{"report_id":"a2b0ce93-87ce-429a-b232-06f62e947a5e","version":6,"status":"done","tags":[],"date":"2026-06-02T13:12:37Z","url":{"schema":"http","addr":"orange9.sjmwu.top","fqdn":"orange9.sjmwu.top","domain":"sjmwu.top","tld":"top"},"ip":{"addr":"172.67.188.73","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"orange9.sjmwu.top/","fqdn":"orange9.sjmwu.top","domain":"sjmwu.top","tld":"top"},"title":"Orange Money fête l'Aïd el-Adha — 10 000 F CFA GRATUITS !","dom":{"size":27806,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (3275)","md5":"305a2bf37b340e00527014239a2874d9","sha1":"8d48c072ba406012ee60f2d1a2950e7fd0d77751","sha256":"4e90f5906d81dadf934426c57dd11689e89fc29ddad66766fec58a2695e1640c","sha512":"1ec698d8edd695cedd145b232d9e95600f003b8edd404465bb17142a5e633127b6dcd59ef361bb715d50d56879c3f9aee0dd399c64a24efff34c1b755836f4a1","ssdeep":"384:Bp460t3b2+SLeeGikw2k50rK0jyJXlCxsh07xzpaIgU58Zu4Woa2JVrMmEj:B4t3HsjGlVk50+0jyJXQ+ytpaG74WVmS","tlshash":"13c2b657b6d2102751b7a0e13eab670966b58107e547cc793eac42c0cfcdd9262eb72c","dom_hash":"domhash63b8bbffbbe6869569ebacb82b897e59","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"orange9.sjmwu.top","fqdn":"orange9.sjmwu.top","domain":"sjmwu.top","tld":"top"},"ip":{"addr":"172.67.188.73","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-07T13:12:37Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":6}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"599cdn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"orange9.sjmwu.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"orange9.sjmwu.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"orange9.sjmwu.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"orange9.sjmwu.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"tj.16gift.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"orange9.sjmwu.top","ip":{"addr":"104.21.32.235","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-09-09","domain_rank":0,"first_seen":"2026-06-02T12:54:37.304048Z","last_seen":"2026-06-02T12:54:37.304048Z","alert_count":12,"request_count":3,"received_data":32738,"sent_data":4498,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]}]},{"fqdn":"tj.16gift.com","ip":{"addr":"172.67.144.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2023-12-30","domain_rank":6031043,"first_seen":"2024-08-21T12:09:18Z","last_seen":"2026-05-31T15:02:19.890111Z","alert_count":2,"request_count":2,"received_data":2944,"sent_data":907,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"code.jquery.com","ip":{"addr":"151.101.129.155","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":4915,"first_seen":"2012-05-21T17:28:02Z","last_seen":"2026-05-31T23:27:05.834013Z","alert_count":0,"request_count":1,"received_data":96377,"sent_data":426,"comment":"","tags":null,"fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.129.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-05-31T22:42:17.707694Z","alert_count":0,"request_count":1,"received_data":8159,"sent_data":461,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"599cdn.com","ip":{"addr":"172.67.184.128","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-07-04","domain_rank":1852756,"first_seen":"2025-07-08T18:42:19.129448Z","last_seen":"2026-05-31T15:02:19.901064Z","alert_count":7,"request_count":7,"received_data":865366,"sent_data":3070,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"orange9.sjmwu.top/single.php","fqdn":"orange9.sjmwu.top","domain":"sjmwu.top","tld":"top"},"ip":{"addr":"104.21.32.235","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a05c078f75cc56d357fe48178ec7d692","sha1":"b84f68c46b2c95b884755f53c387c405ae555e22","sha256":"12dc0ebddc2b967e7740536a3a80648a41d2c44497edaaa5005e1e968556948c","sha512":"aa6286ead66a10c31f82708d733f23f0f1d366205e02d748df0a62fd82689aa723f71736e187ceb5569b6a74e53f5bd7a0f6ebefa9ddaf10adb2a2f3c97dad5c","ssdeep":"","tlshash":"52112068bc76004caaaa983a5f3f70643031203a9318c910b86df9405fb0ea49497ee8","size":1085,"data":"","first_seen":"2026-06-02T13:12:38.729226Z","last_seen":"2026-06-02T13:12:38.729226Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/canvas-confetti@1.3.2/dist/confetti.browser.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.129.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"19321373ea141f3fe019391b00e1b9cf","sha1":"bb9de280fc674aa40fe1646d0966ce111a7909aa","sha256":"a25e123d8fa3d9dbc39a54f47047df65ae99f1fc8a0d91b63e5782d008d64b8f","sha512":"c81c001bf748b74d53a26fd7328629cf43d5ede14c8ebb9efe4f56e774e528756a01157ae0cecc11101f841ec31f9815138a89ed3dd4022b60de8d239f82237a","ssdeep":"192:7oT0Nirnm+PtGadrWm9xK6gZdWyhr6Tw81cEBJcRYc:8wAnmsGS92ZdWyhr6TPuScRYc","tlshash":"d2e1a59df7513d1b1a13237aa85f910ea238752b160f4484a279d5a82dbc42c333ff79","size":7370,"data":"","first_seen":"2025-07-19T09:51:10.01292Z","last_seen":"2026-06-16T06:16:40.288401Z","times_seen":321,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-latest.