{"report_id":"9ec7259d-f040-4869-a918-d4452315e61f","version":6,"status":"done","tags":[],"date":"2025-10-19T22:15:22Z","url":{"schema":"http","addr":"lucebella.com.tw/lucebella/4c0845/2025-Ultamate/c14731?srsltid=AfmBOopyVcSYbbFhigJ6HlChlnIqDEIfAfDjUif3GOC6TF62AFXNcmSQ","fqdn":"lucebella.com.tw","domain":"lucebella.com.tw","tld":"com.tw"},"ip":{"addr":"104.21.73.133","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"aniplaytree.com/land0077?cli=d3qm5p4ufias73855cn0\u0026sub1=39","fqdn":"aniplaytree.com","domain":"aniplaytree.com","tld":"com"},"title":"Everlusting life"},"submit":{"url":{"schema":"http","addr":"lucebella.com.tw/lucebella/4c0845/2025-Ultamate/c14731?srsltid=AfmBOopyVcSYbbFhigJ6HlChlnIqDEIfAfDjUif3GOC6TF62AFXNcmSQ","fqdn":"lucebella.com.tw","domain":"lucebella.com.tw","tld":"com.tw"},"ip":{"addr":"104.21.73.133","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-23T22:15:22Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"concludedgrowlabdicate.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"concludedgrowlabdicate.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"www.adx29.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"aniplaytree.com","ip":{"addr":"172.67.145.51","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-09-03","domain_rank":0,"first_seen":"2025-10-08T11:12:25.536757Z","last_seen":"2025-10-15T11:13:04.948267Z","alert_count":0,"request_count":9,"received_data":2119908,"sent_data":4598,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.178.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2025-10-19T22:12:19.186805Z","alert_count":0,"request_count":1,"received_data":426828,"sent_data":437,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"concludedgrowlabdicate.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":6,"request_count":3,"received_data":27414,"sent_data":3973,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}]},{"fqdn":"lust-games.com","ip":{"addr":"104.21.40.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-09-17","domain_rank":0,"first_seen":"2025-09-22T17:46:43.230543Z","last_seen":"2025-10-15T11:13:05.183281Z","alert_count":0,"request_count":1,"received_data":1858,"sent_data":465,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"lucebella.com.tw","ip":{"addr":"104.21.73.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-10-19T22:15:22.79665Z","last_seen":"2025-10-19T22:15:22.79665Z","alert_count":0,"request_count":2,"received_data":1266,"sent_data":1128,"comment":"","tags":null,"fingerprints":[{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"professionaltrafficmonitor.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2025-01-23","domain_rank":16376,"first_seen":"2025-01-25T08:56:07.448138Z","last_seen":"2025-10-12T22:34:05.876953Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":475,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.adx29.com","ip":{"addr":"139.59.77.48","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"India","country_code":"IN"},"domain_registered":"2025-10-04","domain_rank":0,"first_seen":"2025-10-08T11:12:25.553936Z","last_seen":"2025-10-15T11:13:05.008821Z","alert_count":1,"request_count":1,"received_data":19593,"sent_data":912,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"aniplaytree.com/land0077?cli=d3qm5p4ufias73855cn0\u0026sub1=39","fqdn":"aniplaytree.com","domain":"aniplaytree.com","tld":"com"},"ip":{"addr":"172.67.145.51","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"75e2c5803acf97eee11be5def313c29c","sha1":"d72d520c8c191b075f64fa17d9123b2f7b7ce64c","sha256":"6b4c184620530b0cffa97e2ad2a91ffdd17e3b1b0e174f98765ec036a12dec80","sha512":"959541e24649d8f9be732d4f1c48f5ad987f893e5fb928b059847b9f70a2a1b057160115e7b95a15f68abb1be7ed902518d846672008b0df99f64ffd78a039c0","ssdeep":"","tlshash":"aa116629b0b2a25134fb568c074b255c70be4243301ce8adf44cc3a58f2fd0b48959c9","size":904,"data":"","first_seen":"2025-10-08T11:12:32.705233Z","last_seen":"2025-10-31T12:16:08.551614Z","times_seen":275,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lust-games.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"lust-games.com","domain":"lust-games.com","tld":"com"},"ip":{"addr":"104.21.40.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","size":1239,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-05-14T14:59:09.927837Z","times_seen":337947,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lucebella.com.tw/lucebella/4c0845/2025-Ultamate/c14731?srsltid=AfmBOopyVcSYbbFhigJ6HlChlnIqDEIfAfDjUif3GOC6TF62AFXNcmSQ","fqdn":"lucebella.com.tw","domain":"lucebella.com.tw","tld":"com.tw"},"ip":{"addr":"104.21.73.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"0d291e6a372166ad8d60c83cab7a6412","sha1":"59b0239a3e96e33b1cf41e2d9d05d421f9f008e4","sha256":"1c809cfc554c9dadc204090cd6a072bae625448c0baabafeed5fb27ea3443ecc","sha512":"ff0070f0dc35bb97ac88c0371967878f9585ab3f54a7d66f9067b674be51ce36f937ad7078742ae4838b4531b0605f28016a52eaef698cb165cb672c430e20fc","ssdeep":"","tlshash":"e8e0cd9d2017187017ef59724bbfa5046157312b54d589203f0591445f3056be26abec","size":316,"data":"","first_seen":"2025-10-19T22:15:29.693948Z","last_seen":"2025-10-19T22:15:29.693948Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-5B16ESZ7C2","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8945d236c872594442053d941596bf7f","sha1":"d7d1e3181b68bd0952ed4c55aee27f3cab19dd75","sha256":"e602871475cd00b46494945e4b22bf76a4bae683dfbd9b3fa1eceb9d149f9dd6","sha512":"95ee66ae199a5c8ebd3b1b36f94ce273bdc85dc0b1edfb70b7e265a1253da4f4507f3f745cfc1595d391c529966e542e31a8538baff7fcf27f22ddf866549179","ssdeep":"6144:nBYc6tQSyOe+hy4nkEt7F8KWjxSqpRjeWvkAX6HJLGy1tyyluxwuuSyv:Bh6rRRhy4nkEt7F0EqPeKRy1bv","tlshash":"a0940a8e73c674269396f078503f018ba57b29a2f45cc896f189cce42d74a9a4277f7c","size":426224,"data":"","first_seen":"2025-10-19T22:15:29.656094Z","last_seen":"2025-10-19T22:15:29.656094Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"concludedgrowlabdicate.com/cyvsqtj6?key=ed0677b1b30a855d6b19efb76ccebce8","fqdn":"concludedgrowlabdicate.com","domain":"concludedgrowlabdicate.