKXbSIN/PQNqIdCoRd/mO/WO4m6bDWo0:LwgIQ3MKTBbc/XoRdCo3bUmGD7f3yP8q","tlshash":"da43021cc01d679090a9b13532f5f9ba29cb60aae41e27ff014543031f53e6fd9eaae4","first_seen":"2026-01-06T01:11:55.441715Z","last_seen":"2026-01-06T01:11:55.441715Z","times_seen":1,"resource_available":false,"data":null}},"time_used":206,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":204,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kr03.tocplus007.com/css/chat.css","fqdn":"kr03.tocplus007.com","domain":"tocplus007.com","tld":"com"},"ip":{"addr":"13.209.140.87","port":443,"asn":16509,"as":"AMAZON-02","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:15.079Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.tocplus007.com","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV CA","organization":"GoGetSSL"},"validity":{"start":"Fri, 11 Jul 2025 00:00:00 GMT","end":"Tue, 11 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"43:32:05:DB:12:4F:B8:D1:92:05:71:8C:FD:A2:5E:B7:A6:7A:25:FD","sha256":"14:9D:8E:3F:92:81:AF:E3:CC:38:44:B8:AF:86:27:8E:E6:FC:EF:1C:A5:F2:A6:50:9E:7E:3F:5E:B6:5D:48:FF"}}},"request":{"raw":"GET /css/chat.css HTTP/1.1\r\nHost: kr03.tocplus007.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nAccept-Ranges: bytes\r\nETag: W/\"814-1262304000000\"\r\nLast-Modified: Fri, 01 Jan 2010 00:00:00 GMT\r\nContent-Type: text/css;charset=UTF-8\r\nContent-Length: 814\r\nDate: Tue, 06 Jan 2026 01:11:16 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":814,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with CRLF line terminators","md5":"550956d25f9dfa4c9728533853c904b4","sha1":"441ebec85537f60f08cacbc2a1de93369a8bfd06","sha256":"30b6c03b308481cda8461c47b9b83d7e3d71cca74e324565220da639adc33dd3","sha512":"8b6228624bbbd6615411e211c9545efa112542b72941e2ca75ec906c1c990c869316611cf51e41f70c2242890f0e995c0248c997a2ef503df8e4bb01e977bfd0","ssdeep":"","tlshash":"a101f531c909004a30399955bbe4efd3f2e746239600217abfe5b3248f71dbe44a12dd","first_seen":"2023-04-06T07:36:13Z","last_seen":"2026-04-24T23:03:11.696599Z","times_seen":132,"resource_available":false,"data":null}},"time_used":2717,"timings":{"blocked":1156,"dns":22,"connect":392,"send":0,"wait":379,"receive":0,"ssl":765},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/_next/static/PNYUt7kLcPr96LFV1WZKf/_buildManifest.js?dpl=dpl_7FZ25ufYf6V1AgqCQPKys9tMznqS","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:15.092Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /_next/static/PNYUt7kLcPr96LFV1WZKf/_buildManifest.js?dpl=dpl_7FZ25ufYf6V1AgqCQPKys9tMznqS HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public,max-age=31536000,immutable\r\ncontent-disposition: inline; filename=\"_buildManifest.js\"\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Tue, 06 Jan 2026 01:11:15 GMT\r\netag: \"3131c8f12ef3497476b3b8ed0e17a800\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:15 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /_next/static/PNYUt7kLcPr96LFV1WZKf/_buildManifest.js\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::kgs9t-1767661875072-b1d19e3ca86b\r\ncontent-length: 483\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1043,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (1043), with no line terminators","md5":"ad2754689e62742c620fcc44bb9a29c0","sha1":"35b7659d4483173ca45e1f0176453393b8d0c89d","sha256":"3f6ebbca8aa81729e30b6e3c132df0cb0fec00181e978d398627cca5bd799a1c","sha512":"2d01d1223cc477c5942084ab6c745db87e76922cbf1d0622d81494f197f2db0bc41e8d4a81233d26b268cfb299c1ebd31c84dcfe1e430183f0d1ef323a122ab6","ssdeep":"","tlshash":"32119bdb460ae1030fa1ed4431775a23df6145b7563d0626d7ac4e6825972b2cf89c36","first_seen":"2026-01-06T01:11:55.443861Z","last_seen":"2026-01-06T01:11:55.443861Z","times_seen":1,"resource_available":true,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/slot/prettygaming.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:17.688Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/slot/prettygaming.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 2611004\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"404\"\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Tue, 06 Jan 2026 01:11:17 GMT\r\netag: \"fbf92a20c035c1c8186c8d7ef7c5cc31\"\r\nlast-modified: Sat, 06 Dec 2025 19:54:33 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /ko/404\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::58hh4-1767661877671-a05b02517ca3\r\ncontent-length: 2809\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Bootstrap:4.5.1","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jQuery:1.12.3","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"bxSlider","description":"Add a respsonsive image slider to any website.","website":"https://bxslider.com/","common_platform_enumeration":"","icon":"bxSlider.png","categories":["Photo galleries","JavaScript libraries"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"BootstrapCDN:4.5.1","description":"BootstrapCDN is a powerful and reliable Content Delivery Network (CDN) that delivers static resources, including CSS, JavaScript, and font files, for the widely-used Bootstrap framework. By leveraging multiple server locations worldwide, BootstrapCDN accelerates website loading times, ensuring a smooth and visually appealing user experience. Additionally, it ensures website compatibility with various devices and browsers. The service reduces bandwidth usage and server load, improving web performance for developers and end-users alike.","website":"https://www.bootstrapcdn.com/","common_platform_enumeration":"","icon":"BootstrapCDN.png","categories":["CDN"]},{"name":"Slick","description":"","website":"https://kenwheeler.github.io/slick","common_platform_enumeration":"","icon":"Slick.svg","categories":["JavaScript libraries"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7022,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (6502), with no line terminators","md5":"fbf92a20c035c1c8186c8d7ef7c5cc31","sha1":"09af721ebb817b4ca8e5ce7f0e81f4ca9a85f3d2","sha256":"f1c2096b348eb9294e5f4626ffd5fe2ec621591bb5d1f99c4f2481d23baf40f2","sha512":"440fdc90bbf7e3cd40e5609a0e81b97cf199f1e3ba385ac7b15391f1620e7d69024602a82380d51b4ecac53abcd2ee180917af803ae5cac68dce92f069f6223e","ssdeep":"192:yU+Kqjsm8qbT1V4GzAzdLTFIh+ejWqzIaEqj:yU+KqjsmT1VKV5m+OWSEqj","tlshash":"08e1d833ac17d59711120ce9f273bb1de0c6a219cea9987c7afa55145f91fcf0d0a80a","first_seen":"2026-01-06T01:11:55.431588Z","last_seen":"2026-01-06T01:11:55.431588Z","times_seen":1,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/_next/static/chunks/framework-56bbe3ca90f9e4b0.js?dpl=dpl_7FZ25ufYf6V1AgqCQPKys9tMznqS","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:15.089Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /_next/static/chunks/framework-56bbe3ca90f9e4b0.js?dpl=dpl_7FZ25ufYf6V1AgqCQPKys9tMznqS HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public,max-age=31536000,immutable\r\ncontent-disposition: inline; filename=\"framework-56bbe3ca90f9e4b0.js\"\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Tue, 06 Jan 2026 01:11:15 GMT\r\netag: \"83b28aacbaa17f196b17b94ff3a37ae5\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:15 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /_next/static/chunks/framework-56bbe3ca90f9e4b0.js\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::gwlrq-1767661875069-649526e0bb8d\r\ncontent-length: 58782\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":182720,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"b36ac85e26eed1b240d98556b0f90750","sha1":"68411a04410082e3978b492efe46878466e4802c","sha256":"ead2af20e233e486b8e923244debad090a0fc2eb22967120d3a4d34bbe07ffa9","sha512":"f3a0512df0233da3ad430b23254b794448d1e2732990a8820a53d422a6dc3539b7fe77b8ce70b8d5d39adda48045d807ffb8a4a6b5de0f981c413300550d5726","ssdeep":"1536:06+oWdmwBpecEir4zCslI6yvGwR5q34rO9SBb3Kwt8Qqi45GY4bOiwEFe/oAAzTi:FiecqzCokjMz9SBbpt8wi+7TFA","tlshash":"6b04f9e83955f1526eb312b710af2803737c262b280d4d60a211fd9db5b845eb17bf9e","first_seen":"2026-01-06T01:11:55.444733Z","last_seen":"2026-01-06T01:11:55.444733Z","times_seen":1,"resource_available":true,"data":null}},"time_used":285,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":283,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/slot/cagayan.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:17.675Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/slot/cagayan.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"cagayan.png\"\r\ncontent-type: image/png\r\ndate: Tue, 06 Jan 2026 01:11:17 GMT\r\netag: \"98d4e0d3473fc81bd8cabb93ad8c18a5\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:17 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /img/slot/cagayan.png\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::v7lf8-1767661877661-3ef0446b5329\r\ncontent-length: 58208\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":58208,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 310 x 157, 8-bit/color RGB, non-interlaced","md5":"98d4e0d3473fc81bd8cabb93ad8c18a5","sha1":"3d83bdd8ad4b11e0e6fddc8aa74831b55e58a923","sha256":"f44844937d9cda7649f2f71d438cd490c0966e58869a577fe9333f96efabcf5d","sha512":"e92d921c2f743143f6aa8d3fc1c1592811c01f6958e74d2300eea7f8b913e0796f8f8a3d26b886136bf9e6dfa519a520a865c4e32b626384ec3d4242c364c18e","ssdeep":"1536:PJXCsMmHvHeHn6sUh0Xgrg3W37zQ4RJsSrqlM:P9vMmPUn6ug7pXsSrqlM","tlshash":"2c4302d2fc8837053f88328475f756aaabc7c593f8726d42107ee93314e449a256b27e","first_seen":"2026-01-06T01:11:55.44574Z","last_seen":"2026-01-06T01:11:55.44574Z","times_seen":1,"resource_available":false,"data":null}},"time_used":340,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":338,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/bg/bg.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:16.654Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/bg/bg.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/_next/static/css/d5ce92bbc06185f8.css?dpl=dpl_7FZ25ufYf6V1AgqCQPKys9tMznqS\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"bg.png\"\r\ncontent-type: image/png\r\ndate: Tue, 06 Jan 2026 01:11:17 GMT\r\netag: \"9de16ce66fce00b9717c7290954bab0a\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:17 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /img/bg/bg.png\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::gdv9h-1767661876659-b3853e6dab26\r\ncontent-length: 1438135\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":1438135,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 1400, 8-bit/color RGBA, non-interlaced","md5":"b40672e0484c4237cabbf331cb59c02c","sha1":"b2ee5398f5d463ecaf2e59445d8fe77f7045185f","sha256":"9b31334ffd2bae797f420ba1506716d8cbf1da56d1b6000c5f36b117c9c7c749","sha512":"fed6d2e7f67fd8b5b9feeaaeb7b16fb4efebc2a652b758ffde688847963da6a3506ab72d0ff5b7c2f70d23f82bffd1ca1474b3af22931fc11d7be01635c1c402","ssdeep":"24576:GbfQ7N+UGoibxk/wbLVgK2pJhX0x5rVNp2hm8adgh+:Gi9Gpx6wCK2NI5Ryf1h+","tlshash":"a725330d1294c249d0f86be715678def3d04462e0cdaef3e225b2b486a7f17a1b0d5e9","first_seen":"2026-01-06T01:11:55.447038Z","last_seen":"2026-01-06T01:11:55.447038Z","times_seen":1,"resource_available":false,"data":null}},"time_used":632,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":594,"receive":38,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/api/routes/get-help-list","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:16.846Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"POST /api/routes/get-help-list HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 2\r\nOrigin: https://www.tta2069.