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.129.155","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8101d596b2b8fa35fe3a634ea342d7c3","sha1":"d6c1f41972de07b09bfa63d2e50f9ab41ec372bd","sha256":"540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441","sha512":"9e1634eb02ab6acdfd95bf6544eefa278dfdec21f55e94522df2c949fb537a8dfeab6bcfecf69e6c82c7f53a87f864699ce85f0068ee60c56655339927eebcdb","ssdeep":"1536:/PEkjP+iADIOr/NEe876nmBu3HvF38sEeLHFoqqhJ7SerN5wVI+xcBmPv7E+nzm6:ENMyqhJvN32cBC7M6Whca98HrB","tlshash":"b293c8d9b6d27162977730b850bf510bb13a98eab80c4c60f1a4d8e47d78e89507bf2d","size":95786,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-06-17T15:33:34.964101Z","times_seen":52736,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"orange9.sjmwu.top/","fqdn":"orange9.sjmwu.top","domain":"sjmwu.top","tld":"top"},"ip":{"addr":"104.21.32.235","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d1d3cc7a7678a1a0c67b4fc3f67256a5","sha1":"bbd20a04eba0fecb2afd39b8b5913684a14c2983","sha256":"82a445567f46d9088fc436c596d3923990dbe4863c66d89526d545d439cc4ff6","sha512":"e76173d800db54f05a8bc00bd3425b3e81f5fd42dc5a6f61d0434eda05ba30a597a0f337729988a51c7d739de8ba38f3f5fcaf6ff13a315b96ebc3ad08698143","ssdeep":"","tlshash":"ee417c6f726219300bf7a56f576fa74425379243300cd86e396e87c08f9cc4582dae9a","size":1973,"data":"","first_seen":"2026-06-02T12:54:42.086879Z","last_seen":"2026-06-02T13:12:38.730218Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"orange9.sjmwu.top/","fqdn":"orange9.sjmwu.top","domain":"sjmwu.top","tld":"top"},"ip":{"addr":"104.21.32.235","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"22c778c184041942ea18116d5b279fe7","sha1":"062f65be952531f9c1009393d4c1feb9dd2882ad","sha256":"20987e79a3af85e51eb1cd367fecbe0af7bd907b731d3b62e0e1136123d8b1f6","sha512":"3ba2c03c7a9cd5c1b9069bdd1297ba26da315d616c65e7ce66fdf175b7da228a4e9c9b449a167f4cebf4b96bd308d7382d22e352015e3a033ed95d7ea0519455","ssdeep":"","tlshash":"10418e09f7975a4a003b70150faf9141aeb5202b6547ce143a9c0cc08fadedad1adfb9","size":2090,"data":"","first_seen":"2026-06-02T12:54:42.08772Z","last_seen":"2026-06-02T13:12:38.730751Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"orange9.sjmwu.top/","fqdn":"orange9.sjmwu.top","domain":"sjmwu.top","tld":"top"},"ip":{"addr":"104.21.32.235","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"6f577a14fc48c7f2624e1d44e8a284b7","sha1":"362011d784ac26de3a8336a71441a3336d63c584","sha256":"5a2d17988b544b311dd6f07b71df867fd329cd0314298a18191afe74f64e7323","sha512":"d6915ae59ab5860be046bae0a962dbaa58c5f579c086f57466fc8da72462d80e960f2bade4016b71799d9a6edfb9ff796303c23f7168a3559028e820619614db","ssdeep":"","tlshash":"4e41255a64f2036d062634a62e1b610c6a7ac267575fde0a3c0daac46fcc57b12b8fd4","size":2234,"data":"","first_seen":"2026-06-02T12:54:42.088977Z","last_seen":"2026-06-02T13:12:38.731248Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tj.16gift.com/js/script.js","fqdn":"tj.16gift.com","domain":"16gift.com","tld":"com"},"ip":{"addr":"172.67.144.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ad54ef311bf716c1df2941d454d8de96","sha1":"0db1fcc66060a969aa82fb9fae457b6e66d9933a","sha256":"965387ce9489d0167cf33444ab52d064bb3fab35e94b12082ff5eb00a34c070c","sha512":"bd12169fdf87e0ac39a4b3a87f947f2fafb9f524843e7c97fcffe91b756f2a49ca38778ac99d6f14a5f5989d0a33f502658c55b95c1fbd2a0a7025a605138abd","ssdeep":"","tlshash":"38215faba80276758c70e1a7a63f371235272669640894235000d6632824a8fc379ecd","size":1386,"data":"","first_seen":"2024-05-23T20:15:09Z","last_seen":"2026-06-17T14:43:01.416046Z","times_seen":1537,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"orange9.sjmwu.top/","fqdn":"orange9.sjmwu.top","domain":"sjmwu.top","tld":"top"},"ip":{"addr":"104.21.32.235","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"a6d7bd93b377d6579834c28f96a7ab18","sha1":"dc6c872daf51a2757f491fd480806882d8d948d9","sha256":"321d9f6be88814aef43cdd2a90df6dee9b6b0711da47b8a54a43a95febe3971f","sha512":"a734d93886667e00452ac6b788062afd190c96c0ee66a9cc37c28768c403424849111a47f7993a298b3ef40026a34c82ea23fb138fcb8452eb723110a27bae43","ssdeep":"","tlshash":"13e026cbb1011c27c963b03a9e6fb00810b786af620528507a008c9a8f3339d038ffcc","size":361,"data":"","first_seen":"2026-04-17T02:12:23.439173Z","last_seen":"2026-06-07T07:05:43.527521Z","times_seen":67,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"orange9.sjmwu.top/","fqdn":"orange9.sjmwu.top","domain":"sjmwu.top","tld":"top"},"ip":{"addr":"104.21.32.235","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"63387b6663cc68f5fa4f5a1fcb318d48","sha1":"6613540e81d8cca6f14c824d1152512c2876d4e2","sha256":"beb6e835ef5678218c121ea6774e018e5f88789a916d4da24e2fd1b0712a7f54","sha512":"2fe5fa8b2e1871ef99ee59b2a9cf90d4942cb72ac2840cb4f92216fdad65ddf00d2ddef9bc6e19df99b580d5d4bb7b270e010ed64d5377257e3088b7967a8f14","ssdeep":"","tlshash":"e0e0c20e778300425d9e252b0b1f22847656612b1903c80b3d9e0c58cfa9a699084eab","size":329,"data":"","first_seen":"2026-04-17T02:12:23.440488Z","last_seen":"2026-06-07T07:05:43.528327Z","times_seen":69,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"orange9.sjmwu.top/","fqdn":"orange9.sjmwu.top","domain":"sjmwu.top","tld":"top"},"ip":{"addr":"104.21.32.235","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"8effcc37b77edb6362647e887dbf26b1","sha1":"91543a56ff83a113d2d03f32e239914db2c27e18","sha256":"5b76e2725e262ddb94d35a4a85aaa6054c280aef9ff01f458b3fe6d0edf65048","sha512":"1eb683b5601c13ce9c2f81867d7d09d9907cb1d89ac68cb661ca5e848de5965848b862602a2b56433bc2197a4175233268ad085e686929cdaedf57268d710cc5","ssdeep":"","tlshash":"e870000cc000000300000030f000c00000003c0cc000000000330000c0000300030cf0","size":18,"data":"","first_seen":"2025-06-27T18:49:00.111184Z","last_seen":"2026-06-14T07:31:38.182726Z","times_seen":359,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"599cdn.com/2026/123123123.png","fqdn":"599cdn.com","domain":"599cdn.com","tld":"com"},"ip":{"addr":"172.67.184.128","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://orange9.sjmwu.top/","date":"2026-06-02T13:11:21.675Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"53116b70.sni.cloudflaressl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Apr 