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d4fe30922efa2b839289eed4d4327e25","sha1":"79230cf7d5d173404a282037f8f3fae849688c84","sha256":"552a829ed502fab91513603c128ec2ca36a6cc3b43ac58787622babd0af55362","sha512":"a6f8688e976eaf36e3d710be69165d1bd4b083f69590b9845526923b2853c0acf0f4ed25f6671a547bcf6bd8e85eefea97e02fe4b9af76b20c2adff2d21135d5","ssdeep":"96:b2YfIuzVcmCmPIHIboIgpwaTv38MnVeSa+AdKshnZPAP4d:b2YfTzSjkc6ozwa7tn3a3dDWP4d","tlshash":"539173912430b878447a1517d1afb31536324e17b6027160a16c6ab83d39ecbb726fef","size":4536,"data":"","first_seen":"2025-10-19T22:15:29.704572Z","last_seen":"2025-10-19T22:15:29.704572Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aniplaytree.com/land0077?cli=d3qm5p4ufias73855cn0\u0026sub1=39","fqdn":"aniplaytree.com","domain":"aniplaytree.com","tld":"com"},"ip":{"addr":"172.67.145.51","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ce658297ef6e5209e3c0f843bf37635d","sha1":"99eb0010ec073ad114e7501ccddb8594352a7ef1","sha256":"6ceef88f82095a509ab0aebec07c0b3c021c8b703741dbbd854c727b4950ed8c","sha512":"2fee56b68ac1166326c17298efa230f68ed495421a7f2ea84267f52cab091743d9d632adc6334f1f56985e884c29ae739e332db550263b7ce47d64236b0f46ce","ssdeep":"","tlshash":"a1410299606b15309227f0ae264b7684787910077801fd9d375c87c80fd2f9d91ab7de","size":2215,"data":"","first_seen":"2025-06-25T14:09:56.822961Z","last_seen":"2026-02-22T06:55:47.478431Z","times_seen":319,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"aniplaytree.com/video.mp4","fqdn":"aniplaytree.com","domain":"aniplaytree.com","tld":"com"},"ip":{"addr":"172.67.145.51","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://aniplaytree.com/land0077?cli=d3qm5p4ufias73855cn0\u0026sub1=39","date":"2025-10-19T22:15:01.189Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aniplaytree.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 04 Oct 2025 09:57:36 GMT","end":"Fri, 02 Jan 2026 10:57:34 GMT"},"fingerprint":{"sha1":"5A:BA:95:29:A5:48:AA:53:C1:F4:BC:D2:A4:85:CE:76:3C:20:E8:7C","sha256":"D5:0D:EE:20:D7:74:D0:E4:90:4E:9C:FD:D5:53:6A:F1:61:14:F6:8B:97:A5:F2:0F:C7:30:EA:39:95:D0:84:19"}}},"request":{"raw":"GET /video.mp4 HTTP/1.1\r\nHost: aniplaytree.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nReferer: https://aniplaytree.com/land0077?cli=d3qm5p4ufias73855cn0\u0026sub1=39\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ndate: Sun, 19 Oct 2025 22:15:01 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 8034545\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400, must-revalidate\r\netag: \"7b1e2bfe3a6ee511972e90efbf64c3c0\"\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=o1igYNZkfgeOP6kPKXcX%2BmN%2FwkWqQ97Pbw8IHM4CKa6L4yi8BbeSgHMLSFpe6VWSSmjOkAJ8dTa43ypTEgsGZF00D29RH9aizerSRDA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\ncontent-range: bytes 0-8034544/8034545\r\ncf-ray: 9913a1b8697bb28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1949056,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"635dd8134d37e95507d88bd291fd51cf","sha1":"5b1b52384cea3eeea6fb14cd7ab30af2fa86d5c5","sha256":"f01478623a389943bbce0a46e525072228e44f964dc89239bccf2cd84b0e6f61","sha512":"10c34c93ca5e2c90861230ad579f68391f80a9e9cc62ea0a1030985e330abd28158d77ad5449367482f0d3564c4eb7a47808e39ff443bb59823c267c800d165a","ssdeep":"12288:wrsmxJ7o7ueDV0KJh3KYHtd+ctep//8zYzrgrw0sBkzs1yeEX:wrNt65DVrKYF8h/88zErXxX","tlshash":"1225de46aeb10e66fa5df6bca462dbc4c1d32366d4c6ebc7b48d61241b389840b1f47c","first_seen":"2025-09-22T08:51:24.398827Z","last_seen":"2026-02-21T20:43:00.488846Z","times_seen":103,"resource_available":false,"data":null}},"time_used":62,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":52,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aniplaytree.com/favicon.webp","fqdn":"aniplaytree.com","domain":"aniplaytree.com","tld":"com"},"ip":{"addr":"172.67.145.51","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aniplaytree.com/land0077?cli=d3qm5p4ufias73855cn0\u0026sub1=39","date":"2025-10-19T22:15:01.308Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aniplaytree.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 04 Oct 2025 09:57:36 GMT","end":"Fri, 02 Jan 2026 10:57:34 GMT"},"fingerprint":{"sha1":"5A:BA:95:29:A5:48:AA:53:C1:F4:BC:D2:A4:85:CE:76:3C:20:E8:7C","sha256":"D5:0D:EE:20:D7:74:D0:E4:90:4E:9C:FD:D5:53:6A:F1:61:14:F6:8B:97:A5:F2:0F:C7:30:EA:39:95:D0:84:19"}}},"request":{"raw":"GET /favicon.webp HTTP/1.1\r\nHost: aniplaytree.