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2,"data":"{}"}},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-type: application/json; charset=utf-8\r\ndate: Tue, 06 Jan 2026 01:11:17 GMT\r\netag: \"wkzjoz77n5y\"\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /api/routes/get-help-list\r\nx-vercel-cache: MISS\r\nx-vercel-id: arn1::iad1::jn687-1767661876841-1abfce83ff4f\r\ncontent-length: 34\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":34,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"68c32d1221431d9324822755bc28ed15","sha1":"191d7819842bcf14bb65e3754704ec1a7e1cebd5","sha256":"a04e363ecb9780d2ac0818189703dafb4ba14b3421be75d47e4b4fb6cbc031e8","sha512":"608e68abf719679aec854997121881343f2905a23e47ebeb55cf084840cdb8bcaea327b6e3c32846476b2489288f65446f56b91e303a1f6ead443034e223a6db","ssdeep":"","tlshash":"5b800410d7400c53c54041d0410415414534333100c01400544d74c4401d4155054453","first_seen":"2025-11-10T04:53:39.94548Z","last_seen":"2026-01-06T01:11:55.421241Z","times_seen":2,"resource_available":false,"data":null}},"time_used":346,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":346,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/slot/dreamgaming.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:17.680Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/slot/dreamgaming.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"dreamgaming.png\"\r\ncontent-type: image/png\r\ndate: Tue, 06 Jan 2026 01:11:17 GMT\r\netag: \"c90145ce4ccf229f9fb42791deae19db\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:17 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /img/slot/dreamgaming.png\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::fqql5-1767661877665-ae1408591a80\r\ncontent-length: 61264\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":61264,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 310 x 157, 8-bit/color RGB, non-interlaced","md5":"c90145ce4ccf229f9fb42791deae19db","sha1":"7eeff2407c8bdced624696137f1417f1c7f8df36","sha256":"c4fb314c75746f2fa58d18523235df9dee901b8107c34d68009d42ab46c7360e","sha512":"b67e3372eda817665da0975a91c88e712d1edcee9d612b0d44e091168e3d0ed455f04032b01679383a912c46ce3ff5dc86590e16c5fc9f07d7e8df4bb17bf526","ssdeep":"1536:0jAFMZ25x6ycguIDDg44KwlyCDoAk/UDs:0jA+4P6yjzDGBGL","tlshash":"a453f136db229b080f09e856adf50cc3ec621843bfe8765b689dd78f6597959708083b","first_seen":"2026-01-06T01:11:55.448107Z","last_seen":"2026-01-06T01:11:55.448107Z","times_seen":1,"resource_available":false,"data":null}},"time_used":242,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":241,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"stackpath.bootstrapcdn.com/bootstrap/4.5.1/css/bootstrap.min.css","fqdn":"stackpath.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:15.076Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bootstrapcdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 04:32:06 GMT","end":"Sun, 05 Apr 2026 05:31:55 GMT"},"fingerprint":{"sha1":"E4:3E:65:D3:05:EF:8F:3A:11:69:6A:52:FE:6B:BB:A4:DF:73:4E:E5","sha256":"B9:7B:F7:C7:4B:6E:66:E0:D7:DA:7A:8B:0D:2E:8F:2F:E9:28:B4:AB:91:95:86:14:DF:44:15:CB:39:DC:EA:41"}}},"request":{"raw":"GET /bootstrap/4.5.1/css/bootstrap.min.css HTTP/1.1\r\nHost: stackpath.bootstrapcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 06 Jan 2026 01:11:15 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncf-ray: 9b97571f3dacb518-OSL\r\ncdn-pullzone: 252412\r\ncdn-uid: b1941f61-b576-4f40-80de-5677acb38f74\r\ncdn-requestcountrycode: DE\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31919000\r\ncontent-encoding: br\r\netag: \"879ac612519b46c8e1e9b85fd6422edb\"\r\nlast-modified: Mon, 25 Jan 2021 22:04:10 GMT\r\ncdn-cachedat: 04/03/2025 23:05:18\r\ncdn-proxyver: 1.22\r\ncdn-requestpullcode: 200\r\ncdn-requestpullsuccess: True\r\ncdn-edgestorageid: 722\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\ncdn-requestid: a302d01dcfa40a6e3d0f213281a8eece\r\ncdn-cache: HIT\r\nage: 1027490\r\ncf-cache-status: HIT\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":160334,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65326)","md5":"879ac612519b46c8e1e9b85fd6422edb","sha1":"4a8a00169b1d8f507726b4673fcccfbc2b112ee5","sha256":"5681594a59b24d7b1e81179008d99b5eb4b884105497f71ec59bcf98f5a826c6","sha512":"a227520a55764042677b1a8aca3259b49aaa8561290df6bf3c81050925fc99503d6256abb807f290cb68dae33257cadceddb74d0b89e5b5d28b203b20e1324aa","ssdeep":"1536:qC7CIJ0T2r+ryEIA1pDEBi8yNcuSEcA1/uypq3SYiLENM6HN26b:j7VSGGq3SYiLENM6HN26b","tlshash":"6df353a6f5a0312de4a7c61964d0bafd152f8245d7224bfbf827376487892c70a73e4c","first_seen":"2023-04-17T09:58:40Z","last_seen":"2026-04-19T07:56:09.910329Z","times_seen":112,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":2,"connect":1,"send":0,"wait":11,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/js/slick.js","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:15.087Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /js/slick.js HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 2611001\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"404\"\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Tue, 06 Jan 2026 01:11:15 GMT\r\netag: \"fbf92a20c035c1c8186c8d7ef7c5cc31\"\r\nlast-modified: Sat, 06 Dec 2025 19:54:33 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /ko/404\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::mdcsg-1767661875067-7901d349491c\r\ncontent-length: 2809\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Bootstrap:4.5.1","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Slick","description":"","website":"https://kenwheeler.github.io/slick","common_platform_enumeration":"","icon":"Slick.svg","categories":["JavaScript libraries"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jQuery:1.12.3","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"BootstrapCDN:4.5.1","description":"BootstrapCDN is a powerful and reliable Content Delivery Network (CDN) that delivers static resources, including CSS, JavaScript, and font files, for the widely-used Bootstrap framework. By leveraging multiple server locations worldwide, BootstrapCDN accelerates website loading times, ensuring a smooth and visually appealing user experience. Additionally, it ensures website compatibility with various devices and browsers. The service reduces bandwidth usage and server load, improving web performance for developers and end-users alike.","website":"https://www.bootstrapcdn.com/","common_platform_enumeration":"","icon":"BootstrapCDN.png","categories":["CDN"]},{"name":"bxSlider","description":"Add a respsonsive image slider to any website.","website":"https://bxslider.com/","common_platform_enumeration":"","icon":"bxSlider.png","categories":["Photo galleries","JavaScript libraries"]}],"data":{"size":7022,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (6502), with no line terminators","md5":"fbf92a20c035c1c8186c8d7ef7c5cc31","sha1":"09af721ebb817b4ca8e5ce7f0e81f4ca9a85f3d2","sha256":"f1c2096b348eb9294e5f4626ffd5fe2ec621591bb5d1f99c4f2481d23baf40f2","sha512":"440fdc90bbf7e3cd40e5609a0e81b97cf199f1e3ba385ac7b15391f1620e7d69024602a82380d51b4ecac53abcd2ee180917af803ae5cac68dce92f069f6223e","ssdeep":"192:yU+Kqjsm8qbT1V4GzAzdLTFIh+ejWqzIaEqj:yU+KqjsmT1VKV5m+OWSEqj","tlshash":"08e1d833ac17d59711120ce9f273bb1de0c6a219cea9987c7afa55145f91fcf0d0a80a","first_seen":"2026-01-06T01:11:55.431588Z","last_seen":"2026-01-06T01:11:55.431588Z","times_seen":1,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/_next/static/chunks/pages/_app-682071621d5d4f70.js?dpl=dpl_7FZ25ufYf6V1AgqCQPKys9tMznqS","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:15.091Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /_next/static/chunks/pages/_app-682071621d5d4f70.js?dpl=dpl_7FZ25ufYf6V1AgqCQPKys9tMznqS HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public,max-age=31536000,immutable\r\ncontent-disposition: inline; filename=\"_app-682071621d5d4f70.js\"\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Tue, 06 Jan 2026 01:11:15 GMT\r\netag: \"730f1ba61fca28ab3fc674eead7081ab\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:15 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /_next/static/chunks/pages/_app-682071621d5d4f70.js\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::mdcsg-1767661875072-9c2b3055f03d\r\ncontent-length: 96863\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":300611,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65486), with no line terminators","md5":"11a2c476a1cda3d94b70a4b7b4b49ca4","sha1":"02e7664dda67fdcdfb3fca1f66b867e6e23c445c","sha256":"c3bcb6206e2da8838a0f2627db693ef482de22b7af39b30a9bf99e5775c85b0f","sha512":"83a9384fa12221ee0e8a8d42732e42736642f97cd4b9d41d15e0779e9857ecc9bd21eef21753befaa71dd4370d360558761166c58dbd07b2623636eb5de5224b","ssdeep":"3072:eNRI6Kl73EQbSsBS5nOIQp3nqjKuro671UWvYKBI/I510iFdNG6CLXhhch/pfccu:eRAl73EQrcaiFnCLXhw/mcazl2U","tlshash":"57545ed57281f13653eb80a9807b9009f27d5d19ec0e4864f264e8d12dfac8d62b7fb9","first_seen":"2026-01-06T01:11:55.449956Z","last_seen":"2026-01-06T01:11:55.449956Z","times_seen":1,"resource_available":true,"data":null}},"time_used":228,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":225,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/_next/static/PNYUt7kLcPr96LFV1WZKf/_ssgManifest.js?dpl=dpl_7FZ25ufYf6V1AgqCQPKys9tMznqS","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:15.093Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /_next/static/PNYUt7kLcPr96LFV1WZKf/_ssgManifest.js?dpl=dpl_7FZ25ufYf6V1AgqCQPKys9tMznqS HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public,max-age=31536000,immutable\r\ncontent-disposition: inline; filename=\"_ssgManifest.js\"\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Tue, 06 Jan 2026 01:11:15 GMT\r\netag: \"b6652df95db52feb4daf4eca35380933\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:15 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /_next/static/PNYUt7kLcPr96LFV1WZKf/_ssgManifest.js\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::v7lf8-1767661875073-52a1bfabc6e6\r\ncontent-length: 77\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":77,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"b6652df95db52feb4daf4eca35380933","sha1":"65451d110137761b318c82d9071c042db80c4036","sha256":"6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e","sha512":"3390c5663ef9081885df8cdbc719f6c2f1597a4e25168529598097e9472608a4a62ec7f7e0bc400d22aac81bf6ea926532886e4dc6e4e272d3b588490a090473","ssdeep":"","tlshash":"98a001e0943cdc60aa63dd1c136413128fa05122651d28938afd3044c0301510300d90","first_seen":"2023-03-07T01:03:02Z","last_seen":"2026-04-26T16:09:12.427157Z","times_seen":210563,"resource_available":true,"data":null}},"time_used":215,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":215,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/slot/viacasino.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:17.607Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/slot/viacasino.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T16:08:29.690696Z","times_seen":14235158,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/slot/9dspeed.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:17.609Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/slot/9dspeed.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T16:08:29.690696Z","times_seen":14235158,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/slot/orientalgame.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:17.678Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/slot/orientalgame.