2026 18:40:39 GMT","end":"Fri, 24 Jul 2026 19:40:37 GMT"},"fingerprint":{"sha1":"FB:CB:84:81:31:E9:0B:3E:A3:AC:83:23:EA:D1:37:7E:34:C0:08:FA","sha256":"9C:30:16:A4:68:E5:CD:A9:4D:5F:D0:17:CC:48:FA:B6:61:08:A5:FD:98:9D:84:A9:B9:23:D1:EE:0E:4D:13:B5"}}},"request":{"raw":"GET /2026/123123123.png HTTP/1.1\r\nHost: 599cdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://orange9.sjmwu.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 02 Jun 2026 13:11:21 GMT\r\ncontent-type: image/png\r\ncontent-length: 303323\r\naccept-ranges: bytes\r\netag: \"2f6fa60c57881707fee9e22c1d3e91b2\"\r\nlast-modified: Mon, 25 May 2026 07:10:17 GMT\r\nserver: cloudflare\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KBrvEzY1WKG7cJvlS49Lr%2Fq2rTtYX%2Fu0oy6oldDXNM1u030UkS0gGUGAYypYSPtopAVWU64BGk%2BR1KqNQHj2mYCzUR9U3QgdCbV2XiUPxtR%2FNHJBKQG55LYjAWvX\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 4172\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: a056b418dcc556c9-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":303323,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 610 x 337, 8-bit/color RGB, non-interlaced","md5":"2f6fa60c57881707fee9e22c1d3e91b2","sha1":"5025a990d07db5ac2bb46a16b287bc29a00c488a","sha256":"1e6e67b1ea01a0eb310a22a24685e18e7477f38b7489e0612ad19562732ea329","sha512":"12acedda4fd50d7889738366dc83dacf0271a683411e6245ea9e291be937755de6d826446b3583743a0b430367421379eb7f072d78c29d817e182771c9102ac0","ssdeep":"6144:Py9AhuuGKNxuiKblJCnRnpyc4l9WpPEWddnTz7GIDLH4CpYY+v:PyafWlJcnpyR9uMW3vbY0YY+v","tlshash":"415422c024d2f85a530f49d38d845832be5aa12f5771287320825e9d1eafabd475bbf4","first_seen":"2026-06-02T12:54:42.077145Z","last_seen":"2026-06-02T13:12:38.721511Z","times_seen":3,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":58,"dns":0,"connect":0,"send":0,"wait":17,"receive":19,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"599cdn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"599cdn.com/cameroon/tx05.jpg","fqdn":"599cdn.com","domain":"599cdn.com","tld":"com"},"ip":{"addr":"172.67.184.128","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://orange9.sjmwu.top/","date":"2026-06-02T13:11:21.678Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"53116b70.sni.cloudflaressl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Apr 2026 18:40:39 GMT","end":"Fri, 24 Jul 2026 19:40:37 GMT"},"fingerprint":{"sha1":"FB:CB:84:81:31:E9:0B:3E:A3:AC:83:23:EA:D1:37:7E:34:C0:08:FA","sha256":"9C:30:16:A4:68:E5:CD:A9:4D:5F:D0:17:CC:48:FA:B6:61:08:A5:FD:98:9D:84:A9:B9:23:D1:EE:0E:4D:13:B5"}}},"request":{"raw":"GET /cameroon/tx05.jpg HTTP/1.1\r\nHost: 599cdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://orange9.sjmwu.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 02 Jun 2026 13:11:21 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 1688\r\naccept-ranges: bytes\r\netag: \"84e16603cf128e539308fad4c0f5b722\"\r\nlast-modified: Tue, 19 Aug 2025 11:32:19 GMT\r\nserver: cloudflare\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fBbleBgUvDRodsNyq8%2BngkZnKtUhc1XgUcKpLB0uGCUIOqmti2tniRbuCOFgkVqxIYhJB5aAjT5p3aUkeLJ38ZBSD%2BhZNnvRzKD6GD713HTM%2BHAqruHxm4O2RkWa\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 4243\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: a056b418cca756c9-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1688,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 64x64, components 3","md5":"84e16603cf128e539308fad4c0f5b722","sha1":"dfa6fd1a54ba783fa31ee01750bcfd5d94debf82","sha256":"a557c8cdcbf5df924471abf6c862597b54b1d867991896f7ca8c18d51f930786","sha512":"7aaa75151cbc5ccfd185a8740221dc383c7ce986fdc570513cd0a351087f4590740288b1c112429916cd93ad714b331cd55c4162ad387386ca0a24d5650eefc3","ssdeep":"","tlshash":"f831d8124ed20e23c8a3507314ef74eea9753d33a6c2a88ef9c40f1ce86c09c09e5b91","first_seen":"2026-06-02T12:54:42.078467Z","last_seen":"2026-06-12T09:12:12.788986Z","times_seen":5,"resource_available":false,"data":null}},"time_used":128,"timings":{"blocked":49,"dns":0,"connect":3,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"599cdn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"orange9.sjmwu.top/favicon.ico","fqdn":"orange9.sjmwu.top","domain":"sjmwu.top","tld":"top"},"ip":{"addr":"104.21.32.235","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://orange9.sjmwu.top/","date":"2026-06-02T13:11:22.070Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sjmwu.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 17:09:46 GMT","end":"Wed, 22 Jul 2026 18:08:18 GMT"},"fingerprint":{"sha1":"F7:44:EE:C2:5D:34:D3:DA:BB:53:C6:2A:45:0E:E2:D7:F5:A2:A2:FF","sha256":"AD:E7:95:3E:96:91:2F:1B:B3:03:58:73:F2:F0:51:AA:80:CA:C5:D9:7C:7C:8B:13:24:CD:A4:5D:5E:67:F8:CF"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: orange9.sjmwu.