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://aniplaytree.com/land0077?cli=d3qm5p4ufias73855cn0\u0026sub1=39\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 2341\r\npriority: u=6,i=?0\r\ncontent-type: image/webp\r\ncf-cache-status: REVALIDATED\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400, must-revalidate\r\netag: \"8a2540cf3b03281e201ea92d12853671\"\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JSDNl%2FTGDTfJmOZH562W1We50FaqXSkqpvtEFMN76CMCWMg4vbTOrN9Hs%2Bjx9uD%2BrAOFSBNV%2Fk6feGaevCvicbjPZG%2Fp4wmLIRUR0jRk%2BQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nage: 0\r\ndate: Sun, 19 Oct 2025 22:15:01 GMT\r\ncf-ray: 9913a1b92f73723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2341,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"6fb7495e403a4e2ecffedc8a8240c624","sha1":"185c2964fb175f0e575ae8dc376bca020791971b","sha256":"529054d94581be56f9f645a5c8da3ffc314c9d532f181810546e8ed0d7f46cba","sha512":"d8707c8a2ce4838f9de1ac796e302d89f8735aa4c3b7bdc68ac05e1c92f8fb451b413bee8b4f602f01a885b6f4736d81afdcb1554235038fddf81997e008f404","ssdeep":"","tlshash":"f4413b0cf7d68ac992c3dda5454c4032784007635721a30e64e1799ff4c1c90e42daab","first_seen":"2025-06-11T14:02:54.449955Z","last_seen":"2026-04-18T04:30:17.907032Z","times_seen":330,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-5B16ESZ7C2","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://lucebella.com.tw/lucebella/4c0845/2025-Ultamate/c14731?srsltid=AfmBOopyVcSYbbFhigJ6HlChlnIqDEIfAfDjUif3GOC6TF62AFXNcmSQ","date":"2025-10-19T22:14:58.439Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:40:44 GMT","end":"Mon, 15 Dec 2025 08:40:43 GMT"},"fingerprint":{"sha1":"02:50:AA:DF:C5:16:76:73:9E:ED:AD:C4:E5:98:EB:E7:2D:B9:C3:33","sha256":"6C:68:2F:0A:C2:03:62:A1:8E:7B:3B:BB:D6:6D:96:A7:78:6C:78:0F:1D:F0:EB:77:84:A5:4A:DD:07:44:9B:DD"}}},"request":{"raw":"GET /gtag/js?id=G-5B16ESZ7C2 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lucebella.com.tw/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sun, 19 Oct 2025 22:14:58 GMT\r\nexpires: Sun, 19 Oct 2025 22:14:58 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 141607\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":426224,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"8945d236c872594442053d941596bf7f","sha1":"d7d1e3181b68bd0952ed4c55aee27f3cab19dd75","sha256":"e602871475cd00b46494945e4b22bf76a4bae683dfbd9b3fa1eceb9d149f9dd6","sha512":"95ee66ae199a5c8ebd3b1b36f94ce273bdc85dc0b1edfb70b7e265a1253da4f4507f3f745cfc1595d391c529966e542e31a8538baff7fcf27f22ddf866549179","ssdeep":"6144:nBYc6tQSyOe+hy4nkEt7F8KWjxSqpRjeWvkAX6HJLGy1tyyluxwuuSyv:Bh6rRRhy4nkEt7F0EqPeKRy1bv","tlshash":"a0940a8e73c674269396f078503f018ba57b29a2f45cc896f189cce42d74a9a4277f7c","first_seen":"2025-10-19T22:15:29.656094Z","last_seen":"2025-10-19T22:15:29.656094Z","times_seen":1,"resource_available":true,"data":null}},"time_used":409,"timings":{"blocked":132,"dns":1,"connect":28,"send":0,"wait":62,"receive":79,"ssl":103},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"concludedgrowlabdicate.com/favicon.ico","fqdn":"concludedgrowlabdicate.com","domain":"concludedgrowlabdicate.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://concludedgrowlabdicate.com/cyvsqtj6?key=ed0677b1b30a855d6b19efb76ccebce8","date":"2025-10-19T22:14:59.503Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"concludedgrowlabdicate.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Oct 2025 11:18:35 GMT","end":"Thu, 01 Jan 2026 11:18:34 GMT"},"fingerprint":{"sha1":"91:6A:B1:34:8E:9A:9D:38:ED:DA:13:ED:53:07:A1:B7:C0:BB:E2:9A","sha256":"3D:60:61:F7:2E:5D:FC:AF:46:D1:D1:CC:30:2B:35:56:04:AB:47:CD:3B:B5:10:71:89:E2:70:20:3A:6C:A2:A8"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: concludedgrowlabdicate.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://concludedgrowlabdicate.com/api/users?token=L2N5dnNxdGo2P2tleT05Y2E2MDFhOWY0N2M3MzVkZjc2ZDVjYTQ2ZmEyNmE2NiZzdWJtZXRyaWM9MTg2MDQ0MzY\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxODYwNDQzNiwiayI6ImVkMDY3N2IxYjMwYTg1NWQ2YjE5ZWZiNzZjY2ViY2U4Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTExMDY3LCJwaWQiOjk4ODc3LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjM4LCJhaWQiOjI4LCJwdCI6NCwicGsiOiJjeXZzcXRqNiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbHVjZWJlbGxhLmNvbS50dy8iLCJhciI6W119fQ.sK54G1VCwDDQLP_gOFMz6ljxMc_iNyLhGsuLFHs3Awc; cjs=t\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-14T14:59:10.506438Z","times_seen":15171651,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"concludedgrowlabdicate.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"concludedgrowlabdicate.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"concludedgrowlabdicate.com/api/users?token=L2N5dnNxdGo2P2tleT1lZDA2NzdiMWIzMGE4NTVkNmIxOWVmYjc2Y2NlYmNlOCZwc3Q9MTc2MDkxMjE1OSZyZWZlcj1odHRwcyUzQSUyRiUyRmx1Y2ViZWxsYS5jb20udHclMkYmcm10Yz10JnNodT02MGMwODM5NjY5YTk0NTZiOTIzYTMyYzFjMTgxNGUyNzQ0YWMxZjhjNDExYWViMzViOTg2NWVlYzNhNzE4MTVmN2UyMjRjZGJiNTg4NWVkNTM0ZThhYTM2Y2M2NDIxYWI1M2MwOWJmNmYxMTY1NTFiNTJmYTQxNDU4ZDU4ZmI5MzliNmZjOTk5Y2M3ZDZjMWE4ODg5N2U0MTQ3ZjU4MDIwY2E5ZjMxY2EwMWM2NWIyY2M2MTU4NyZwaWk9JmluPSZ1dWlkPQ","fqdn":"concludedgrowlabdicate.com","domain":"concludedgrowlabdicate.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-19T22:14:59.525Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"concludedgrowlabdicate.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Oct 2025 11:18:35 GMT","end":"Thu, 01 Jan 2026 11:18:34 GMT"},"fingerprint":{"sha1":"91:6A:B1:34:8E:9A:9D:38:ED:DA:13:ED:53:07:A1:B7:C0:BB:E2:9A","sha256":"3D:60:61:F7:2E:5D:FC:AF:46:D1:D1:CC:30:2B:35:56:04:AB:47:CD:3B:B5:10:71:89:E2:70:20:3A:6C:A2:A8"}}},"request":{"raw":"GET /api/users?token=L2N5dnNxdGo2P2tleT1lZDA2NzdiMWIzMGE4NTVkNmIxOWVmYjc2Y2NlYmNlOCZwc3Q9MTc2MDkxMjE1OSZyZWZlcj1odHRwcyUzQSUyRiUyRmx1Y2ViZWxsYS5jb20udHclMkYmcm10Yz10JnNodT02MGMwODM5NjY5YTk0NTZiOTIzYTMyYzFjMTgxNGUyNzQ0YWMxZjhjNDExYWViMzViOTg2NWVlYzNhNzE4MTVmN2UyMjRjZGJiNTg4NWVkNTM0ZThhYTM2Y2M2NDIxYWI1M2MwOWJmNmYxMTY1NTFiNTJmYTQxNDU4ZDU4ZmI5MzliNmZjOTk5Y2M3ZDZjMWE4ODg5N2U0MTQ3ZjU4MDIwY2E5ZjMxY2EwMWM2NWIyY2M2MTU4NyZwaWk9JmluPSZ1dWlkPQ HTTP/1.1\r\nHost: concludedgrowlabdicate.