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"orientalgame.png\"\r\ncontent-type: image/png\r\ndate: Tue, 06 Jan 2026 01:11:17 GMT\r\netag: \"5101e754dd0c22e21d1711e598ea84e3\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:17 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /img/slot/orientalgame.png\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::vf6v7-1767661877663-5525a75acb71\r\ncontent-length: 64963\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":64963,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 310 x 157, 8-bit/color RGB, non-interlaced","md5":"5101e754dd0c22e21d1711e598ea84e3","sha1":"db37c4f9ae0d938a0323fc5f68cabb4e60fe8e7b","sha256":"6fe01a39de5fcb325fcc50228b92cbcf4df4c5d74f4bd70d5e038368d1e8a352","sha512":"054844b3c327ef61d148624c43ffc8aceedbfb29b9c06d0afa7a4458cda0007d60c98e535530e2edfa0cf4821c1039191ddd18df320c187a9f4d55cedb68075c","ssdeep":"1536:yatKAhsqLDpe0TGPl6LVI28csoBHeSPaLhkIktq:ya8AuWezPVu1o0wkIT","tlshash":"f9530173ec02c7808528724d1763a08b9b578e8e4462dfe776bc0361d9f15f2b68669f","first_seen":"2026-01-06T01:11:55.451992Z","last_seen":"2026-01-06T01:11:55.451992Z","times_seen":1,"resource_available":false,"data":null}},"time_used":221,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":219,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tta2069.com/","fqdn":"tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-06T01:11:14.555Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 307 Temporary Redirect\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-type: text/html\r\ndate: Tue, 06 Jan 2026 01:11:14 GMT\r\nlocation: https://www.tta2069.com/\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-id: arn1::s4b8t-1767661874618-dd63357a6108\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":40670,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T16:08:29.690696Z","times_seen":14235158,"resource_available":true,"data":null}},"time_used":129,"timings":{"blocked":60,"dns":24,"connect":1,"send":0,"wait":10,"receive":0,"ssl":31},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/js/flux.js","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:15.086Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /js/flux.js HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"flux.js\"\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Tue, 06 Jan 2026 01:11:15 GMT\r\netag: \"591fd784f3607410037949ddea10e132\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:15 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /js/flux.js\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::gdv9h-1767661875067-a31c81605eb7\r\ncontent-length: 7135\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":32879,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (8480)","md5":"1789a5c908dee6faf2cd23b990e086eb","sha1":"c746434aa9f4690a8a9e8f0698ac475cd42eccd3","sha256":"c038c247e372e9c36d38f97882851c40315f5e9e9af6f0e8b7ea2962c971cd04","sha512":"4226c28a3f6e3463ec7c54fa4635d531b7c5e0ec6f23deb6e1da77af863491227e210c24af0b0fc5de04133cd63f19d45af648bd56654bc44b4679923133f497","ssdeep":"384:8uswmT+qCSTK2frxMwt6KNdX5X5ABBW4ol2ZkWUuXqPxgYg3un/45S2pKWtyQYrI:sv9iBB5Xq6A6/3uWwsUD69s63rck","tlshash":"f1e2931473a1335881d7629661df5d08d13ad533b902c32cf666e2de88d094eab3bbb6","first_seen":"2025-09-25T21:59:23.187904Z","last_seen":"2026-01-06T01:11:55.453346Z","times_seen":2,"resource_available":true,"data":null}},"time_used":214,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":214,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/_next/static/chunks/main-2bdef149e6c81cee.js?dpl=dpl_7FZ25ufYf6V1AgqCQPKys9tMznqS","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:15.090Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /_next/static/chunks/main-2bdef149e6c81cee.js?dpl=dpl_7FZ25ufYf6V1AgqCQPKys9tMznqS HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public,max-age=31536000,immutable\r\ncontent-disposition: inline; filename=\"main-2bdef149e6c81cee.js\"\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Tue, 06 Jan 2026 01:11:15 GMT\r\netag: \"b3235661652241389ea808076c1cc55c\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:15 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /_next/static/chunks/main-2bdef149e6c81cee.js\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::k2tnk-1767661875069-5636a9a29804\r\ncontent-length: 35356\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":120588,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"b4ee63b86d2b5897e28e26683dba69a8","sha1":"7ce5620b7bf6c20390655abbb23716af3595dc28","sha256":"b5803f3db06c60c4b7b4dc6076d42f1954939f83b1833c4b4a18b7ff1754aac5","sha512":"551ffe190236d65cd6820dafdaee606e115d11915bf421935336b4546b7aa3280f69acf39c591bac7cb1bb70daabb6cb00752e1fa823c1f27b221129ea4fd2d9","ssdeep":"1536:2Jd5bOaUAWeTYtofOM7wL8oM+gerLbKx7ETw4nPRw9PXp7QIJa:29ZrWeTSo17wL8chrLbKx7Bt/O8a","tlshash":"4ac31bb672d1fca203c741d4883b0006f3691dba146f6095b3eadcd6b99499da0f2f79","first_seen":"2026-01-06T01:11:55.455127Z","last_seen":"2026-01-06T01:11:55.455127Z","times_seen":1,"resource_available":true,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/bg/sunflowerspartners.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:15.105Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/bg/sunflowerspartners.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"sunflowerspartners.png\"\r\ncontent-type: image/png\r\ndate: Tue, 06 Jan 2026 01:11:15 GMT\r\netag: \"81460d6abc66b975946ce1d337829b1e\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:15 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /img/bg/sunflowerspartners.png\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::6pblh-1767661875078-f8c7764976cf\r\ncontent-length: 130365\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":130365,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1300 x 197, 8-bit/color RGB, non-interlaced","md5":"81460d6abc66b975946ce1d337829b1e","sha1":"64476abc2ff7438f66a94cf39e64e6603ea51ca5","sha256":"9cc31dd69ee5aa9be0cc87581eb42d3180ba6a7c160644968a7f3576a4bd873e","sha512":"ab2daa01cd13b404224e43f01d4c2f504eb1265b2750999a4dc94fa450bbf8da5fa506e8f0591cc47b8913e41e10c11c45e645dbe0c98c52a493f62ced351aef","ssdeep":"3072:dPmJ0Nvkshdkl2FQAg3/aSELlHglaZk1X5ducsOZ/:dTvksZG3iSEZgik1pFP","tlshash":"f7d302f957b85d8023b39ba3e8865339a1c62993cd0cbb32e5c94c15445b373bde36a4","first_seen":"2026-01-06T01:11:55.456803Z","last_seen":"2026-01-06T01:11:55.456803Z","times_seen":1,"resource_available":false,"data":null}},"time_used":340,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":336,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/_next/image?url=%2Fimages%2Fflag%2Fkorea.webp\u0026w=32\u0026q=75","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:17.313Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /_next/image?url=%2Fimages%2Fflag%2Fkorea.webp\u0026w=32\u0026q=75 HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\nage: 1928646\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: attachment; filename=\"korea.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\ncontent-type: image/webp\r\ndate: Tue, 06 Jan 2026 01:11:17 GMT\r\nlast-modified: Sat, 13 Dec 2025 19:14:36 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nvary: Accept\r\nx-matched-path: /images/flag/korea.webp\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::887v8-1767661877310-d13a9d53686b\r\ncontent-length: 544\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":544,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"f927dbe6792c852daec38f8314c80920","sha1":"b01a3098cf1923df86e754d0f0cd2d9db6952698","sha256":"697ab8b9482137648401b48f07398ef9b31ad6ed8524adbd6e5a1e6748a747d4","sha512":"ecf7c3c90e296fb061d18e997ea08eb5034b4f96531dc478169a1673f23482eddf9107fa9a1501059fcb42c5f45dc9eabead971592dcf8d01941edfb202918e5","ssdeep":"","tlshash":"31f020999231119fec0a73bc195a5a19236982d4b8b1331a204558ce02264a650b4cfa","first_seen":"2026-01-06T01:11:55.458221Z","last_seen":"2026-01-06T01:11:55.458221Z","times_seen":1,"resource_available":false,"data":null}},"time_used":317,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":317,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/slot/dowinn.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:17.670Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/slot/dowinn.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"dowinn.png\"\r\ncontent-type: image/png\r\ndate: Tue, 06 Jan 2026 01:11:17 GMT\r\netag: \"e329bc93c2f64eea6725195092d4b22a\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:17 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /img/slot/dowinn.png\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::kgs9t-1767661877653-89627489ef40\r\ncontent-length: 61760\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":61760,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 310 x 157, 8-bit/color RGB, non-interlaced","md5":"e329bc93c2f64eea6725195092d4b22a","sha1":"7f18cf558459bf5991da1bc5ee284c014ca6f49a","sha256":"0d01e1c0c2d489c54cf00f316698888d335b06959cd71398de19fd21a511c381","sha512":"1cc75a637c0f802daa0c7c2b0a7020c95d91d024a997db08eb2755f64111f816b2b8aa8f9a486d2a0a970dad757b5cf86989618ba183b5711ddf60a81d78d125","ssdeep":"1536:eOvoki1o77Iw07ZcNwb6sm18+OaZpFaLsPvk6NDX1Cz:eOvoyvC7yNwb6fOaBaLk6","tlshash":"75530186d90eb8a96525b6e19c43740e8a5784b03c55fbf0cb39f0f02c7095f6eb58c9","first_seen":"2026-01-06T01:11:55.459838Z","last_seen":"2026-01-06T01:11:55.459838Z","times_seen":1,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/slot/motivation.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:17.676Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/slot/motivation.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"motivation.png\"\r\ncontent-type: image/png\r\ndate: Tue, 06 Jan 2026 01:11:17 GMT\r\netag: \"ecaa8c7876c321522ea4f0b9a848593e\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:17 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /img/slot/motivation.png\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::vlxz6-1767661877661-dfdade55e3cd\r\ncontent-length: 64484\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":64484,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 310 x 157, 8-bit/color RGBA, non-interlaced","md5":"ecaa8c7876c321522ea4f0b9a848593e","sha1":"597d763e023d776a4b44b2eb264bf9c8cd949bb3","sha256":"423e80ce1c70bb2b63f8cdea10f28f11862e9bcee721f50dbb17f03733bcbdc0","sha512":"8f25f5bdfb9b42f148f72abb17dd915e6ec13f13806ac99e7bc37540e11b86b2f9723026ae9c512c15d27c3c2e97b961a6f0f667754c6271f7f596ea41f386e1","ssdeep":"1536:h14bKAgCAjqqB8GT1Osz9ml51ABzuAt2SFl9:h14WTxBMqmtABuSX9","tlshash":"b253028a0ed302eda41c8c3616a0dda29f4617c5136fdb0cd0f494b5e378fa995da82b","first_seen":"2026-01-06T01:11:55.461147Z","last_seen":"2026-01-06T01:11:55.461147Z","times_seen":1,"resource_available":false,"data":null}},"time_used":288,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":287,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"use.fontawesome.com/releases/v5.7.1/css/all.css","fqdn":"use.fontawesome.com","domain":"fontawesome.com","tld":"com"},"ip":{"addr":"172.67.142.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:15.080Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"use.fontawesome.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 03:34:08 GMT","end":"Thu, 26 Mar 2026 04:34:02 GMT"},"fingerprint":{"sha1":"D1:EA:76:08:25:BC:20:E2:FA:54:3D:E3:40:8A:F2:45:22:8B:42:77","sha256":"6E:5C:20:08:E4:D9:B6:48:59:6E:59:61:1B:E8:F2:1C:F5:04:FB:BA:9A:84:E2:B9:93:45:CB:E2:0C:EF:E3:42"}}},"request":{"raw":"GET /releases/v5.7.1/css/all.css HTTP/1.1\r\nHost: use.fontawesome.