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://orange9.sjmwu.top/\r\nCookie: pics=%5B%22https%3A%5C%2F%5C%2F599cdn.com%5C%2Fcameroon%5C%2Ftx07.jpg%22%2C%22https%3A%5C%2F%5C%2F599cdn.com%5C%2Fcameroon%5C%2Ftx06.jpg%22%2C%22https%3A%5C%2F%5C%2F599cdn.com%5C%2Fcameroon%5C%2Ftx09.jpg%22%2C%22https%3A%5C%2F%5C%2F599cdn.com%5C%2Fcameroon%5C%2Ftx08.jpg%22%5D; comments=%5B%22Re%5Cu00e7u%20chez%20moi%20%5Cud83d%5Cudc4d%20SMS%20Orange%20%2B%20le%20compte%20a%20boug%5Cu00e9%20dans%20la%20foul%5Cu00e9e.%20Merci%20%5Cu00e0%20ceux%20qui%20ont%20partag%5Cu00e9%20le%20lien%20avant%22%2C%22J%27ai%20gal%5Cu00e9r%5Cu00e9%20pour%20finir%20le%20partage%20mdrr%20mais%20au%20final%20oui%20j%27ai%20bien%20re%5Cu00e7u%20les%2010%20000%20F%20CFA%20gratuits%20pour%20le%20Tabaski%2C%20histoire%20vraie%20%5Cud83d%5Cudc9a%22%2C%22Pareil%2C%20%5Cu00e7a%20a%20mis%20un%20petit%20moment%20chez%20moi%20%28genre%208%5Cu20139%20min%29%20puis%20j%27ai%20re%5Cu00e7u%20la%20notif%20%3A%20les%2010%20000%20F%20CFA%20gratuits%20de%20l%27A%5Cu00efd%20sont%20l%5Cu00e0%20%5Cud83d%5Cude0a%22%2C%22Franchement%20j%27y%20croyais%20pas%20trop%5Cu2026%20mais%20les%2010%20000%20F%20CFA%20GRATUITS%20du%20Tabaski%20sont%20bien%20tomb%5Cu00e9s%20sur%20mon%20Orange%20Money%2C%20j%27ai%20v%5Cu00e9rifi%5Cu00e9%20le%20solde%20tout%20de%20suite%20%5Cu2705%22%5D; names=%5B%22Moussa%20Ba%22%2C%22Aminata%20Tour%5Cu00e9%22%2C%22A%5Cu00efssata%20Kon%5Cu00e9%22%2C%22S%5Cu00e9kou%20Camara%22%2C%22Cheikh%20Fall%22%2C%22Mariama%20Ciss%5Cu00e9%22%2C%22Amadou%20Diallo%22%2C%22Fatou%20Sow%22%2C%22Kadiatou%20Diarra%22%2C%22Ousmane%20Ndiaye%22%2C%22Ibrahim%20Traor%5Cu00e9%22%5D; loclang=en\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Tue, 02 Jun 2026 13:11:22 GMT\r\ncontent-type: text/html\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gSqr5v5JagHjFxLlAh%2F8aWYvFq6fC5ZGKa7f9ejQdaIjZJW3s6sT5QeI9oE0Y3s1a7nelVzBYiJj9Pr5IDSz5r5E4oalE0w6M0%2BYmhIMHfThoVi0lVcf4%2F6%2BQuwEnv3GXzMphw%3D%3D\"}]}\r\npriority: u=6,i=?0\r\nage: 23\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a056b41ae957569a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-06-17T15:31:10.134202Z","times_seen":527843,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"orange9.sjmwu.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"orange9.sjmwu.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"orange9.sjmwu.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"orange9.sjmwu.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tj.16gift.com/js/script.js","fqdn":"tj.16gift.com","domain":"16gift.com","tld":"com"},"ip":{"addr":"172.67.144.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://orange9.sjmwu.top/","date":"2026-06-02T13:11:22.570Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"16gift.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 04 Apr 2026 23:28:44 GMT","end":"Sat, 04 Jul 2026 00:27:29 GMT"},"fingerprint":{"sha1":"DB:D1:2A:CB:5C:3B:B4:51:78:6A:DB:0A:F5:A4:5B:1F:37:80:37:68","sha256":"E3:F7:E8:E5:8D:76:13:96:50:03:75:B0:8A:D4:C0:FA:B3:83:6E:C0:9D:08:B7:5A:4F:A5:06:64:FC:08:2C:37"}}},"request":{"raw":"GET /js/script.js HTTP/1.1\r\nHost: tj.16gift.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://orange9.sjmwu.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 02 Jun 2026 13:11:22 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400, must-revalidate\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncontent-encoding: gzip\r\nage: 65792\r\nlast-modified: Mon, 01 Jun 2026 18:54:50 GMT\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Vf36EydqKQhE3ZgUbcTAoYqlWucsg0PChSQIgcMYj%2FF1bTQWVMXA8HUjizUz3wD948SqAaRrf%2Fl%2FgflPEHU8bsFzoIBC1hBgTQTNzrYMSAFqz9PH%2BnHqqUQL8KOfMtnT\"}]}\r\ncf-ray: a056b41fce095ebd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1386,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1386), with no line terminators","md5":"ad54ef311bf716c1df2941d454d8de96","sha1":"0db1fcc66060a969aa82fb9fae457b6e66d9933a","sha256":"965387ce9489d0167cf33444ab52d064bb3fab35e94b12082ff5eb00a34c070c","sha512":"bd12169fdf87e0ac39a4b3a87f947f2fafb9f524843e7c97fcffe91b756f2a49ca38778ac99d6f14a5f5989d0a33f502658c55b95c1fbd2a0a7025a605138abd","ssdeep":"","tlshash":"38215faba80276758c70e1a7a63f371235272669640894235000d6632824a8fc379ecd","first_seen":"2024-05-23T20:15:09Z","last_seen":"2026-06-17T14:43:01.416046Z","times_seen":1537,"resource_available":true,"data":null}},"time_used":580,"timings":{"blocked":281,"dns":1,"connect":1,"send":0,"wait":14,"receive":0,"ssl":280},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"tj.16gift.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"599cdn.com/cameroon/tx06.jpg","fqdn":"599cdn.com","domain":"599cdn.com","tld":"com"},"ip":{"addr":"172.67.184.128","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://orange9.sjmwu.top/","date":"2026-06-02T13:11:21.679Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"53116b70.sni.cloudflaressl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Apr 2026 18:40:39 GMT","end":"Fri, 24 Jul 2026 19:40:37 GMT"},"fingerprint":{"sha1":"FB:CB:84:81:31:E9:0B:3E:A3:AC:83:23:EA:D1:37:7E:34:C0:08:FA","sha256":"9C:30:16:A4:68:E5:CD:A9:4D:5F:D0:17:CC:48:FA:B6:61:08:A5:FD:98:9D:84:A9:B9:23:D1:EE:0E:4D:13:B5"}}},"request":{"raw":"GET /cameroon/tx06.jpg HTTP/1.1\r\nHost: 599cdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://orange9.sjmwu.