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://concludedgrowlabdicate.com/api/users?token=L2N5dnNxdGo2P2tleT05Y2E2MDFhOWY0N2M3MzVkZjc2ZDVjYTQ2ZmEyNmE2NiZzdWJtZXRyaWM9MTg2MDQ0MzY\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxODYwNDQzNiwiayI6ImVkMDY3N2IxYjMwYTg1NWQ2YjE5ZWZiNzZjY2ViY2U4Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTExMDY3LCJwaWQiOjk4ODc3LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjM4LCJhaWQiOjI4LCJwdCI6NCwicGsiOiJjeXZzcXRqNiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbHVjZWJlbGxhLmNvbS50dy8iLCJhciI6W119fQ.sK54G1VCwDDQLP_gOFMz6ljxMc_iNyLhGsuLFHs3Awc; cjs=t\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: nginx/1.21.6\r\nDate: Sun, 19 Oct 2025 22:15:00 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nlocation: https://www.adx29.com/chlfl2k.php?key=77c7abc02cc18e818916\u0026SUB_ID_SHORT=5ae0d06fc34661c8aa85f0cd2a363f44\u0026COST_CPA=\u0026PLACEMENT_ID=18604436\u0026CAMPAIGN_ID=1321932\u0026DEVICE_BRAND=Unknown\u0026BROWSER_NAME=Firefox\u0026USER_OS=Windows\u0026USER_CARRIER=Blix%20Solutions\u0026USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0%29%20Gecko%2F20100101%20Firefox%2F134.0\u0026REMOTE_LANGUAGE=11\u0026BANNER_ID=3537896\r\nset-cookie: pdhtkv=true; expires=Mon, 20 Oct 2025 22:15:00 GMT; path=/\nuncs=1; expires=Mon, 20 Oct 2025 22:15:00 GMT; path=/\npdhtkv28=true; expires=Mon, 20 Oct 2025 22:15:00 GMT; path=/\nuncs28=1; expires=Mon, 20 Oct 2025 22:15:00 GMT; path=/\nu_pl18604436=1; expires=Mon, 20 Oct 2025 22:15:00 GMT; path=/\niprc_c+b62dbbbc6033c419849445243a63dcb0=1321932; expires=Mon, 20 Oct 2025 22:15:00 GMT; path=/\niprc_c:1321932=1; expires=Mon, 20 Oct 2025 22:15:00 GMT; path=/\niprc_a+e616d32d349ca43cb03a590d1a2e43d3=521830; expires=Sun, 26 Oct 2025 22:15:00 GMT; path=/\niprc_a:521830=1; expires=Sun, 26 Oct 2025 22:15:00 GMT; path=/\r\nx-envoy-upstream-service-time: 220\r\nHost: concludedgrowlabdicate.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 7e1312f39204fa285cb97b9eba70d5b1\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":19156,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-14T14:59:10.506438Z","times_seen":15171651,"resource_available":true,"data":null}},"time_used":870,"timings":{"blocked":277,"dns":1,"connect":91,"send":0,"wait":315,"receive":0,"ssl":184},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"concludedgrowlabdicate.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"concludedgrowlabdicate.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aniplaytree.com/ScoutCondensed-Bold.woff","fqdn":"aniplaytree.com","domain":"aniplaytree.com","tld":"com"},"ip":{"addr":"172.67.145.51","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://aniplaytree.com/land0077?cli=d3qm5p4ufias73855cn0\u0026sub1=39","date":"2025-10-19T22:15:01.124Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aniplaytree.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 04 Oct 2025 09:57:36 GMT","end":"Fri, 02 Jan 2026 10:57:34 GMT"},"fingerprint":{"sha1":"5A:BA:95:29:A5:48:AA:53:C1:F4:BC:D2:A4:85:CE:76:3C:20:E8:7C","sha256":"D5:0D:EE:20:D7:74:D0:E4:90:4E:9C:FD:D5:53:6A:F1:61:14:F6:8B:97:A5:F2:0F:C7:30:EA:39:95:D0:84:19"}}},"request":{"raw":"GET /ScoutCondensed-Bold.woff HTTP/1.1\r\nHost: aniplaytree.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://aniplaytree.com/land0077?cli=d3qm5p4ufias73855cn0\u0026sub1=39\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 19 Oct 2025 22:15:01 GMT\r\ncontent-type: application/font-woff\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400, must-revalidate\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gzT73g2Ux74BfNHgGenbnC%2Bx6UZzdY8XN%2Ba%2FYUfAHekRzJc6DSA968y29VoWjwZYVy8eH9GOxhb8TpJZrgTXLnUYeEp6LvLJSwWa1U8%3D\"}]}\r\netag: W/\"8d2a244ab4d2c2e8d1e2dd8c275997eb\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\ncf-ray: 9913a1b808e1b28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6496,"size_decoded":0,"mime_type":"application/font-woff","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-14T14:59:10.506438Z","times_seen":15171651,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aniplaytree.com/poster.webp","fqdn":"aniplaytree.com","domain":"aniplaytree.com","tld":"com"},"ip":{"addr":"172.67.145.51","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aniplaytree.com/land0077?cli=d3qm5p4ufias73855cn0\u0026sub1=39","date":"2025-10-19T22:15:01.126Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aniplaytree.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 04 Oct 2025 09:57:36 GMT","end":"Fri, 02 Jan 2026 10:57:34 GMT"},"fingerprint":{"sha1":"5A:BA:95:29:A5:48:AA:53:C1:F4:BC:D2:A4:85:CE:76:3C:20:E8:7C","sha256":"D5:0D:EE:20:D7:74:D0:E4:90:4E:9C:FD:D5:53:6A:F1:61:14:F6:8B:97:A5:F2:0F:C7:30:EA:39:95:D0:84:19"}}},"request":{"raw":"GET /poster.webp HTTP/1.1\r\nHost: aniplaytree.