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 06 Jan 2026 01:11:15 GMT\r\ncontent-type: text/css\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mJHawxfbJOU%2Bf%2BMU72GYlVJDCaKBO5DmdSGZDt208RBSkzs45lXMUGuTLTdb4qg71R6JlbKri8uRP9FIuiE4SKK7T7IYpgo%2BBtnkkdVKtQz6Vqo%3D\"}]}\r\ncf-cache-status: HIT\r\ncache-control: max-age=31556926\r\nage: 2421548\r\nlast-modified: Fri, 22 Sep 2023 01:45:49 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\netag: W/\"7b1d7f457d056ace7b230b587b9f3753\"\r\ncontent-encoding: br\r\ncf-ray: 9b97571f5ab8b1b8-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":54456,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (54456), with no line terminators","md5":"7b1d7f457d056ace7b230b587b9f3753","sha1":"4e0b45eedbe0c405f1faff0d5236a9ee0ff2065b","sha256":"9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf","sha512":"dccd340ffae7f27fb66555c13bd1e26f418a369926f0c49453f7b654db610f2058c4a586f817ed35861cb848d7972ad23badfbb627733015df13bb109b420d52","ssdeep":"768:6V31Uz1RPq4NvvU63HJYkQCZ/WMQyjJKp7CzsGnQzU:6czrC4NnzHSBCkgu7cs1w","tlshash":"e8330bb8e54c41d9a732c04fbf82b2bc61b6f73ce5910d95f00e691c2ad26a811c9f79","first_seen":"2023-04-05T14:01:20Z","last_seen":"2026-04-26T16:04:56.287413Z","times_seen":13004,"resource_available":false,"data":null}},"time_used":54,"timings":{"blocked":13,"dns":20,"connect":1,"send":0,"wait":4,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Noto+Sans+KR:wght@100..900\u0026family=Orelega+One\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:15.305Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"A8:BA:6B:80:7C:EC:B1:6F:C1:C2:03:D7:C9:27:6E:75:DE:4B:AA:47","sha256":"4E:2C:B9:C5:81:56:5E:97:93:07:22:12:66:E2:52:C6:0A:2E:17:72:FF:9B:5F:2A:B9:E1:21:80:05:6D:8B:3D"}}},"request":{"raw":"GET /css2?family=Noto+Sans+KR:wght@100..900\u0026family=Orelega+One\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 06 Jan 2026 01:11:15 GMT\r\ndate: Tue, 06 Jan 2026 01:11:15 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":96396,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1146)","md5":"cddfac6d76b9bc40cfd60d55f7a686cd","sha1":"602559dccac4eab8d3aaae25039888e68f8baeca","sha256":"44cb370220c277fa04a7ee253c9887a649e23a1d43de31c69e3f05df23c0f03c","sha512":"1f2aa37f319cee7e0a7a338dee2baf7784cea55a85d3004345db675e767935227534acdd70965bb9ba8d0c384f758e4190ddae86567a67648efae9a94ee22149","ssdeep":"1536:zVqaMboZW1fAllPo2kZ05LYuXQ9LENf1ciWjKFbyJ:O4kuC2MJ","tlshash":"399341b50617cdeefed74ce662cea5227f6c28757800c5fc66f54886ac1a01ad18af4c","first_seen":"2026-01-06T01:11:55.46317Z","last_seen":"2026-01-06T01:11:55.46317Z","times_seen":1,"resource_available":false,"data":null}},"time_used":249,"timings":{"blocked":105,"dns":1,"connect":20,"send":0,"wait":34,"receive":0,"ssl":86},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/slot/dowinn.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:17.595Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/slot/dowinn.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T16:08:29.690696Z","times_seen":14235158,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/slot/astar.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:17.623Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/slot/astar.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T16:08:29.690696Z","times_seen":14235158,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/icon/icon_menu1.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:15.096Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/icon/icon_menu1.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"icon_menu1.png\"\r\ncontent-type: image/png\r\ndate: Tue, 06 Jan 2026 01:11:15 GMT\r\netag: \"76d1c10fda9187f028e3070b01daa04d\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:15 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /img/icon/icon_menu1.png\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::gwlrq-1767661875076-ed11d7f9dcb1\r\ncontent-length: 1898\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":1898,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced","md5":"76d1c10fda9187f028e3070b01daa04d","sha1":"3b3f54eb59f3563ba60f2af327b8d513863f61a4","sha256":"f83b476a942c4013080456807e100419bf38b830ba4f80292169aa0050c40a90","sha512":"36543415d849a5f4c874f4992978031af616000900c6bafb9d3a73d4e8373e15bd77e959f6faa0fcaf8b3a7b52be807fc42e90cf1d1f93ef4ac10d3e015c9034","ssdeep":"","tlshash":"3441c6c8fa203a51a5aaee0a18fa4406d4b68480d9f1e675fdcd8837adb01b4442f1cb","first_seen":"2026-01-06T01:11:55.464547Z","last_seen":"2026-01-06T01:11:55.464547Z","times_seen":1,"resource_available":false,"data":null}},"time_used":187,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":187,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/_next/static/media/esamanru_Medium.0aa4fd78.ttf","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:16.752Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /_next/static/media/esamanru_Medium.0aa4fd78.ttf HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/_next/static/css/d5ce92bbc06185f8.css?dpl=dpl_7FZ25ufYf6V1AgqCQPKys9tMznqS\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 691620\r\ncache-control: public,max-age=31536000,immutable\r\ncontent-disposition: inline; filename=\"esamanru_Medium.0aa4fd78.ttf\"\r\ncontent-encoding: br\r\ncontent-type: font/ttf\r\ndate: Tue, 06 Jan 2026 01:11:16 GMT\r\netag: \"849263dc94329ca5d6c1aeaba9316581\"\r\nlast-modified: Mon, 29 Dec 2025 01:04:16 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /_next/static/media/esamanru_Medium.0aa4fd78.ttf\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::gwlrq-1767661876756-f2eadc83c909\r\ncontent-length: 581371\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2114512,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, 15 tables, 1st \"GDEF\", name offset 0x2033e4","md5":"96e21271477a45979928724dcef94e59","sha1":"cdb89fb6c87bac0cfa44b5821c8f5b886ee5151b","sha256":"44f398859374d47f1592a249f7b2abc29c2979e9ab9a64cb48787b9a681af532","sha512":"122dd282705e93f136198d41cb592ec8bd74bff8e4b899f32ac36307fa675f5507f28504042aeccf0f7300d4307cd8a4283b820804b36bd968496f18cb75bb0c","ssdeep":"12288:+PXCIexKRa3tqx3yytmeZ7QYFI+qqCVnoB6ONv4zxz9NoEPFoh03A:RPaa30x3yyceR6Otxh03A","tlshash":"0c252a4bdb59fedcd3319a7e9603e40fa59faa39528423534b8d1e660c970db0808db7","first_seen":"2025-11-10T04:53:39.96383Z","last_seen":"2026-01-06T01:11:55.466006Z","times_seen":2,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":17,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/api/routes/get-casino-setting","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:16.836Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"POST /api/routes/get-casino-setting HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 2\r\nOrigin: https://www.tta2069.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2,"data":"{}"}},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-encoding: br\r\ncontent-type: application/json; charset=utf-8\r\ndate: Tue, 06 Jan 2026 01:11:17 GMT\r\netag: W/\"inn7hxkef73vn\"\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /api/routes/get-casino-setting\r\nx-vercel-cache: MISS\r\nx-vercel-id: arn1::iad1::5vspd-1767661876837-6eb18a282109\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5027,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"39b9e9e527f430a755965378b832acd2","sha1":"372b159515399e5a734557257a003419653b2e3e","sha256":"a6b7c25118c7b58e6c3bb917ef45962758a4bf94b423016bef8698f271778746","sha512":"77980641799d5f4aee95b022d1183baece8801b1e797e976e8d1d94e4186a3c9624a449af57dfdc873f169bd2e92956657d3328082dd9ec20c77dc2534b12bcb","ssdeep":"96:GWnz5mEQcOtPAQEVU/5eeu3ftzFjI3Apxym4KWVjLX6KOEVKlleEskWE1PhUto9I:GWz5tOpAZU/0euvtz5IwpH4K6jT6K+lQ","tlshash":"a3a1cd2e540cfd9c7c7b7af90cdf69e9607d1497d7de528e0cdaba2d204a3081a07968","first_seen":"2026-01-06T01:11:55.417705Z","last_seen":"2026-01-06T01:11:55.417705Z","times_seen":1,"resource_available":false,"data":null}},"time_used":742,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":742,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/slot/sexy.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:17.685Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/slot/sexy.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 2611004\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"404\"\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Tue, 06 Jan 2026 01:11:17 GMT\r\netag: \"fbf92a20c035c1c8186c8d7ef7c5cc31\"\r\nlast-modified: Sat, 06 Dec 2025 19:54:33 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /ko/404\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::nm7z5-1767661877669-2cbd9391e68b\r\ncontent-length: 2809\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Bootstrap:4.5.1","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Slick","description":"","website":"https://kenwheeler.github.io/slick","common_platform_enumeration":"","icon":"Slick.svg","categories":["JavaScript libraries"]},{"name":"jQuery:1.12.3","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"BootstrapCDN:4.5.1","description":"BootstrapCDN is a powerful and reliable Content Delivery Network (CDN) that delivers static resources, including CSS, JavaScript, and font files, for the widely-used Bootstrap framework. By leveraging multiple server locations worldwide, BootstrapCDN accelerates website loading times, ensuring a smooth and visually appealing user experience. Additionally, it ensures website compatibility with various devices and browsers. The service reduces bandwidth usage and server load, improving web performance for developers and end-users alike.","website":"https://www.bootstrapcdn.com/","common_platform_enumeration":"","icon":"BootstrapCDN.png","categories":["CDN"]},{"name":"bxSlider","description":"Add a respsonsive image slider to any website.","website":"https://bxslider.com/","common_platform_enumeration":"","icon":"bxSlider.png","categories":["Photo galleries","JavaScript libraries"]}],"data":{"size":7022,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (6502), with no line terminators","md5":"fbf92a20c035c1c8186c8d7ef7c5cc31","sha1":"09af721ebb817b4ca8e5ce7f0e81f4ca9a85f3d2","sha256":"f1c2096b348eb9294e5f4626ffd5fe2ec621591bb5d1f99c4f2481d23baf40f2","sha512":"440fdc90bbf7e3cd40e5609a0e81b97cf199f1e3ba385ac7b15391f1620e7d69024602a82380d51b4ecac53abcd2ee180917af803ae5cac68dce92f069f6223e","ssdeep":"192:yU+Kqjsm8qbT1V4GzAzdLTFIh+ejWqzIaEqj:yU+KqjsmT1VKV5m+OWSEqj","tlshash":"08e1d833ac17d59711120ce9f273bb1de0c6a219cea9987c7afa55145f91fcf0d0a80a","first_seen":"2026-01-06T01:11:55.431588Z","last_seen":"2026-01-06T01:11:55.431588Z","times_seen":1,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/api/routes/get-slot-setting","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:16.839Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"POST /api/routes/get-slot-setting HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 2\r\nOrigin: https://www.tta2069.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2,"data":"{}"}},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-encoding: br\r\ncontent-type: application/json; charset=utf-8\r\ndate: Tue, 06 Jan 2026 01:11:17 GMT\r\netag: W/\"k9wc6ou48r48l\"\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /api/routes/get-slot-setting\r\nx-vercel-cache: MISS\r\nx-vercel-id: arn1::iad1::gwlrq-1767661876838-41f0c71726f4\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":5493,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"d4a5764e3294e6e296447699bd8e7e2f","sha1":"d21e91b7244b9540efc797712a1b0f4494123297","sha256":"e2eadb01bcc51b3908641a33bbd56adefc5fe82349f28ba33d889bea4a7b1b81","sha512":"029c123e52f80900ca832c8e9b0bfeddaa62920fb70c48f63df924512055c77bb5ebca31dba7a4cddddd1fd15ef4ab00b3be2daf1255c9b369a17ba2e0dedf4b","ssdeep":"96:Vb7+6v8ip/V36haWIeWkFwB/E56jjO0dGK1H9QENv2zECqVUGk5fp95uGqEuT9+6:Vb7+yVp/dkLvBgJkK1dvNzCquGkbVMM6","tlshash":"c1b17a3c251cbca8fc6b7af95c6fe88e217e15d7d729422e0985bb6c504935c1e0b4a8","first_seen":"2026-01-06T01:11:55.467642Z","last_seen":"2026-01-06T01:11:55.467642Z","times_seen":1,"resource_available":false,"data":null}},"time_used":538,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":538,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/api/auth/session","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:16.851Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /api/auth/session HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.tta2069.com/\r\nContent-Type: application/json\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-type: application/json; charset=utf-8\r\ndate: Tue, 06 Jan 2026 01:11:17 GMT\r\netag: \"bwc9mymkdm2\"\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /api/auth/[...nextauth]\r\nx-vercel-cache: MISS\r\nx-vercel-id: arn1::iad1::6pblh-1767661876848-529c18254035\r\ncontent-length: 2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"99914b932bd37a50b983c5e7c90ae93b","sha1":"bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f","sha256":"44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a","sha512":"27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd","ssdeep":"","tlshash":"c7100000000000c00000000c00000000000000000c0000000000000000000000000000","first_seen":"2023-03-07T01:15:26Z","last_seen":"2026-04-26T16:07:10.868012Z","times_seen":598758,"resource_available":true,"data":null}},"time_used":367,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":367,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/slot/sagaming.