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 02 Jun 2026 13:11:21 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 1924\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eQOg4gv%2BFtNCwwpgUgxXcoDzNFzRT50wQdmTio9dfMj0upyx6Gg0ZbYKsz8WzECbnviGs2ZcBlARg1fudTeCV8F3uPJRKMAPPNJHLKjvQanD1uH2FF9UL3frSMj3\"}]}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\naccept-ranges: bytes\r\netag: \"fb0b8cacdaa3c99784302f404c81c0f4\"\r\nlast-modified: Tue, 19 Aug 2025 11:32:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nage: 6360\r\ncache-control: max-age=14400\r\ncf-ray: a056b418dccb56c9-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1924,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 64x64, components 3","md5":"fb0b8cacdaa3c99784302f404c81c0f4","sha1":"3bf8aef5c9a213521b2adfb8df4c96057bf56c11","sha256":"4951a0b52d7a09708e18d7045340beb8061c16add710811ceb114b2b5a0454db","sha512":"55f23299e6aeb5d99746a586303f37b728a27d4bd7f9071116e74bb13af685e10d52e416852c5c99198b196fd723d046c01094c62924c150686183448181ad97","ssdeep":"","tlshash":"31411b8a67fa8853e04150b325b474e3a720fa43afd397d1226d4999b9583c11ac0f70","first_seen":"2026-06-02T12:54:42.079518Z","last_seen":"2026-06-12T09:12:12.789679Z","times_seen":5,"resource_available":false,"data":null}},"time_used":107,"timings":{"blocked":57,"dns":0,"connect":0,"send":0,"wait":50,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"599cdn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"599cdn.com/cameroon/tx07.jpg","fqdn":"599cdn.com","domain":"599cdn.com","tld":"com"},"ip":{"addr":"172.67.184.128","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://orange9.sjmwu.top/","date":"2026-06-02T13:11:21.680Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"53116b70.sni.cloudflaressl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Apr 2026 18:40:39 GMT","end":"Fri, 24 Jul 2026 19:40:37 GMT"},"fingerprint":{"sha1":"FB:CB:84:81:31:E9:0B:3E:A3:AC:83:23:EA:D1:37:7E:34:C0:08:FA","sha256":"9C:30:16:A4:68:E5:CD:A9:4D:5F:D0:17:CC:48:FA:B6:61:08:A5:FD:98:9D:84:A9:B9:23:D1:EE:0E:4D:13:B5"}}},"request":{"raw":"GET /cameroon/tx07.jpg HTTP/1.1\r\nHost: 599cdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://orange9.sjmwu.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 02 Jun 2026 13:11:21 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 1458\r\naccept-ranges: bytes\r\netag: \"624e0b111e67b7373b15aa7809e19534\"\r\nlast-modified: Tue, 19 Aug 2025 11:32:20 GMT\r\nserver: cloudflare\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wZLt2nq0XoCQrfoKot9Lq6Bmk3mpSKkJdZV%2BtlEuk8n%2FQWakDaVQWkyUykCTsmciFI3QOHaDlBIQXHdLTKfkuEGhyVMzAXh7sx8H8FDzkRcpTuIqmuj14EJp%2Bw80\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 3223\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: a056b418ccaa56c9-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1458,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 64x64, components 3","md5":"624e0b111e67b7373b15aa7809e19534","sha1":"cb34e44c439e8802d3a1e9880593864abc042b3b","sha256":"bb7c361a80b87766db753011da20884074e4ea5d13a5c2b10a0203d9b423c569","sha512":"efae734b8f4bf07c55ad5399e826cd4075458aaf067997c737a7300e28f96ffb072ce673a269858cc9a6d3f281c881c5478825f1cabd53b35debbed1a1ca2f18","ssdeep":"","tlshash":"4631c636e3890853ec63306309e653d22872b70bccca458826d41f24b9cd1e689983d1","first_seen":"2026-06-02T12:54:42.080346Z","last_seen":"2026-06-12T09:12:12.790271Z","times_seen":5,"resource_available":false,"data":null}},"time_used":64,"timings":{"blocked":46,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"599cdn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tj.16gift.com/api/event","fqdn":"tj.16gift.com","domain":"16gift.com","tld":"com"},"ip":{"addr":"172.67.144.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://orange9.sjmwu.top/","date":"2026-06-02T13:11:22.926Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"16gift.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 04 Apr 2026 23:28:44 GMT","end":"Sat, 04 Jul 2026 00:27:29 GMT"},"fingerprint":{"sha1":"DB:D1:2A:CB:5C:3B:B4:51:78:6A:DB:0A:F5:A4:5B:1F:37:80:37:68","sha256":"E3:F7:E8:E5:8D:76:13:96:50:03:75:B0:8A:D4:C0:FA:B3:83:6E:C0:9D:08:B7:5A:4F:A5:06:64:FC:08:2C:37"}}},"request":{"raw":"POST /api/event HTTP/1.1\r\nHost: tj.16gift.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain\r\nContent-Length: 74\r\nOrigin: https://orange9.sjmwu.top\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://orange9.sjmwu.top/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":74,"data":"{\"n\":\"pageview\",\"u\":\"https://orange9.sjmwu.top/\",\"d\":\"cm-orange\",\"r\":null}"}},"response":{"raw":"HTTP/2 202 Accepted\r\ndate: Tue, 02 Jun 2026 13:11:23 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 2\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: \r\ncache-control: max-age=0, private, must-revalidate\r\nx-request-id: GLVFt7v3UIBTLCEAVlRB\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YXB0SLmr%2FrZNF9yEnisrR3l2wIIwR1WkvZI7hI7570TSi25jkNKtufKFkKN3hJHE%2FD9mc4E1rVcsWiN9UNtRMJnLywBn6hKkQA5Zc9ycJQ2UMqFIGsQUgiQsNTWe4fGf\"}]}\r\ncf-ray: a056b42079f9b51e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"202","status_text":"Accepted","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"444bcb3a3fcf8389296c49467f27e1d6","sha1":"7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb","sha256":"2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df","sha512":"9fbbbb5a0f329f9782e2356fa41d89cf9b3694327c1a934d6af2a9df2d7f936ce83717fb513196a4ce5548471708cd7134c2ae99b3c357bcabb2eafc7b9b7570","ssdeep":"","tlshash":"c710000000000000300000000000000000000000000000000000000000000c0000c000","first_seen":"2023-03-08T02:32:37Z","last_seen":"2026-06-17T15:30:35.416662Z","times_seen":426562,"resource_available":true,"data":null}},"time_used":363,"timings":{"blocked":32,"dns":1,"connect":1,"send":0,"wait":298,"receive":0,"ssl":27},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"tj.16gift.