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://aniplaytree.com/land0077?cli=d3qm5p4ufias73855cn0\u0026sub1=39\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 19 Oct 2025 22:15:01 GMT\r\ncontent-type: image/webp\r\ncontent-length: 107274\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400, must-revalidate\r\netag: \"135d6a4eaac1df1d79670d50c6b7171a\"\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3BGsVVyoxbsB38rlXqNKTzsAoiJvxpdVItTrdvOoSA1VrvLN7Ab4%2Fsemkv5D7%2BoAmXkck6QX7cJ0fYk9yQPFfEv%2Foe6duOwr9qbwY%2Bc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\ncf-ray: 9913a1b808e2b28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":107274,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"59a5504901c291334f66d11c2bf00ac2","sha1":"02fd789fcdd9e0709c70a027064d9381ec86fe5f","sha256":"55acf5ba81987067cbfadb64e0f55df35de161d4f6c4d2a70720d836e1769fcc","sha512":"e07bdfc0d7cf10b194efa7ae7f33fd21240cf8c29ac514b68e7d2cc7ed46a61a12a283bea5cb283d81c717f80d33163a1697f4d9c11fd46073c7ef65bf13d73c","ssdeep":"3072:sBAv2oxB6yIYsDEgsed629MdeY/uXMNNle86uE5YvZG7+V:sKv2onI/DtfEzuqe81Eg6+V","tlshash":"d0a3128fc9d5d145c23a6470e5bbf0e5ea34966bf1e2ca73654d0c330a5faeda136600","first_seen":"2025-06-25T14:09:56.802944Z","last_seen":"2026-02-22T06:55:47.458561Z","times_seen":333,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aniplaytree.com/logo.webp","fqdn":"aniplaytree.com","domain":"aniplaytree.com","tld":"com"},"ip":{"addr":"172.67.145.51","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aniplaytree.com/land0077?cli=d3qm5p4ufias73855cn0\u0026sub1=39","date":"2025-10-19T22:15:01.127Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aniplaytree.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 04 Oct 2025 09:57:36 GMT","end":"Fri, 02 Jan 2026 10:57:34 GMT"},"fingerprint":{"sha1":"5A:BA:95:29:A5:48:AA:53:C1:F4:BC:D2:A4:85:CE:76:3C:20:E8:7C","sha256":"D5:0D:EE:20:D7:74:D0:E4:90:4E:9C:FD:D5:53:6A:F1:61:14:F6:8B:97:A5:F2:0F:C7:30:EA:39:95:D0:84:19"}}},"request":{"raw":"GET /logo.webp HTTP/1.1\r\nHost: aniplaytree.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://aniplaytree.com/land0077?cli=d3qm5p4ufias73855cn0\u0026sub1=39\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 19 Oct 2025 22:15:01 GMT\r\ncontent-type: image/webp\r\ncontent-length: 12006\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400, must-revalidate\r\netag: \"7c144d6897847f0692650778b02c3309\"\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0VYzmU9Qb%2Ffna3kVlLdEc5V5ZV%2FOvk5NqLfgLy%2Fm5gujH8MV1F%2B2GIqK1MZjafAqpbtmzZoW40KN4qjVMVT7s1AqnkEMoPHHgc1o5UqSDKmozZAY%2FzQJ7DM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\ncf-ray: 9913a1b808e3b28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12006,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"19fce64510863e9c4c3938ffca727031","sha1":"3ee70cdc238dd90506af3725324587a990e9e2ee","sha256":"d5d62f87a16fc91b790a95501bef6c08716402e3721813fd3cb951668a6b4c6a","sha512":"156bce397734dd11cb14a7f76b713d546abcf19935c05cb59532a4a9d568bf3faf8ebd3ffd7a969d1e0143d7209803a5ae38ce116021a54ac05d6afb275195aa","ssdeep":"192:fzJVoTfzuKiTrzkrnEugLCzndCpsC0EiNcFQuNljNnK4i/8KfZwTv1xPlT:fzJVfKSrzkANLCWPi/WjoZqTXd","tlshash":"8142c0d499125337fb23bfb9016daebeb703f1748ab7a0190f9e302025781620639c54","first_seen":"2025-06-25T14:09:56.814545Z","last_seen":"2026-02-22T06:55:47.459815Z","times_seen":334,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lust-games.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"lust-games.com","domain":"lust-games.com","tld":"com"},"ip":{"addr":"104.21.40.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aniplaytree.com/land0077?cli=d3qm5p4ufias73855cn0\u0026sub1=39","date":"2025-10-19T22:15:01.129Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lust-games.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 10:18:21 GMT","end":"Tue, 16 Dec 2025 11:18:11 GMT"},"fingerprint":{"sha1":"0D:2F:33:47:8D:0C:A2:48:70:96:57:48:EA:3F:9D:07:80:B1:16:85","sha256":"C2:60:0B:CF:FE:DB:3B:70:C4:8C:8D:E9:22:B9:D5:D8:94:99:E1:33:5B:50:4D:D7:D5:9E:6B:AC:90:0B:83:72"}}},"request":{"raw":"GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1\r\nHost: lust-games.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://aniplaytree.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 19 Oct 2025 22:15:01 GMT\r\ncontent-type: application/javascript\r\nexpires: Sun, 19 Oct 2025 23:03:01 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AsQi2r%2F1wZtHKAmI4dEmAJJSgCOGLIbHM5LzrR%2Fi1u%2FKsFoBGnXSsfdzr5f2xTd8KNrSIpfU2BQM3eH541IWcUVC4xI0QCiTWGyo2SKu\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9913a1b8edc2b1b8-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1239,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1238)","md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-05-14T14:59:09.927837Z","times_seen":337947,"resource_available":true,"data":null}},"time_used":292,"timings":{"blocked":141,"dns":4,"connect":1,"send":0,"wait":3,"receive":0,"ssl":139},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aniplaytree.com/ScoutCondensed-Bold.woff","fqdn":"aniplaytree.com","domain":"aniplaytree.com","tld":"com"},"ip":{"addr":"172.67.145.51","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://aniplaytree.com/land0077?cli=d3qm5p4ufias73855cn0\u0026sub1=39","date":"2025-10-19T22:15:01.181Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aniplaytree.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 04 Oct 2025 09:57:36 GMT","end":"Fri, 02 Jan 2026 10:57:34 GMT"},"fingerprint":{"sha1":"5A:BA:95:29:A5:48:AA:53:C1:F4:BC:D2:A4:85:CE:76:3C:20:E8:7C","sha256":"D5:0D:EE:20:D7:74:D0:E4:90:4E:9C:FD:D5:53:6A:F1:61:14:F6:8B:97:A5:F2:0F:C7:30:EA:39:95:D0:84:19"}}},"request":{"raw":"GET /ScoutCondensed-Bold.woff HTTP/1.1\r\nHost: aniplaytree.