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:17.629Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/slot/sagaming.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T16:08:29.690696Z","times_seen":14235158,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/slot/viacasino.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:17.673Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/slot/viacasino.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"viacasino.png\"\r\ncontent-type: image/png\r\ndate: Tue, 06 Jan 2026 01:11:17 GMT\r\netag: \"84ba8f44e23a0dcf6292d0ab8972cf6f\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:17 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /img/slot/viacasino.png\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::xsns2-1767661877657-573f8c48351b\r\ncontent-length: 68626\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":68626,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 310 x 157, 8-bit/color RGBA, non-interlaced","md5":"84ba8f44e23a0dcf6292d0ab8972cf6f","sha1":"4d95bb8cde0a20d56d405780bfd3660e83bbeaa0","sha256":"aec6aa6e4768eb0f2558ff378419302c7b79ee3ce9c3fe64f76646b452fd6753","sha512":"6ec9957e3d61ec45c020c48be2c4f02640a301f8f8eed69519e075c636631d3d6a3aa49046c6b6657af1dbd4e09f66a0c78a4d55ffc026e2b3527d7e38598804","ssdeep":"1536:4p3pmc1jG/6fcJBT1oFy2Bi7SOIlQTGEm0Lu/9LK+sBgGlF:U3pB1j86EJBTa8LICT+0qdMBgGb","tlshash":"a5630202d5c267b8285fb2635d48de91b89f73f83d5ab69427a0c23e14f3db62d76201","first_seen":"2026-01-06T01:11:55.470051Z","last_seen":"2026-01-06T01:11:55.470051Z","times_seen":1,"resource_available":false,"data":null}},"time_used":214,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":212,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/slot/worldentertainment.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:17.679Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/slot/worldentertainment.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"worldentertainment.png\"\r\ncontent-type: image/png\r\ndate: Tue, 06 Jan 2026 01:11:17 GMT\r\netag: \"14f2531b6dc0a5274913e3f922407191\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:17 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /img/slot/worldentertainment.png\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::twg4z-1767661877664-50f5aaa4e0a0\r\ncontent-length: 59866\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":59866,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 310 x 157, 8-bit/color RGB, non-interlaced","md5":"14f2531b6dc0a5274913e3f922407191","sha1":"b51af0e5d13927e3657e137324af4a9591ce9b1c","sha256":"4ab15d6ed7ed3b681eff40c32bac6397b487d0ae64562ac838b400600bf7ac0b","sha512":"e0c427375d37e2f118daddc17cbd7e54bd68fd102df3668791afd5a33f7a5b532cae94d77f15d888fa600fba1ba774c180593298b552301a022cbb962f36785c","ssdeep":"768:0VfxDxZXnpuHUvR4NucVT1N3gHQ+12qAp86Uylk2fjnEUl3EvduOyWxLXkgHaZ/:sxNZXpueeJVfp+1ypmylFnL38oi0gHq","tlshash":"d243029c7c3056dc13e839716bf03371d23f9011bcbac634479a096ab3d8899da7696b","first_seen":"2026-01-06T01:11:55.472102Z","last_seen":"2026-01-06T01:11:55.472102Z","times_seen":1,"resource_available":false,"data":null}},"time_used":233,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":231,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/slot/wcasino.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:17.681Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/slot/wcasino.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"wcasino.png\"\r\ncontent-type: image/png\r\ndate: Tue, 06 Jan 2026 01:11:17 GMT\r\netag: \"93c5df070dbfb1b1ae17a62e488746f4\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:17 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /img/slot/wcasino.png\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::kgs9t-1767661877666-efd52e3130ba\r\ncontent-length: 84259\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":84259,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 310 x 157, 8-bit/color RGBA, non-interlaced","md5":"93c5df070dbfb1b1ae17a62e488746f4","sha1":"e9710c8452c8f9f87df629e56b95168ab89d1a13","sha256":"2e516fa6c48ed3fbf7dccaf63296b2fc090cc571072e7a5c257060df63b269e9","sha512":"fe10547b93a317eaf38e8b449bdce1e7773c25727d9df07e14ae246bc9b4a2e88718017901834680ccdd9715807a76bf14b5eb2a055c0175cc7bdf9488d6b30a","ssdeep":"1536:yjYn7YgYdme0qklEHovtvv4I9+SD71Wwmb8ZaQ5G/bjRyjo:ykac/lBtH4TSDLi3Ryjo","tlshash":"878312ae1c570a0e1cdc2369bdf9d4118b59eb09986ac43dfa52f6498db3fb39c24305","first_seen":"2026-01-06T01:11:55.474885Z","last_seen":"2026-01-06T01:11:55.474885Z","times_seen":1,"resource_available":false,"data":null}},"time_used":254,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":252,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/_next/static/chunks/pages/index-9d950aad0e4fa9b9.js?dpl=dpl_7FZ25ufYf6V1AgqCQPKys9tMznqS","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:15.092Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /_next/static/chunks/pages/index-9d950aad0e4fa9b9.js?dpl=dpl_7FZ25ufYf6V1AgqCQPKys9tMznqS HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public,max-age=31536000,immutable\r\ncontent-disposition: inline; filename=\"index-9d950aad0e4fa9b9.js\"\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Tue, 06 Jan 2026 01:11:15 GMT\r\netag: \"7ccbaae4c8a3377ac5b0a9ba24b05233\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:15 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /_next/static/chunks/pages/index-9d950aad0e4fa9b9.js\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::qqpfg-1767661875072-7219ae076e86\r\ncontent-length: 349\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":349,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (349), with no line terminators","md5":"7ccbaae4c8a3377ac5b0a9ba24b05233","sha1":"35d732ba01ed7d3f41e3d520ea818c6f0e7e50cc","sha256":"b5f160ea1462d373dbbeba6a10c3e7affa0444018fbc14accf67e58696a0b991","sha512":"30717124490dd0fa2772622b187297dfb8c82140f31afd47566697c3804f158309e5fb1b1b9f2ff0d80cf5f7c8ffbedbfc4ccae62384e9230d7c2c5f542c43b0","ssdeep":"","tlshash":"5be0c0b03053b49cb1ab0848063b15117478151c3c5ee9f4c3d44ce43c609444604d9d","first_seen":"2026-01-06T01:11:55.477438Z","last_seen":"2026-01-06T01:11:55.477438Z","times_seen":1,"resource_available":true,"data":null}},"time_used":187,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":187,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/bg/banner.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:15.097Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/bg/banner.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"banner.png\"\r\ncontent-type: image/png\r\ndate: Tue, 06 Jan 2026 01:11:15 GMT\r\netag: \"be6ea48a57b07fc7a1da684ee5f8565b\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:15 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /img/bg/banner.png\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::qlcg5-1767661875076-ecb7690bd16d\r\ncontent-length: 1293452\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":1293452,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1620 x 530, 8-bit/color RGBA, non-interlaced","md5":"c949fba5399736d2b16f69dd2438ada7","sha1":"d779b65b0ff2c15ffc4e1b7059c53ee9c61be2c8","sha256":"2d347130c8b3842ab29f646efca4ab73fd00b109ffc38954e57d26e9b402d9d3","sha512":"f56aaef4718efe46127d7c5ab1339219f9b81ac628156255973e7342376792e1537704c733c40e0cb3fb11ee7163bfc5ea7b44dbb6643ac0bc5bf79ced55aa59","ssdeep":"24576:xMGsLscb3TegkliUhWy1d88ko/pwG/0wzfyOh8un45w7r:xbQscjagklbhWMko/GIzfY16v","tlshash":"292533b68c14f681fffdcbfc64d236247844b2812aa0d81a1bdd0b619753af29d1d46a","first_seen":"2026-01-06T01:11:55.479611Z","last_seen":"2026-01-06T01:11:55.479611Z","times_seen":1,"resource_available":false,"data":null}},"time_used":670,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":627,"receive":43,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/slot/88.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:17.684Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/slot/88.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"88.png\"\r\ncontent-type: image/png\r\ndate: Tue, 06 Jan 2026 01:11:17 GMT\r\netag: \"45a2f54f64459a2982ab5ffad6d89cc3\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:17 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /img/slot/88.png\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::2xhxr-1767661877669-942350253980\r\ncontent-length: 64535\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":64535,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 310 x 157, 8-bit/color RGB, non-interlaced","md5":"45a2f54f64459a2982ab5ffad6d89cc3","sha1":"251e5c2ff3c1660cbbcf9a6e945e69f06cf03016","sha256":"54e8479d9a048f8783d4ffcd8d127c79fcf0f3e9bc81f788362e22b732b724f7","sha512":"dba25233be1c424d71e89e6aa79871e7ae5bbf342915ce7b2cc3c8bf537b8d51f14f1dc415cb155df607ab8d0a02613551907226747689fa473ff79cb3126e9c","ssdeep":"1536:GYpxpAEzvt23uNtvPSm2Fsz/jl5/ra2gove0gfo6Z0jo3jA:GcAEbNtvGFive0gfo6Z0juA","tlshash":"8453f1b174d326fd173297ea41d2769cd30a6230bec9b73440696b2323171fd20eab96","first_seen":"2026-01-06T01:11:55.481799Z","last_seen":"2026-01-06T01:11:55.481799Z","times_seen":1,"resource_available":false,"data":null}},"time_used":245,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":243,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/slot/xprogaming.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:17.686Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/slot/xprogaming.