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"599cdn.com/cameroon/tx08.jpg","fqdn":"599cdn.com","domain":"599cdn.com","tld":"com"},"ip":{"addr":"172.67.184.128","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://orange9.sjmwu.top/","date":"2026-06-02T13:11:21.682Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"53116b70.sni.cloudflaressl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Apr 2026 18:40:39 GMT","end":"Fri, 24 Jul 2026 19:40:37 GMT"},"fingerprint":{"sha1":"FB:CB:84:81:31:E9:0B:3E:A3:AC:83:23:EA:D1:37:7E:34:C0:08:FA","sha256":"9C:30:16:A4:68:E5:CD:A9:4D:5F:D0:17:CC:48:FA:B6:61:08:A5:FD:98:9D:84:A9:B9:23:D1:EE:0E:4D:13:B5"}}},"request":{"raw":"GET /cameroon/tx08.jpg HTTP/1.1\r\nHost: 599cdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://orange9.sjmwu.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 02 Jun 2026 13:11:21 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 1862\r\naccept-ranges: bytes\r\netag: \"8d8ad2a5b502ee384908fe11fdcb6278\"\r\nlast-modified: Tue, 19 Aug 2025 11:32:21 GMT\r\nserver: cloudflare\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dhP95Xs%2FstqMEjUXNkcYe%2BpTd%2FClJw1i02aHSdPCu%2BYMcIeL0OruJoMuxCCz8jsG1nw2NAd4v9I%2BLboQt3yoiNT0THA65N12CMNVs5hy79d%2BjgsDCQfs7qzSEOKa\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 23\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: a056b418ccad56c9-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1862,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 64x64, components 3","md5":"8d8ad2a5b502ee384908fe11fdcb6278","sha1":"c0cad5455a22ab7658da708809a1f99892e735fb","sha256":"278a5e06d6837641a66ae53d869c1f763408bb5151e56e5792e46266db5778fe","sha512":"a5fb51d00519daca5648cf95a5c06e1afc1d5860205975593c9fbc144cdd7c6848cdbd93687b2ddcd1ed9e5f5cece107ee5d4f37f23d98c70b2b85b61a02f23e","ssdeep":"","tlshash":"c431f7ae2b37a823fc8112711af335795189bd6fe2c3034b20480e81a5441c79fa06b4","first_seen":"2026-06-02T12:54:42.072608Z","last_seen":"2026-06-12T09:12:12.795537Z","times_seen":5,"resource_available":false,"data":null}},"time_used":64,"timings":{"blocked":45,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"599cdn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-latest.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.129.155","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://orange9.sjmwu.top/","date":"2026-06-02T13:11:21.685Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 20 May 2026 00:00:00 GMT","end":"Fri, 04 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"DE:F8:0F:C4:8F:BC:F5:01:B1:66:91:CC:15:DC:D8:6E:5D:2F:45:4E","sha256":"05:8E:2E:14:85:E2:41:28:F5:18:A4:37:49:31:2B:0E:24:53:64:3F:02:15:BE:63:EF:F4:B8:53:5A:8B:6D:29"}}},"request":{"raw":"GET /jquery-latest.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://orange9.sjmwu.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-1762a\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Tue, 02 Jun 2026 13:11:21 GMT\r\nage: 1213293\r\nx-served-by: cache-lga21983-LGA, cache-hel1410024-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 55, 25280\r\nx-timer: S1780405882.773153,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 33202\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":95786,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (32086)","md5":"8101d596b2b8fa35fe3a634ea342d7c3","sha1":"d6c1f41972de07b09bfa63d2e50f9ab41ec372bd","sha256":"540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441","sha512":"9e1634eb02ab6acdfd95bf6544eefa278dfdec21f55e94522df2c949fb537a8dfeab6bcfecf69e6c82c7f53a87f864699ce85f0068ee60c56655339927eebcdb","ssdeep":"1536:/PEkjP+iADIOr/NEe876nmBu3HvF38sEeLHFoqqhJ7SerN5wVI+xcBmPv7E+nzm6:ENMyqhJvN32cBC7M6Whca98HrB","tlshash":"b293c8d9b6d27162977730b850bf510bb13a98eab80c4c60f1a4d8e47d78e89507bf2d","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-06-17T15:33:34.964101Z","times_seen":52736,"resource_available":true,"data":null}},"time_used":122,"timings":{"blocked":-1,"dns":2,"connect":31,"send":0,"wait":31,"receive":8,"ssl":47},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"orange9.sjmwu.top/","fqdn":"orange9.sjmwu.top","domain":"sjmwu.top","tld":"top"},"ip":{"addr":"104.21.32.235","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-02T13:11:21.305Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sjmwu.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 17:09:46 GMT","end":"Wed, 22 Jul 2026 18:08:18 GMT"},"fingerprint":{"sha1":"F7:44:EE:C2:5D:34:D3:DA:BB:53:C6:2A:45:0E:E2:D7:F5:A2:A2:FF","sha256":"AD:E7:95:3E:96:91:2F:1B:B3:03:58:73:F2:F0:51:AA:80:CA:C5:D9:7C:7C:8B:13:24:CD:A4:5D:5E:67:F8:CF"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: orange9.sjmwu.