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nReferer: https://aniplaytree.com/land0077?cli=d3qm5p4ufias73855cn0\u0026sub1=39\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 19 Oct 2025 22:15:01 GMT\r\ncontent-type: application/font-woff\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400, must-revalidate\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gzT73g2Ux74BfNHgGenbnC%2Bx6UZzdY8XN%2Ba%2FYUfAHekRzJc6DSA968y29VoWjwZYVy8eH9GOxhb8TpJZrgTXLnUYeEp6LvLJSwWa1U8%3D\"}]}\r\netag: W/\"8d2a244ab4d2c2e8d1e2dd8c275997eb\"\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\ncf-ray: 9913a1b85964b28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6496,"size_decoded":0,"mime_type":"application/font-woff","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-14T14:59:10.506438Z","times_seen":15171651,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lucebella.com.tw/lucebella/4c0845/2025-Ultamate/c14731?srsltid=AfmBOopyVcSYbbFhigJ6HlChlnIqDEIfAfDjUif3GOC6TF62AFXNcmSQ","fqdn":"lucebella.com.tw","domain":"lucebella.com.tw","tld":"com.tw"},"ip":{"addr":"104.21.73.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-19T22:14:57.737Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lucebella.com.tw","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Oct 2025 03:25:36 GMT","end":"Wed, 14 Jan 2026 04:22:43 GMT"},"fingerprint":{"sha1":"36:89:F7:06:74:7A:22:A0:0C:52:5F:DD:D3:B6:6F:F6:B8:9F:90:7B","sha256":"06:3D:02:1F:EB:23:3E:6D:C9:C6:47:43:8E:61:27:03:62:97:32:BC:93:C2:88:82:BE:75:AC:A2:71:63:DF:F6"}}},"request":{"raw":"GET /lucebella/4c0845/2025-Ultamate/c14731?srsltid=AfmBOopyVcSYbbFhigJ6HlChlnIqDEIfAfDjUif3GOC6TF62AFXNcmSQ HTTP/1.1\r\nHost: lucebella.com.tw\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 19 Oct 2025 22:14:58 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: max-age=2592000\r\nexpires: Tue, 18 Nov 2025 22:14:58 GMT\r\nvary: Accept-Encoding,User-Agent\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XlpJ0pAdN3Jk%2BOv22hvXG7hofZaoXQNra8N7vZ2lARQrLtwBzS43nq3i1iXYq8en9m4DPmIlbzv2tx%2Bcb94tYKGtfEK5BuBR0oNIVWqhrxo%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9913a1a2fea432fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":621,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"86746d79e3fc1de11c7f9db6606462e3","sha1":"98817b1a6a8f24887e0e49d2a4f7c1684da9ddc1","sha256":"687950fe43d8ee162a0c03330cb17abd21d47de5c575fdf9f4f5b6be06001e5d","sha512":"dbc9ce12f32d2f346b47345e5331fa4a2830b265b00827ab9365df1e837ff8ebe949d483472d877c1f59c5d7cb6b7c4accb211c124769fa05b5de6d8f0884f53","ssdeep":"","tlshash":"61f078a735064c2412f696727bb6f608e21ba01b54c05d117a9861032fb06a78d87ed8","first_seen":"2025-10-19T22:15:29.676621Z","last_seen":"2025-10-19T22:15:29.676621Z","times_seen":1,"resource_available":false,"data":null}},"time_used":545,"timings":{"blocked":18,"dns":0,"connect":1,"send":0,"wait":510,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lucebella.com.tw/favicon.ico","fqdn":"lucebella.com.tw","domain":"lucebella.com.tw","tld":"com.tw"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lucebella.com.tw/lucebella/4c0845/2025-Ultamate/c14731?srsltid=AfmBOopyVcSYbbFhigJ6HlChlnIqDEIfAfDjUif3GOC6TF62AFXNcmSQ","date":"2025-10-19T22:14:58.538Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lucebella.com.tw","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Oct 2025 03:25:36 GMT","end":"Wed, 14 Jan 2026 04:22:43 GMT"},"fingerprint":{"sha1":"36:89:F7:06:74:7A:22:A0:0C:52:5F:DD:D3:B6:6F:F6:B8:9F:90:7B","sha256":"06:3D:02:1F:EB:23:3E:6D:C9:C6:47:43:8E:61:27:03:62:97:32:BC:93:C2:88:82:BE:75:AC:A2:71:63:DF:F6"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: lucebella.com.tw\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lucebella.com.tw/lucebella/4c0845/2025-Ultamate/c14731?srsltid=AfmBOopyVcSYbbFhigJ6HlChlnIqDEIfAfDjUif3GOC6TF62AFXNcmSQ\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-14T14:59:10.506438Z","times_seen":15171651,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"concludedgrowlabdicate.com/cyvsqtj6?key=ed0677b1b30a855d6b19efb76ccebce8","fqdn":"concludedgrowlabdicate.com","domain":"concludedgrowlabdicate.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-19T22:14:58.926Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"concludedgrowlabdicate.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Oct 2025 11:18:35 GMT","end":"Thu, 01 Jan 2026 11:18:34 GMT"},"fingerprint":{"sha1":"91:6A:B1:34:8E:9A:9D:38:ED:DA:13:ED:53:07:A1:B7:C0:BB:E2:9A","sha256":"3D:60:61:F7:2E:5D:FC:AF:46:D1:D1:CC:30:2B:35:56:04:AB:47:CD:3B:B5:10:71:89:E2:70:20:3A:6C:A2:A8"}}},"request":{"raw":"GET /cyvsqtj6?key=ed0677b1b30a855d6b19efb76ccebce8 HTTP/1.1\r\nHost: concludedgrowlabdicate.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lucebella.com.tw/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 19 Oct 2025 22:14:59 GMT\r\nContent-Type: text/html\r\nContent-Length: 2270\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nvary: Accept-Encoding\r\nset-cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxODYwNDQzNiwiayI6ImVkMDY3N2IxYjMwYTg1NWQ2YjE5ZWZiNzZjY2ViY2U4Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTExMDY3LCJwaWQiOjk4ODc3LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjM4LCJhaWQiOjI4LCJwdCI6NCwicGsiOiJjeXZzcXRqNiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbHVjZWJlbGxhLmNvbS50dy8iLCJhciI6W119fQ.sK54G1VCwDDQLP_gOFMz6ljxMc_iNyLhGsuLFHs3Awc; expires=Sun, 19 Oct 2025 22:15:59 GMT; path=/\r\nx-envoy-upstream-service-time: 1\r\nHost: concludedgrowlabdicate.