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 2611004\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"404\"\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Tue, 06 Jan 2026 01:11:17 GMT\r\netag: \"fbf92a20c035c1c8186c8d7ef7c5cc31\"\r\nlast-modified: Sat, 06 Dec 2025 19:54:33 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /ko/404\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::2dxs7-1767661877669-01316390124b\r\ncontent-length: 2809\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"jQuery:1.12.3","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"BootstrapCDN:4.5.1","description":"BootstrapCDN is a powerful and reliable Content Delivery Network (CDN) that delivers static resources, including CSS, JavaScript, and font files, for the widely-used Bootstrap framework. By leveraging multiple server locations worldwide, BootstrapCDN accelerates website loading times, ensuring a smooth and visually appealing user experience. Additionally, it ensures website compatibility with various devices and browsers. The service reduces bandwidth usage and server load, improving web performance for developers and end-users alike.","website":"https://www.bootstrapcdn.com/","common_platform_enumeration":"","icon":"BootstrapCDN.png","categories":["CDN"]},{"name":"bxSlider","description":"Add a respsonsive image slider to any website.","website":"https://bxslider.com/","common_platform_enumeration":"","icon":"bxSlider.png","categories":["Photo galleries","JavaScript libraries"]},{"name":"Slick","description":"","website":"https://kenwheeler.github.io/slick","common_platform_enumeration":"","icon":"Slick.svg","categories":["JavaScript libraries"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Bootstrap:4.5.1","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}],"data":{"size":7022,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (6502), with no line terminators","md5":"fbf92a20c035c1c8186c8d7ef7c5cc31","sha1":"09af721ebb817b4ca8e5ce7f0e81f4ca9a85f3d2","sha256":"f1c2096b348eb9294e5f4626ffd5fe2ec621591bb5d1f99c4f2481d23baf40f2","sha512":"440fdc90bbf7e3cd40e5609a0e81b97cf199f1e3ba385ac7b15391f1620e7d69024602a82380d51b4ecac53abcd2ee180917af803ae5cac68dce92f069f6223e","ssdeep":"192:yU+Kqjsm8qbT1V4GzAzdLTFIh+ejWqzIaEqj:yU+KqjsmT1VKV5m+OWSEqj","tlshash":"08e1d833ac17d59711120ce9f273bb1de0c6a219cea9987c7afa55145f91fcf0d0a80a","first_seen":"2026-01-06T01:11:55.431588Z","last_seen":"2026-01-06T01:11:55.431588Z","times_seen":1,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/favicon.ico","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:18.000Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 859033\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"favicon.ico\"\r\ncontent-encoding: br\r\ncontent-type: image/vnd.microsoft.icon\r\ndate: Tue, 06 Jan 2026 01:11:18 GMT\r\netag: \"c4096ba1626d6e023ee19b91492c5d36\"\r\nlast-modified: Sat, 27 Dec 2025 02:34:04 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /favicon.ico\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::twg4z-1767661878003-60a0bac18262\r\ncontent-length: 4109\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15406,"size_decoded":0,"mime_type":"image/vnd.microsoft.icon","magic":"MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"c4096ba1626d6e023ee19b91492c5d36","sha1":"098df2498f9cc97fa4ee8148324043985bcf0129","sha256":"90c7e8cacfd6261dd912b773479f6bc49d5cd90ed95328bfeca85d1ec47667f2","sha512":"687717d829ba84fb6a7eaf4d667826ab0f681be7b2f2dc7863639741b577d0ae0cd01f77801d413cd57bf446a71ea03cf8c3686a95c82b473fccdaf83ac08920","ssdeep":"96:H5xGROwNX4zKbqg2TCPNwrka5HqY9FJwnJLeORrSaztsCaP3l7GLF6:a1B2ISkaV9JOhRuainPY8","tlshash":"6162f9567309d759ea5226b09007cbca7614b58f87805bc675a9f33c6e2e04b2dcfb2c","first_seen":"2026-01-06T01:11:55.484408Z","last_seen":"2026-01-06T01:11:55.484408Z","times_seen":1,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":15,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/js/jquery.cookie.js","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:15.082Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /js/jquery.cookie.js HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"jquery.cookie.js\"\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Tue, 06 Jan 2026 01:11:15 GMT\r\netag: \"b6f461730caa465faebf70ba29d4a327\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:15 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /js/jquery.cookie.js\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::887v8-1767661875065-7d994887313e\r\ncontent-length: 1441\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3140,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"0f1f6cd6e0036897019b376d38593403","sha1":"498b29de6e170fffc8535183b7d6550490f0a159","sha256":"8c0301b3dba5061632d7321cd8bb7bd527f48288d5cb15ff614ea0c1dcc1ad69","sha512":"453746159a0f43273675676ac96681dc0e20242ab7cd96ba043d05f3ebee3b89a57ae28b4102033113a0467f55825e4ae4bed6c61186be20eb4dc0ee6cc49d8b","ssdeep":"","tlshash":"b5516554b6cc375f07ab22416b6f50aca63cbf72255808dc885965f82c60c37db9bd2a","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-26T16:38:17.53491Z","times_seen":7458,"resource_available":true,"data":null}},"time_used":256,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":256,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"stackpath.bootstrapcdn.com/bootstrap/4.5.1/js/bootstrap.min.js","fqdn":"stackpath.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:15.083Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bootstrapcdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 04:32:06 GMT","end":"Sun, 05 Apr 2026 05:31:55 GMT"},"fingerprint":{"sha1":"E4:3E:65:D3:05:EF:8F:3A:11:69:6A:52:FE:6B:BB:A4:DF:73:4E:E5","sha256":"B9:7B:F7:C7:4B:6E:66:E0:D7:DA:7A:8B:0D:2E:8F:2F:E9:28:B4:AB:91:95:86:14:DF:44:15:CB:39:DC:EA:41"}}},"request":{"raw":"GET /bootstrap/4.5.1/js/bootstrap.min.js HTTP/1.1\r\nHost: stackpath.bootstrapcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 06 Jan 2026 01:11:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncf-ray: 9b97571f4db4b518-OSL\r\ncdn-pullzone: 252412\r\ncdn-uid: b1941f61-b576-4f40-80de-5677acb38f74\r\ncdn-requestcountrycode: DE\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31919000\r\ncontent-encoding: br\r\netag: \"aa073ec0db74966cc0dcf16632b2bd07\"\r\nlast-modified: Mon, 25 Jan 2021 22:04:10 GMT\r\ncdn-cachedat: 08/01/2025 15:46:47\r\ncdn-proxyver: 1.33\r\ncdn-requestpullcode: 200\r\ncdn-requestpullsuccess: True\r\ncdn-edgestorageid: 1078\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\ncdn-requestid: edc02af1ed32bddb4d3c2fe2b6d93d6a\r\ncdn-cache: HIT\r\nage: 1115880\r\ncf-cache-status: HIT\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":60044,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (59765)","md5":"aa073ec0db74966cc0dcf16632b2bd07","sha1":"a52652263d8f72dd9125a982d76f6ce96b454ca2","sha256":"d0889aa19088fbef68000be609be58d2bf775e4ba1bc9a516a564b7df4172e89","sha512":"6b4623c2dbc2b776809c93df7568bbd1ba05937314db560f2e3744b1c391f7b1a7b9636d1e54770a2c44d63a7754bde0e1d1d0e75e9a8f89041065a732310e2f","ssdeep":"768:zfAnnay0Ik8HVheIE8Dg76TXfI4v+KMTK6viTlCDqm4n6xOp6Pxg3atCkaYk2:zfUnQlzHw6xJxgOaYz","tlshash":"6c43a54a7254787206df747a817b060bb3366c99a50a816cb8699ced2f7cd483277f3c","first_seen":"2023-03-07T12:39:55Z","last_seen":"2026-04-25T00:43:35.281739Z","times_seen":104,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":3,"dns":1,"connect":1,"send":0,"wait":9,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ka-f.fontawesome.com/releases/v6.1.1/webfonts/free-fa-solid-900.woff2","fqdn":"ka-f.fontawesome.com","domain":"fontawesome.com","tld":"com"},"ip":{"addr":"104.21.26.223","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:17.280Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ka-f.fontawesome.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 16 Dec 2025 02:24:19 GMT","end":"Mon, 16 Mar 2026 03:24:16 GMT"},"fingerprint":{"sha1":"10:37:4B:A2:03:B2:49:7B:74:EE:F5:0F:E4:6F:20:31:F4:40:E6:40","sha256":"FF:BB:59:CA:F2:7C:B0:C5:C3:4F:A0:3A:15:57:65:B0:B1:D4:85:84:06:A0:CB:80:9C:53:7F:C1:24:0C:17:74"}}},"request":{"raw":"GET /releases/v6.1.1/webfonts/free-fa-solid-900.woff2 HTTP/1.1\r\nHost: ka-f.fontawesome.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.tta2069.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 06 Jan 2026 01:11:17 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 154228\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-max-age: 3000\r\nlast-modified: Tue, 22 Mar 2022 15:28:59 GMT\r\netag: \"eda6bab551c25b803013249f75a56952\"\r\ncache-control: max-age=31556926\r\naccept-ranges: bytes\r\nserver: cloudflare\r\naccess-control-allow-headers: fa-kit-token\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 677df3933c00907ecb7cdafc768e98fc.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: MuPCphsF1v9abGaoyTTrUVZ7u6y_fXMCvdr_NCSUvhHUAXlBrKwpaw==\r\nage: 16419621\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=99GkFDiEfBoAr%2FOd8YMjSS36NT5ittnNL4%2FMA7BXgM5ojUQ%2B3Xib0%2Bu8KiT10n2AjOQ1vVoeffBQddn8PYkhI86SaloCBNgBEWN2y%2FMapD4OgQ%3D%3D\"}]}\r\ncf-ray: 9b97572d4ad156c9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":154228,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 154228, version 769.768","md5":"eda6bab551c25b803013249f75a56952","sha1":"137ee4e8f21a646c509a09508215532ccb8ba12b","sha256":"b8be8fbaff6d829178d12cb3364335db4f7b82e7a40221d56364d08b294b8a0d","sha512":"dbb5bf3470f129e0a02ed64dd5c784ae62f355c7044872bc4e617507dfb8813831f7d6963d203bb2c900ba82160a8366b274a00e112965162a8832ebb66db44c","ssdeep":"3072:rcTalT2HHo/EhbUv6KXEtFERNi/Z/sBhgmAjdiC0rLyKLzPvCB5T9JSgo:rIHocUxUtFEXi/Z/sb9rLLKjTaD","tlshash":"34e323eff419cee621b7262b2ade14c411f11af4bcaab5f7ffc21c57509a09411a0974","first_seen":"2023-05-07T23:49:48Z","last_seen":"2026-04-25T16:56:56.37859Z","times_seen":79,"resource_available":false,"data":null}},"time_used":158,"timings":{"blocked":51,"dns":26,"connect":1,"send":0,"wait":57,"receive":5,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/slot/asiagaming.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:17.589Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/slot/asiagaming.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T16:08:29.690696Z","times_seen":14235158,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/slot/motivation.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:17.618Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/slot/motivation.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T16:08:29.690696Z","times_seen":14235158,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/slot/9dspeed.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:17.674Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/slot/9dspeed.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"9dspeed.png\"\r\ncontent-type: image/png\r\ndate: Tue, 06 Jan 2026 01:11:17 GMT\r\netag: \"be6e5f2da7c5d677ae4b71bf56cd6b0b\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:17 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /img/slot/9dspeed.png\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::s4b8t-1767661877660-4a175f512d83\r\ncontent-length: 68216\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":68216,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 310 x 157, 8-bit/color RGBA, non-interlaced","md5":"be6e5f2da7c5d677ae4b71bf56cd6b0b","sha1":"e6c16e5dcb821528e9f5cd14d0a735a52796fa27","sha256":"a98f883109057075d270c1e89ec786c8be373ec29d7ff584b0df108eee56cee3","sha512":"885d2a25b63d2a089efc19f8b787d60ff3e03164eaae8433b93f46dd4c11e1848456053abba77569b24273540904c0d78dfec9c176fde75fe460bc2fc8fc5e55","ssdeep":"1536:zEnkgA+6Xj/7cKOxvZqW70foIMo6QyFjNQQb0dHL3LP:w76TOWfovX7Nv0dHL3j","tlshash":"006302aae6c52e68eb5cdffe21e67e705268ae02918f28511a745dfc45403093cdf628","first_seen":"2026-01-06T01:11:55.49064Z","last_seen":"2026-01-06T01:11:55.49064Z","times_seen":1,"resource_available":false,"data":null}},"time_used":203,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":201,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/slot/playace.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:17.686Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/slot/playace.