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 02 Jun 2026 13:11:21 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nset-cookie: pics=%5B%22https%3A%5C%2F%5C%2F599cdn.com%5C%2Fcameroon%5C%2Ftx07.jpg%22%2C%22https%3A%5C%2F%5C%2F599cdn.com%5C%2Fcameroon%5C%2Ftx06.jpg%22%2C%22https%3A%5C%2F%5C%2F599cdn.com%5C%2Fcameroon%5C%2Ftx09.jpg%22%2C%22https%3A%5C%2F%5C%2F599cdn.com%5C%2Fcameroon%5C%2Ftx08.jpg%22%5D; expires=Tue, 02-Jun-2026 14:11:21 GMT; Max-Age=3600\ncomments=%5B%22Re%5Cu00e7u%20chez%20moi%20%5Cud83d%5Cudc4d%20SMS%20Orange%20%2B%20le%20compte%20a%20boug%5Cu00e9%20dans%20la%20foul%5Cu00e9e.%20Merci%20%5Cu00e0%20ceux%20qui%20ont%20partag%5Cu00e9%20le%20lien%20avant%22%2C%22J%27ai%20gal%5Cu00e9r%5Cu00e9%20pour%20finir%20le%20partage%20mdrr%20mais%20au%20final%20oui%20j%27ai%20bien%20re%5Cu00e7u%20les%2010%20000%20F%20CFA%20gratuits%20pour%20le%20Tabaski%2C%20histoire%20vraie%20%5Cud83d%5Cudc9a%22%2C%22Pareil%2C%20%5Cu00e7a%20a%20mis%20un%20petit%20moment%20chez%20moi%20%28genre%208%5Cu20139%20min%29%20puis%20j%27ai%20re%5Cu00e7u%20la%20notif%20%3A%20les%2010%20000%20F%20CFA%20gratuits%20de%20l%27A%5Cu00efd%20sont%20l%5Cu00e0%20%5Cud83d%5Cude0a%22%2C%22Franchement%20j%27y%20croyais%20pas%20trop%5Cu2026%20mais%20les%2010%20000%20F%20CFA%20GRATUITS%20du%20Tabaski%20sont%20bien%20tomb%5Cu00e9s%20sur%20mon%20Orange%20Money%2C%20j%27ai%20v%5Cu00e9rifi%5Cu00e9%20le%20solde%20tout%20de%20suite%20%5Cu2705%22%5D; expires=Tue, 02-Jun-2026 14:11:21 GMT; Max-Age=3600\nnames=%5B%22Moussa%20Ba%22%2C%22Aminata%20Tour%5Cu00e9%22%2C%22A%5Cu00efssata%20Kon%5Cu00e9%22%2C%22S%5Cu00e9kou%20Camara%22%2C%22Cheikh%20Fall%22%2C%22Mariama%20Ciss%5Cu00e9%22%2C%22Amadou%20Diallo%22%2C%22Fatou%20Sow%22%2C%22Kadiatou%20Diarra%22%2C%22Ousmane%20Ndiaye%22%2C%22Ibrahim%20Traor%5Cu00e9%22%5D; expires=Tue, 02-Jun-2026 14:11:21 GMT; Max-Age=3600\nloclang=en; expires=Fri, 05-Jun-2026 13:11:21 GMT; Max-Age=259200; path=/\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UavdZFXIPcvrs64EbkFQCnlPZKgT2srs5XXuzCnSMWusHBtWHQ0WZOcx0QDO3Eh0eN4mDpEuUyoeOVCw8iA3Z5Zqxw7rvrLmQJhMfvIE5ykxU4TpZl%2FE9izqmujiCCnYZDb2Gg%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: a056b4163ae08deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27871,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (3385)","md5":"bd4b2b70fe1e844d48891f4bf65bb305","sha1":"7322c164d0f990097de6385911268ca7bd3f1e0a","sha256":"efc18dc679aef5dcdac7c2ce38616f21a17450a26388a2f24df498358e802e18","sha512":"abbe2e93457bbbba390731ba9485d08747fe65b3338025290d850e7aa36800a2fccba8e92d1cffae2e95b579dcc700fa7bcf4c9fef9a01af08c633c66649ef6e","ssdeep":"384:8+ht3b2+SLeeGikw2k50rx0jyJXHxszUBRzoaIgU58Zu4Woa2JVZMmEF:8+t3HsjGlVk50F0jyJXH+gXoaG74Wvm+","tlshash":"f3c2b557a6d2102711b7a0e12eab630966b58107f647cc797eac42d0cfcddd262eb728","first_seen":"2026-06-02T12:54:42.075684Z","last_seen":"2026-06-02T13:12:38.727031Z","times_seen":3,"resource_available":true,"data":null}},"time_used":127,"timings":{"blocked":20,"dns":1,"connect":1,"send":0,"wait":86,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"orange9.sjmwu.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"orange9.sjmwu.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"orange9.sjmwu.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"orange9.sjmwu.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/canvas-confetti@1.3.2/dist/confetti.browser.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.129.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://orange9.sjmwu.top/","date":"2026-06-02T13:11:21.674Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2026 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 20 May 2026 15:48:47 GMT","end":"Sat, 05 Dec 2026 14:48:47 GMT"},"fingerprint":{"sha1":"D4:05:C2:EC:C7:EE:2B:D0:08:68:0D:3D:33:77:48:78:43:E7:D1:E1","sha256":"ED:84:90:EE:71:BC:6B:5E:B3:D2:50:B0:23:3A:06:0D:E0:50:C6:B6:A9:09:36:E6:CE:FE:E8:66:89:EB:4E:C5"}}},"request":{"raw":"GET /npm/canvas-confetti@1.3.2/dist/confetti.browser.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://orange9.sjmwu.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 1.3.2\r\nx-jsd-version-type: version\r\netag: W/\"1cca-u53igPxnSqQP4WRtCWbOERp5Cao\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Tue, 02 Jun 2026 13:11:21 GMT\r\nage: 634020\r\nx-served-by: cache-fra-eddf8230134-FRA, cache-hel1410033-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 3156\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7370,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (7022)","md5":"19321373ea141f3fe019391b00e1b9cf","sha1":"bb9de280fc674aa40fe1646d0966ce111a7909aa","sha256":"a25e123d8fa3d9dbc39a54f47047df65ae99f1fc8a0d91b63e5782d008d64b8f","sha512":"c81c001bf748b74d53a26fd7328629cf43d5ede14c8ebb9efe4f56e774e528756a01157ae0cecc11101f841ec31f9815138a89ed3dd4022b60de8d239f82237a","ssdeep":"192:7oT0Nirnm+PtGadrWm9xK6gZdWyhr6Tw81cEBJcRYc:8wAnmsGS92ZdWyhr6TPuScRYc","tlshash":"d2e1a59df7513d1b1a13237aa85f910ea238752b160f4484a279d5a82dbc42c333ff79","first_seen":"2025-07-19T09:51:10.01292Z","last_seen":"2026-06-16T06:16:40.288401Z","times_seen":321,"resource_available":true,"data":null}},"time_used":177,"timings":{"blocked":70,"dns":1,"connect":21,"send":0,"wait":27,"receive":1,"ssl":48},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"599cdn.com/2026/3333.png","fqdn":"599cdn.com","domain":"599cdn.com","tld":"com"},"ip":{"addr":"172.67.184.128","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://orange9.sjmwu.top/","date":"2026-06-02T13:11:21.676Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"53116b70.sni.cloudflaressl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Apr 2026 18:40:39 GMT","end":"Fri, 24 Jul 2026 19:40:37 GMT"},"fingerprint":{"sha1":"FB:CB:84:81:31:E9:0B:3E:A3:AC:83:23:EA:D1:37:7E:34:C0:08:FA","sha256":"9C:30:16:A4:68:E5:CD:A9:4D:5F:D0:17:CC:48:FA:B6:61:08:A5:FD:98:9D:84:A9:B9:23:D1:EE:0E:4D:13:B5"}}},"request":{"raw":"GET /2026/3333.png HTTP/1.1\r\nHost: 599cdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://orange9.sjmwu.