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: be09fa38f734ee8085b40c3fd044bd5b\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4682,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (4681)","md5":"da51634d4f7d76987c0e2c97f268b758","sha1":"9eead7f6cffdd17165ef4f95b1530b09b7af5813","sha256":"cbbf265b483e2a428c7cfbea4b505f20677c00a5de70f8637bff2765092bde9d","sha512":"df672c93e403785b4dc29ac11e096ebe7f95a0a5b4c96ed1a7438598541533eb2ad7cb67aced5ea7f12c6aebd89a9b8ce00c8c11f3cde6bb091aadcba563524e","ssdeep":"96:z922YfIuzVcmCmPIHIboIgpwaTv38MnVeSa+AdKshnZPAP4m:Q2YfTzSjkc6ozwa7tn3a3dDWP4m","tlshash":"7fa1859134307878047a1517d5afb31936324e17b6027560a16c5ab83d3decba626fef","first_seen":"2025-10-19T22:15:29.682235Z","last_seen":"2025-10-19T22:15:29.682235Z","times_seen":1,"resource_available":false,"data":null}},"time_used":762,"timings":{"blocked":332,"dns":50,"connect":92,"send":0,"wait":97,"receive":1,"ssl":187},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"concludedgrowlabdicate.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"concludedgrowlabdicate.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://concludedgrowlabdicate.com/cyvsqtj6?key=ed0677b1b30a855d6b19efb76ccebce8","date":"2025-10-19T22:14:59.469Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://concludedgrowlabdicate.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://concludedgrowlabdicate.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-14T14:59:10.506438Z","times_seen":15171651,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":0,"dns":0,"connect":21,"send":0,"wait":0,"receive":0,"ssl":-1},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aniplaytree.com/land0077?cli=d3qm5p4ufias73855cn0\u0026sub1=39","fqdn":"aniplaytree.com","domain":"aniplaytree.com","tld":"com"},"ip":{"addr":"172.67.145.51","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-19T22:15:00.748Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aniplaytree.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 04 Oct 2025 09:57:36 GMT","end":"Fri, 02 Jan 2026 10:57:34 GMT"},"fingerprint":{"sha1":"5A:BA:95:29:A5:48:AA:53:C1:F4:BC:D2:A4:85:CE:76:3C:20:E8:7C","sha256":"D5:0D:EE:20:D7:74:D0:E4:90:4E:9C:FD:D5:53:6A:F1:61:14:F6:8B:97:A5:F2:0F:C7:30:EA:39:95:D0:84:19"}}},"request":{"raw":"GET /land0077?cli=d3qm5p4ufias73855cn0\u0026sub1=39 HTTP/1.1\r\nHost: aniplaytree.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://concludedgrowlabdicate.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 19 Oct 2025 22:15:00 GMT\r\ncontent-type: text/html; charset=utf-8\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlink: \u003ccontent_block_bg.webp\u003e; rel=\"preload\"; as=image, \u003cpaginator_active.svg\u003e; rel=\"preload\"; as=image, \u003cpaginator_inactive.svg\u003e; rel=\"preload\"; as=image, \u003cbutton_next.webp\u003e; rel=\"preload\"; as=image, \u003cbutton_next_ru.webp\u003e; rel=\"preload\"; as=image, \u003cbutton_redirect.svg\u003e; rel=\"preload\"; as=image, \u003cbutton_redirect_ru.svg\u003e; rel=\"preload\"; as=image, \u003csection_bg_1.webp\u003e; rel=\"preload\"; as=image, \u003c1_1.webp\u003e; rel=\"preload\"; as=image, \u003c1_1_selected.webp\u003e; rel=\"preload\"; as=image, \u003c1_2.webp\u003e; rel=\"preload\"; as=image, \u003c1_2_selected.webp\u003e; rel=\"preload\"; as=image, \u003c1_3.webp\u003e; rel=\"preload\"; as=image, \u003c1_3_selected.webp\u003e; rel=\"preload\"; as=image, \u003c2_1.webp\u003e; rel=\"preload\"; as=image, \u003c2_1_selected.webp\u003e; rel=\"preload\"; as=image, \u003c2_2.webp\u003e; rel=\"preload\"; as=image, \u003c2_2_selected.webp\u003e; rel=\"preload\"; as=image, \u003c2_3.webp\u003e; rel=\"preload\"; as=image, \u003c2_3_selected.webp\u003e; rel=\"preload\"; as=image, \u003csection_bg_3.webp\u003e; rel=\"preload\"; as=image, \u003c3_1.webp\u003e; rel=\"preload\"; as=image, \u003c3_1_selected.webp\u003e; rel=\"preload\"; as=image, \u003c3_2.webp\u003e; rel=\"preload\"; as=image, \u003c3_2_selected.webp\u003e; rel=\"preload\"; as=image, \u003c3_3.webp\u003e; rel=\"preload\"; as=image, \u003c3_3_selected.webp\u003e; rel=\"preload\"; as=image, \u003csection_bg_5.webp\u003e; rel=\"preload\"; as=image\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3wdSgeH%2FE0efew%2FS1%2B7lp6h8Z8dPremwM0McmdF8HK7tMT0yk%2F%2BuNZCKy%2BDEKR3YJ5RSHgoBIYtVzcgaC3newFLq4duR0or3YXXZbcoidA%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncontent-encoding: br\r\ncf-ray: 9913a1b6de72b28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19156,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"97efd419212fd461b50c4be9439bf1a9","sha1":"04f2c6c477d35fad7aebd30266ad3de1767a334e","sha256":"a76737c86ec8a24e7ae77b17fec28fec52580cd9a504f7a811ac6b4d5077c299","sha512":"342622e92ebd12931f8d110d7bc6cc56eeb6e8f2b03a01e296c8cb4307c30866f79832e301a47e2b44df510f5d1af6ced92bd43fd1d2c0de875a199d4d2d8917","ssdeep":"192:3AQl/WjSxMqSxQSxaY3/qESxnWSR7zTSx5SxxLSn0oSHiRSxrMT1Q1Yio4ku0jdy:3AQlvzbH8hrGmiqiIJbQ","tlshash":"4b82952675462505913382e65fc326a8f7fdc003850669e879dca68a8ff7f50c1d3b9b","first_seen":"2025-10-08T11:12:32.674691Z","last_seen":"2025-10-31T12:16:08.55035Z","times_seen":275,"resource_available":false,"data":null}},"time_used":376,"timings":{"blocked":186,"dns":4,"connect":1,"send":0,"wait":4,"receive":0,"ssl":178},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aniplaytree.com/ScoutCondensed-Light.woff","fqdn":"aniplaytree.com","domain":"aniplaytree.com","tld":"com"},"ip":{"addr":"172.67.145.51","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://aniplaytree.com/land0077?cli=d3qm5p4ufias73855cn0\u0026sub1=39","date":"2025-10-19T22:15:01.123Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aniplaytree.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 04 Oct 2025 09:57:36 GMT","end":"Fri, 02 Jan 2026 10:57:34 GMT"},"fingerprint":{"sha1":"5A:BA:95:29:A5:48:AA:53:C1:F4:BC:D2:A4:85:CE:76:3C:20:E8:7C","sha256":"D5:0D:EE:20:D7:74:D0:E4:90:4E:9C:FD:D5:53:6A:F1:61:14:F6:8B:97:A5:F2:0F:C7:30:EA:39:95:D0:84:19"}}},"request":{"raw":"GET /ScoutCondensed-Light.woff HTTP/1.1\r\nHost: aniplaytree.