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"playace.png\"\r\ncontent-type: image/png\r\ndate: Tue, 06 Jan 2026 01:11:17 GMT\r\netag: \"05dbfbfa2f91d5da28f79666d31ecab3\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:17 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /img/slot/playace.png\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::zvd2t-1767661877670-4cdde94b2603\r\ncontent-length: 60571\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":60571,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 310 x 157, 8-bit/color RGB, non-interlaced","md5":"05dbfbfa2f91d5da28f79666d31ecab3","sha1":"7e6dff140355fb1dfb2aeac6eb1e7004fdaecea9","sha256":"56d7d0927db9a7c1471d644bec3546865298d1c4c028ac84613c1946b337b402","sha512":"a773295e5628406edc7b050a0a07ace7732aaee5612a73f240a579d6cf1d2a433a1f245ea9c732eb75c2bb725b23e303088b12ce181a502de4842b478f0cf8ff","ssdeep":"1536:TDWHi57Bs1sPOlvxn+AaTcqx1R2GN2v7Xq4da316ILQQ7Imz6R:TyHEBssONx+thM7XpdHEQQ7JuR","tlshash":"3343024f9e32f5b2a7f03901728136e38a13c8f4b5f511adfb8410b91a5ad6dd6998c3","first_seen":"2026-01-06T01:11:55.440441Z","last_seen":"2026-01-06T01:11:55.440441Z","times_seen":1,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":245,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/js/odometer.min.js","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:15.084Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /js/odometer.min.js HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 691620\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"odometer.min.js\"\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Tue, 06 Jan 2026 01:11:15 GMT\r\netag: \"aa7b5f64b3eceea916205a40fd4dea95\"\r\nlast-modified: Mon, 29 Dec 2025 01:04:14 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /js/odometer.min.js\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::qqpfg-1767661875066-810e2777e8e1\r\ncontent-length: 3871\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":10264,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (10241)","md5":"137173424eea612b37a46854e4884fc1","sha1":"7e1b08b8104c7a83a1b5a855f1977a6686796609","sha256":"eb94751b98ab535553fa4f0be1ca2a81ddec692bcefd6b9fb289ffc3ebf621dc","sha512":"e755834d5ee1683f4104373c4561f6af94e7b92891c80a849db1b2b8a1d89feaa9602ac2724c457aa96bd48e54a0e50b8a3c8b576be71cef4b4b832b0331f1c1","ssdeep":"192:HABzlvQK8QecCHAOcu2a+OdI5s/GMb8Xuulj:gBhv18QecCxVxz+7dlj","tlshash":"f8228580ba11a725835371e151bf0609b7bb99aea404401df67c9dd9be29c38e12bf74","first_seen":"2023-03-07T01:20:07Z","last_seen":"2026-04-26T16:38:45.371054Z","times_seen":609,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/api/routes/get-in-game-balance","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:16.850Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"POST /api/routes/get-in-game-balance HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 2\r\nOrigin: https://www.tta2069.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2,"data":"{}"}},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-type: application/json; charset=utf-8\r\ndate: Tue, 06 Jan 2026 01:11:17 GMT\r\netag: \"wkzjoz77n5y\"\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /api/routes/get-in-game-balance\r\nx-vercel-cache: MISS\r\nx-vercel-id: arn1::iad1::lnqcl-1767661876845-bd5787918c0d\r\ncontent-length: 34\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":34,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"68c32d1221431d9324822755bc28ed15","sha1":"191d7819842bcf14bb65e3754704ec1a7e1cebd5","sha256":"a04e363ecb9780d2ac0818189703dafb4ba14b3421be75d47e4b4fb6cbc031e8","sha512":"608e68abf719679aec854997121881343f2905a23e47ebeb55cf084840cdb8bcaea327b6e3c32846476b2489288f65446f56b91e303a1f6ead443034e223a6db","ssdeep":"","tlshash":"5b800410d7400c53c54041d0410415414534333100c01400544d74c4401d4155054453","first_seen":"2025-11-10T04:53:39.94548Z","last_seen":"2026-01-06T01:11:55.421241Z","times_seen":2,"resource_available":false,"data":null}},"time_used":397,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":397,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/slot/evolution.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:17.585Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/slot/evolution.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T16:08:29.690696Z","times_seen":14235158,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/slot/pragmaticplay.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:17.606Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/slot/pragmaticplay.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T16:08:29.690696Z","times_seen":14235158,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/_next/static/chunks/webpack-c8d42f0b9de18bc9.js?dpl=dpl_7FZ25ufYf6V1AgqCQPKys9tMznqS","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:15.088Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /_next/static/chunks/webpack-c8d42f0b9de18bc9.js?dpl=dpl_7FZ25ufYf6V1AgqCQPKys9tMznqS HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 973773\r\ncache-control: public,max-age=31536000,immutable\r\ncontent-disposition: inline; filename=\"webpack-c8d42f0b9de18bc9.js\"\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Tue, 06 Jan 2026 01:11:15 GMT\r\netag: \"b7101ef9c13dfd87ca43d600041affba\"\r\nlast-modified: Thu, 25 Dec 2025 18:41:41 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /_next/static/chunks/webpack-c8d42f0b9de18bc9.js\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::xwfl4-1767661875068-9d96219dc3be\r\ncontent-length: 2147\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4029,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (3590)","md5":"c47217d3000e2edc5f88b19f3ac964a4","sha1":"f048c133493ab318244edf434a91e80239f22c5f","sha256":"48cefb7d3e20c09de8c018aa8508b86ca6e23f692d5f6b7a140a0d5710b816a0","sha512":"4156e5ffdc2ef55b8880fbf9245323c36c678932c1be1b78d87df9dd4da5f190cdd2a5320b2afc02f57ed90df1f056f110f54237670a205f617c290abe16f643","ssdeep":"","tlshash":"3381d6ba3614fab11af104c4983fd141f6197137051af8a0e71bdcb96428ee14561ff3","first_seen":"2026-01-06T01:11:55.493625Z","last_seen":"2026-01-06T01:11:55.493625Z","times_seen":1,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/bg/headerbg.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:17.278Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/bg/headerbg.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"headerbg.png\"\r\ncontent-type: image/png\r\ndate: Tue, 06 Jan 2026 01:11:17 GMT\r\netag: \"ef12cf8200e8fb5fddb43d98408966fa\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:17 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /img/bg/headerbg.png\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::lnqcl-1767661877290-ac9b99513d16\r\ncontent-length: 5521\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":5521,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1374 x 56, 8-bit/color RGBA, non-interlaced","md5":"ef12cf8200e8fb5fddb43d98408966fa","sha1":"a8c41e9af3c75e7c06577122bd697797232d2c44","sha256":"96d264ac6629a8c31afa354ad1e9a7b4998af8b1cfe0843f865cf355ea0555ea","sha512":"8882de2cd4783e7582cae40e6f48e41317e80f2d1ff5135b22f6315b23d9b0fa2cb712680512522f6916ca146c52481fdba932fd43c44ca74aaf4617f0748098","ssdeep":"96:b0NwMXYQdbpLmN4hsEBpTTWCjDetYGcDbtdJqgOYc:b4sQz6asE7TSeetYRnOR","tlshash":"b3b17e4c69265903e06ab83150b81f1ffa79044f56c4bbc5b1cad8b9dcb31ea107e1c6","first_seen":"2026-01-06T01:11:55.495291Z","last_seen":"2026-01-06T01:11:55.495291Z","times_seen":1,"resource_available":false,"data":null}},"time_used":190,"timings":{"blocked":8,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/slot/worldentertainment.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:17.633Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/slot/worldentertainment.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T16:08:29.690696Z","times_seen":14235158,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/slot/pragmaticplay.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:17.672Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/slot/pragmaticplay.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"pragmaticplay.png\"\r\ncontent-type: image/png\r\ndate: Tue, 06 Jan 2026 01:11:17 GMT\r\netag: \"8f23498b130ffb52d92d4218f55e318e\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:17 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /img/slot/pragmaticplay.png\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::54bqq-1767661877655-1205eb37af48\r\ncontent-length: 60452\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":60452,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 310 x 157, 8-bit/color RGB, non-interlaced","md5":"8f23498b130ffb52d92d4218f55e318e","sha1":"b101de857ab852bd7ab5a6a40f5a6183a34aa8bb","sha256":"598a99a74f0be21b3387c099cfeb7717b26eee0182e7c9bbbb3a98d9d0c9d6c7","sha512":"2002af5f193d6c8ea187b8cebf0ca20c8a558f1a70f867db734b194e9c31bf37534e26121e247263e722d19a16a888ea2d4d9b1c6108f0264039bc8c9819599f","ssdeep":"1536:LcG2mLatr6hXwXfOBaCmccW+EB62NjZr4z35X1niTVRFGu:CEAmBaCmfbr2Nju35lnu7FGu","tlshash":"c7430225dd02efa51e2b8bf73a5f03f3598425ac667b864eb3c6cbbd2044a1c97d0106","first_seen":"2026-01-06T01:11:55.497233Z","last_seen":"2026-01-06T01:11:55.497233Z","times_seen":1,"resource_available":false,"data":null}},"time_used":193,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":192,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/slot/astar.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:17.677Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/slot/astar.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"astar.png\"\r\ncontent-type: image/png\r\ndate: Tue, 06 Jan 2026 01:11:17 GMT\r\netag: \"0c5472cd10448ce85cefe23dbb173e52\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:17 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /img/slot/astar.png\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::twg4z-1767661877662-666ab55c26b2\r\ncontent-length: 77870\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":77870,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 310 x 157, 8-bit/color RGBA, non-interlaced","md5":"0c5472cd10448ce85cefe23dbb173e52","sha1":"ebe2eadb0c7591bb12955a356aa01645b7393af1","sha256":"fc0e943e764240baa9bd203252b6d1c0e523f05a87ac2cfae981035d1620b5cb","sha512":"955cb3e1e15ac01b12443c3ce8784eafc0664f7231c35469a6927dc8c28e63ab262b4babc8350a334212239b910973794e88540d7d466d0e2ef493a52c8a6df1","ssdeep":"1536:wEihndrbV+1Sn9RZdvAMyPkwL2o6MwQ6UhHpCKh67vGYbY9x7g8TQR9J4e5:wVnp5vn9RZVyPh28wQhNpCm6m9lg8TQf","tlshash":"9e7312497d4e16426e45810b2f714630cd7ad02eb4a2e317f8ebead6ebf165060efc19","first_seen":"2026-01-06T01:11:55.49905Z","last_seen":"2026-01-06T01:11:55.49905Z","times_seen":1,"resource_available":false,"data":null}},"time_used":191,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":189,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/bg/logo.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:15.094Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/bg/logo.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"logo.png\"\r\ncontent-type: image/png\r\ndate: Tue, 06 Jan 2026 01:11:15 GMT\r\netag: \"c55f8831d99c774c6e2402bec04e91cc\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:15 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /img/bg/logo.png\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::z78j5-1767661875076-1e9d2d003bca\r\ncontent-length: 27541\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":27541,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 162 x 121, 8-bit/color RGBA, non-interlaced","md5":"c55f8831d99c774c6e2402bec04e91cc","sha1":"af962d13ccbe3eede98b62588520fd533fa10877","sha256":"54e6bdc221c902524e269748f158b24d1a15d27ed249f223187644f8d77b21eb","sha512":"4323615d6dbed6d12de512b34d6c8204751669be257163153ad0ca3d71c8a4d5e2390433a60ae6454144a977a046a415d7efb75e9117e5ef9e37479193de4f01","ssdeep":"384:77njSSKJHpDC4IcF+hmvrSs/wgkhXNyRmIb8/14BxGewkr5JVwWiNw95TicpDYzg:HEDC+omjdYZdyRmIb+wxXeWD7e2kzXw","tlshash":"9fc2e08aab934524571c7e8816e4c313e7330d849bc3a447d8d62cfb249dd1d893abc7","first_seen":"2026-01-06T01:11:55.500755Z","last_seen":"2026-01-06T01:11:55.500755Z","times_seen":1,"resource_available":false,"data":null}},"time_used":200,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":199,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/icon/casino-icon.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:15.099Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/icon/casino-icon.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"casino-icon.png\"\r\ncontent-type: image/png\r\ndate: Tue, 06 Jan 2026 01:11:15 GMT\r\netag: \"1e2ebd68f163f65a413668fb523c3fcb\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:15 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /img/icon/casino-icon.png\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::vnh4j-1767661875080-35dfb3397c1b\r\ncontent-length: 1619\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1619,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 40, 8-bit/color RGBA, non-interlaced","md5":"1e2ebd68f163f65a413668fb523c3fcb","sha1":"ed9b45ce35d955c28a816b72e9671fb51ae094fd","sha256":"44e6ae0991c69556c04d9fe166986d466a262a163c6f0ea0627f7c3e4651e91d","sha512":"f4abd94be5343f819698a033e451ac954516ba0083bb1abc8479f23e1d0f202b2e0ab4c615e55f74a924542e035522fd6e45f328f08a1a26d1b5e21b1c10f9f5","ssdeep":"","tlshash":"0531c8cdf49468427599fa8131f22153c4278550fdd0e08a79ce88a7b9b40f794be9cb","first_seen":"2026-01-06T01:11:55.502442Z","last_seen":"2026-01-06T01:11:55.502442Z","times_seen":1,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/slot/sagaming.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:17.679Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/slot/sagaming.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"sagaming.png\"\r\ncontent-type: image/png\r\ndate: Tue, 06 Jan 2026 01:11:17 GMT\r\netag: \"0dd99d0d7582f1e1337dfd73a3199757\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:17 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /img/slot/sagaming.png\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::tjjlg-1767661877664-0beed957af8c\r\ncontent-length: 70867\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":70867,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 310 x 157, 8-bit/color RGBA, non-interlaced","md5":"0dd99d0d7582f1e1337dfd73a3199757","sha1":"8a6354ede0fc3c1fede22a4b91f8cdd7c2688140","sha256":"56b4388eec768b5539babe6de9aeaa216cb22bab5da9c977e6258a126b11eb9f","sha512":"8a9df875818cdd5100a551442b9d8266fa8c73af3b0399a1d810d2c4817f3e57662fc11880d38a5283e715a38867089fa69a271b146a2241d40242d5daaa48a0","ssdeep":"1536:AVyl9Dd1QMRmKBKOArs7qpL6vtQg6b0Q9eEueiLHT+VtfwAa36W3VKF:59x1QOmKBK/0qpL689AEueiTT+VtfwAp","tlshash":"126312c558c3a3d7a75674b37c9bfafc7aaee006571537706cba83220c89086810bd5a","first_seen":"2026-01-06T01:11:55.503983Z","last_seen":"2026-01-06T01:11:55.503983Z","times_seen":1,"resource_available":false,"data":null}},"time_used":264,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":262,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/slot/bbin.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:17.683Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/slot/bbin.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"bbin.png\"\r\ncontent-type: image/png\r\ndate: Tue, 06 Jan 2026 01:11:17 GMT\r\netag: \"06e34166491f2f20a3bc3a0aef888aad\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:17 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /img/slot/bbin.png\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::lnqcl-1767661877669-30a758917230\r\ncontent-length: 67175\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":67175,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 310 x 157, 8-bit/color RGBA, non-interlaced","md5":"06e34166491f2f20a3bc3a0aef888aad","sha1":"2e9cedb884ee9efc03d2bc6022e47d8e56ebc18e","sha256":"66138777fb7bd35ab2db3af5f5ec60f8b2870b76b19703d96346455c3a2a842e","sha512":"eea5bb590ee9756e97ff5ac8af1494df4cf5a1ba87aa1100d1c8ce806e86c31a6ee904afe75e440286d1ff9003fb97c039daf0ac1bbf07e73b22d2a29479541c","ssdeep":"1536:NsWYCb6S5Arn6YsqFE0iY2IEoLfNsJ7+KLwnE8vNQ/L2c4CQkWq:7X6NnC0iY2IfLfNsJKgwntQ/h4hkWq","tlshash":"0b63125f78f24a34fa9e0b877ee07c57ec94c139824e8e56758958284e312f4e19360f","first_seen":"2026-01-06T01:11:55.505672Z","last_seen":"2026-01-06T01:11:55.505672Z","times_seen":1,"resource_available":false,"data":null}},"time_used":270,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":268,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/slot/bota.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:17.682Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/slot/bota.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"bota.png\"\r\ncontent-type: image/png\r\ndate: Tue, 06 Jan 2026 01:11:17 GMT\r\netag: \"698318ebf4c002a7a209ef00c5462a44\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:17 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /img/slot/bota.png\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::8bq2w-1767661877666-4eb16161c023\r\ncontent-length: 57323\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":57323,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 310 x 157, 8-bit/color RGB, non-interlaced","md5":"698318ebf4c002a7a209ef00c5462a44","sha1":"a95496a6c743ac45458314894c61ded23ec27047","sha256":"ab69d0a75b7d46fa228a747c3e57acf2ba57a33178bcea6d8af715dbd5241b79","sha512":"5a0bd36952d824b7dff331f5cc039a7702f9ca8513989fe6106a10e57fb8d4e685e955a7d803c73bc5081dded461a627c1683d6dae0ba5724c1e6d3906aee5a1","ssdeep":"768:0HcuxiYHlPBnhVAZpPPt5ctn8x1AMj353/9Xs0VFoj9DlO/xAWkEFy9tPggZyCFc:ivlmjzDxL590RDIKW7Ffgki1cGXW","tlshash":"ac4302b491d34ec386dd83a6454d5b819a75d8913acca8aec4812cd78b7e07fd01a2ae","first_seen":"2026-01-06T01:11:55.507196Z","last_seen":"2026-01-06T01:11:55.507196Z","times_seen":1,"resource_available":false,"data":null}},"time_used":271,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":270,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/slot/microgaming.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:17.601Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/slot/microgaming.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T16:08:29.690696Z","times_seen":14235158,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/slot/cagayan.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:17.613Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/slot/cagayan.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T16:08:29.690696Z","times_seen":14235158,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/_next/static/css/d5ce92bbc06185f8.css?dpl=dpl_7FZ25ufYf6V1AgqCQPKys9tMznqS","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:15.074Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /_next/static/css/d5ce92bbc06185f8.css?dpl=dpl_7FZ25ufYf6V1AgqCQPKys9tMznqS HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public,max-age=31536000,immutable\r\ncontent-disposition: inline; filename=\"d5ce92bbc06185f8.css\"\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=utf-8\r\ndate: Tue, 06 Jan 2026 01:11:15 GMT\r\netag: \"e5206f3c74e0eba23a846a25ad6e62a1\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:15 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /_next/static/css/d5ce92bbc06185f8.css\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::54bqq-1767661875052-3de8f829390d\r\ncontent-length: 32733\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":149884,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (25841)","md5":"1c80193d15a2447e66dfa79d3f509bd9","sha1":"0cfbecced74795acd4b5d9039c3d6923165cef0e","sha256":"9096d7bef73a296c11af25fcc0f2ddf772d51f310e1d235a7b51cd0712e3e361","sha512":"c263d62294b1e854ae205a32b20008080bd5f963fde785a1b698c1b9b85161623b2be41239a13b525693fb83dbc2c7ea3f01ca61e00bbd054a8cace56087c58d","ssdeep":"1536:WUeA02uxKGNFM2MyMNMuM0QoudL+P8Wcn0Fwib3eP0UHsE+HVy96:W1xyudL25cn0FfeP0UME+L","tlshash":"f3e33ef8e24c10da7336c54bab81b36c65baf739d5820d65f02f6c0c5dc266922c6f69","first_seen":"2026-01-06T01:11:55.508775Z","last_seen":"2026-01-06T01:11:55.508775Z","times_seen":1,"resource_available":false,"data":null}},"time_used":192,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":191,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/logo.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:15.098Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/logo.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"logo.png\"\r\ncontent-type: image/png\r\ndate: Tue, 06 Jan 2026 01:11:15 GMT\r\netag: \"06b93fcdb0ce2d5fc04e63f3de164bd1\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:15 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /img/logo.png\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::gjmdn-1767661875080-fd83b1e6ee73\r\ncontent-length: 246294\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":246294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 543 x 468, 8-bit/color RGBA, non-interlaced","md5":"06b93fcdb0ce2d5fc04e63f3de164bd1","sha1":"d2ee880cd2a24529d433c2b57aa9f09ee1bd9875","sha256":"325947e74e4a0eb34a1da85b53a7f77b216a4e7398ed3840200697a925b6a9a8","sha512":"716eeebf877650758a8e1bd9d94cecaa331c303d70bc302d0942184b06640cf46e955aaf1b4abdd1f1d437313549afa0f714243c0a75e47e0377b4ced7205c97","ssdeep":"6144:lNvSqmndhHsFk2u/ri1u7Re6RSut3d17Sg9Sz:lNKXddsubr8u7ReITt17Sg9A","tlshash":"1f342227f305f709aa508705e7d9202ff624be9f5286049e3ecd47e6b35134c9aca786","first_seen":"2026-01-06T01:11:55.510337Z","last_seen":"2026-01-06T01:11:55.510337Z","times_seen":1,"resource_available":false,"data":null}},"time_used":360,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":353,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tta2069.com/img/icon/slot-icon.png","fqdn":"www.tta2069.com","domain":"tta2069.com","tld":"com"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.tta2069.com/","date":"2026-01-06T01:11:15.103Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tta2069.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 03:56:01 GMT","end":"Thu, 05 Feb 2026 03:56:00 GMT"},"fingerprint":{"sha1":"40:1D:7A:AC:85:22:C8:11:DF:AD:08:D2:EF:51:5E:F3:13:C1:66:0C","sha256":"D4:6A:06:D3:EE:D5:E6:22:B4:EE:56:C5:21:8A:18:7C:21:88:F6:58:F4:DF:3F:A3:0C:4F:D8:A4:EC:45:33:74"}}},"request":{"raw":"GET /img/icon/slot-icon.png HTTP/1.1\r\nHost: www.tta2069.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.tta2069.com/\r\nCookie: __Host-next-auth.csrf-token=9daed883a307402a7659a08eab9a17ad15a0ed084230bab7895149cee0b640d2%7C742c0afc3b6b3295ff933a4e398ab9df6ce9a00836d0d9230bc70c11529f3f3c; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.tta2069.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"slot-icon.png\"\r\ncontent-type: image/png\r\ndate: Tue, 06 Jan 2026 01:11:15 GMT\r\netag: \"bf9bf0ddf066ebc5d0e2745e9ffc7466\"\r\nlast-modified: Tue, 06 Jan 2026 01:11:15 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /img/icon/slot-icon.png\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::gv657-1767661875078-d0ac82a1b93e\r\ncontent-length: 1587\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":1587,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 40, 8-bit/color RGBA, non-interlaced","md5":"bf9bf0ddf066ebc5d0e2745e9ffc7466","sha1":"074083077492ecee6b2175858a67ccd194ac396c","sha256":"ff1c4b98ed8c772ce8f9746fe96e5bec4ad5c5746fcbde644547e64cbccdd189","sha512":"e2b1d72270df7acb803496b67f17f9fc06e4c78409dbf215bbec0152fe425352f57fe98381524549149dbf998bd5ae38648577877d75bfda7697d727472c2949","ssdeep":"","tlshash":"cf31ea8df406284135a4a54234f73103c4224840d5d0e09fb4ded87faef0275957dac7","first_seen":"2026-01-06T01:11:55.511978Z","last_seen":"2026-01-06T01:11:55.511978Z","times_seen":1,"resource_available":false,"data":null}},"time_used":194,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":194,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"www.tta2069.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}