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://aniplaytree.com/land0077?cli=d3qm5p4ufias73855cn0\u0026sub1=39\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 19 Oct 2025 22:15:01 GMT\r\ncontent-type: application/font-woff\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400, must-revalidate\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ea21rOhylZdKJjZe5yaFoh3MW3Wd%2Bye90Zs6xqh2o%2BrDDH2YgEsd8fs2hQwOKm3Hn%2B0s0L9pmnQI4AI%2FjivzxOlEb5qq3IVpHZtIRa4%3D\"}]}\r\netag: W/\"377efb1bbbebfa4d01d4c30f4ecc043b\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\ncf-ray: 9913a1b7f8deb28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6496,"size_decoded":0,"mime_type":"application/font-woff","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-14T14:59:10.506438Z","times_seen":15171651,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aniplaytree.com/favicon.webp","fqdn":"aniplaytree.com","domain":"aniplaytree.com","tld":"com"},"ip":{"addr":"172.67.145.51","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aniplaytree.com/land0077?cli=d3qm5p4ufias73855cn0\u0026sub1=39","date":"2025-10-19T22:15:01.306Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aniplaytree.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 04 Oct 2025 09:57:36 GMT","end":"Fri, 02 Jan 2026 10:57:34 GMT"},"fingerprint":{"sha1":"5A:BA:95:29:A5:48:AA:53:C1:F4:BC:D2:A4:85:CE:76:3C:20:E8:7C","sha256":"D5:0D:EE:20:D7:74:D0:E4:90:4E:9C:FD:D5:53:6A:F1:61:14:F6:8B:97:A5:F2:0F:C7:30:EA:39:95:D0:84:19"}}},"request":{"raw":"GET /favicon.webp HTTP/1.1\r\nHost: aniplaytree.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://aniplaytree.com/land0077?cli=d3qm5p4ufias73855cn0\u0026sub1=39\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 2341\r\npriority: u=6,i=?0\r\ncontent-type: image/webp\r\ncf-cache-status: REVALIDATED\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400, must-revalidate\r\netag: \"8a2540cf3b03281e201ea92d12853671\"\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JSDNl%2FTGDTfJmOZH562W1We50FaqXSkqpvtEFMN76CMCWMg4vbTOrN9Hs%2Bjx9uD%2BrAOFSBNV%2Fk6feGaevCvicbjPZG%2Fp4wmLIRUR0jRk%2BQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ndate: Sun, 19 Oct 2025 22:15:01 GMT\r\ncf-ray: 9913a1b92f72723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2341,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"6fb7495e403a4e2ecffedc8a8240c624","sha1":"185c2964fb175f0e575ae8dc376bca020791971b","sha256":"529054d94581be56f9f645a5c8da3ffc314c9d532f181810546e8ed0d7f46cba","sha512":"d8707c8a2ce4838f9de1ac796e302d89f8735aa4c3b7bdc68ac05e1c92f8fb451b413bee8b4f602f01a885b6f4736d81afdcb1554235038fddf81997e008f404","ssdeep":"","tlshash":"f4413b0cf7d68ac992c3dda5454c4032784007635721a30e64e1799ff4c1c90e42daab","first_seen":"2025-06-11T14:02:54.449955Z","last_seen":"2026-04-18T04:30:17.907032Z","times_seen":330,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.adx29.com/chlfl2k.php?key=77c7abc02cc18e818916\u0026SUB_ID_SHORT=5ae0d06fc34661c8aa85f0cd2a363f44\u0026COST_CPA=\u0026PLACEMENT_ID=18604436\u0026CAMPAIGN_ID=1321932\u0026DEVICE_BRAND=Unknown\u0026BROWSER_NAME=Firefox\u0026USER_OS=Windows\u0026USER_CARRIER=Blix%20Solutions\u0026USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0%29%20Gecko%2F20100101%20Firefox%2F134.0\u0026REMOTE_LANGUAGE=11\u0026BANNER_ID=3537896","fqdn":"www.adx29.com","domain":"adx29.com","tld":"com"},"ip":{"addr":"139.59.77.48","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"India","country_code":"IN"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-19T22:15:00.124Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.adx29.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Oct 2025 09:58:05 GMT","end":"Fri, 02 Jan 2026 09:58:04 GMT"},"fingerprint":{"sha1":"60:75:06:56:1C:C4:A5:74:53:B0:51:78:6C:F4:CA:08:9D:6F:EB:32","sha256":"DA:FF:30:A1:79:E1:C6:CE:0B:DC:40:22:78:10:0E:8C:2B:82:E1:0A:D6:85:1E:93:A6:FF:82:42:21:29:EB:E7"}}},"request":{"raw":"GET /chlfl2k.php?key=77c7abc02cc18e818916\u0026SUB_ID_SHORT=5ae0d06fc34661c8aa85f0cd2a363f44\u0026COST_CPA=\u0026PLACEMENT_ID=18604436\u0026CAMPAIGN_ID=1321932\u0026DEVICE_BRAND=Unknown\u0026BROWSER_NAME=Firefox\u0026USER_OS=Windows\u0026USER_CARRIER=Blix%20Solutions\u0026USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0%29%20Gecko%2F20100101%20Firefox%2F134.0\u0026REMOTE_LANGUAGE=11\u0026BANNER_ID=3537896 HTTP/1.1\r\nHost: www.adx29.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://concludedgrowlabdicate.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 307 Temporary Redirect\r\ndate: Sun, 19 Oct 2025 22:15:00 GMT\r\nlocation: https://aniplaytree.com/land0077?cli=d3qm5p4ufias73855cn0\u0026sub1=39\r\nset-cookie: uclick=zeuPkg0ObYo1h+L1YGCYt0iY/g+dx2j528Xlf3t/qGGlHZeaCd6QndmNmKxEeHB54kSTKt4=; Max-Age=31536000; SameSite=Lax\nbcid=d3qm5p4ufias73855cn0; Max-Age=31536000; SameSite=Lax\r\nvia: 1.1 Caddy\r\nx-request-id: 1bcc3293-3601-4e50-9427-228a1ff17ba1\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":null,"data":{"size":19156,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-14T14:59:10.506438Z","times_seen":15171651,"resource_available":true,"data":null}},"time_used":1068,"timings":{"blocked":449,"dns":97,"connect":169,"send":0,"wait":170,"receive":0,"ssl":180},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"www.adx29.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}