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 02 Jun 2026 13:11:21 GMT\r\ncontent-type: image/png\r\ncontent-length: 548865\r\naccept-ranges: bytes\r\netag: \"7a21381381ae4de3175e3777a6048d7a\"\r\nlast-modified: Wed, 29 Apr 2026 16:07:56 GMT\r\nserver: cloudflare\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BNCaSzTpwMMZ9sQJgvlJRBAp%2BX8G6h%2Fix4fZ3%2FpzI0RumzGkTi3o4HcBDbQ%2FKM8tKoH%2F1Jc69r7G35c0zMTEusQfrPOqia%2FtWQkYxEMKWGA6YipQpck1wVZPv1F5\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 1597\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: a056b418dcc356c9-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":548865,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1473 x 856, 8-bit colormap, non-interlaced","md5":"7a21381381ae4de3175e3777a6048d7a","sha1":"382da62ab46f64f2d2a7699e3b9fca146ea1f076","sha256":"b5be92ae31d49b3d711c8ddd20363a6c9ce638d2ac1763ee5a15071d2c315f13","sha512":"84680bec378687358ac5173e32b2643136dcd2e10e63707440f507827a40c49d8b287e70282c10b2ebd5ffa2d3088ad8461fda3b1998cf533d4a74dc3db0d1e4","ssdeep":"12288:OysCxpg4B8/GfgW2eWYjX02LK9UvGxRFsENWL+Tuv8p:OMgr/cgP40zasRFr8L+TNp","tlshash":"63c43370f7ac0da64f4767ac387109213ecdb6fa16bd3d4b1a3a346d590d488681d6cb","first_seen":"2026-06-02T12:54:42.071647Z","last_seen":"2026-06-02T13:12:38.728058Z","times_seen":3,"resource_available":false,"data":null}},"time_used":110,"timings":{"blocked":57,"dns":0,"connect":0,"send":0,"wait":14,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"599cdn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"599cdn.com/cameroon/tx09.jpg","fqdn":"599cdn.com","domain":"599cdn.com","tld":"com"},"ip":{"addr":"172.67.184.128","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://orange9.sjmwu.top/","date":"2026-06-02T13:11:21.684Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"53116b70.sni.cloudflaressl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Apr 2026 18:40:39 GMT","end":"Fri, 24 Jul 2026 19:40:37 GMT"},"fingerprint":{"sha1":"FB:CB:84:81:31:E9:0B:3E:A3:AC:83:23:EA:D1:37:7E:34:C0:08:FA","sha256":"9C:30:16:A4:68:E5:CD:A9:4D:5F:D0:17:CC:48:FA:B6:61:08:A5:FD:98:9D:84:A9:B9:23:D1:EE:0E:4D:13:B5"}}},"request":{"raw":"GET /cameroon/tx09.jpg HTTP/1.1\r\nHost: 599cdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://orange9.sjmwu.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 02 Jun 2026 13:11:21 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 1578\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LudKlTlv9JFw7zuuw%2Friik%2BNR3LpMxYUHNWQQ8FZLolT2z%2FQNqu0q6w0kwRSPLWdWzbJIWEBhWy2dUIdwl%2BmIoMRdGSpuvzCltVwl%2FCznLHR6koKg5DgMDEYUKmO\"}]}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\naccept-ranges: bytes\r\netag: \"2465ea8a1a4ab915cde8a4739a05fe02\"\r\nlast-modified: Tue, 19 Aug 2025 11:32:21 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nage: 3837\r\ncache-control: max-age=14400\r\ncf-ray: a056b418ccb456c9-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1578,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 64x64, components 3","md5":"2465ea8a1a4ab915cde8a4739a05fe02","sha1":"7d6179d6e7d9f0ec8af04e5fd9ae51f13bbdcb91","sha256":"6cf82b95bc461b69bca7da60cf4306b84b96f0f8f8ce1b907da5e295605ff11e","sha512":"69416606ad47f3861a030f863d67ed5d57ce6d66281819af39de017f52fdbbbda61981c523d3a25be7dd73d4e90e165c45f77d1f2f2bfda4a5e0498e7d115ea5","ssdeep":"","tlshash":"9a318654d7d91803ead64030b175b528ba68be86a8d3824a669d6e784f5c14007b8578","first_seen":"2026-06-02T12:54:42.073584Z","last_seen":"2026-06-12T09:12:12.79127Z","times_seen":5,"resource_available":false,"data":null}},"time_used":60,"timings":{"blocked":43,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"599cdn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"orange9.sjmwu.top/single.php","fqdn":"orange9.sjmwu.top","domain":"sjmwu.top","tld":"top"},"ip":{"addr":"104.21.32.235","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://orange9.sjmwu.top/","date":"2026-06-02T13:11:21.686Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sjmwu.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 17:09:46 GMT","end":"Wed, 22 Jul 2026 18:08:18 GMT"},"fingerprint":{"sha1":"F7:44:EE:C2:5D:34:D3:DA:BB:53:C6:2A:45:0E:E2:D7:F5:A2:A2:FF","sha256":"AD:E7:95:3E:96:91:2F:1B:B3:03:58:73:F2:F0:51:AA:80:CA:C5:D9:7C:7C:8B:13:24:CD:A4:5D:5E:67:F8:CF"}}},"request":{"raw":"GET /single.php HTTP/1.1\r\nHost: orange9.sjmwu.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://orange9.sjmwu.top/\r\nCookie: pics=%5B%22https%3A%5C%2F%5C%2F599cdn.com%5C%2Fcameroon%5C%2Ftx07.jpg%22%2C%22https%3A%5C%2F%5C%2F599cdn.com%5C%2Fcameroon%5C%2Ftx06.jpg%22%2C%22https%3A%5C%2F%5C%2F599cdn.com%5C%2Fcameroon%5C%2Ftx09.jpg%22%2C%22https%3A%5C%2F%5C%2F599cdn.com%5C%2Fcameroon%5C%2Ftx08.jpg%22%5D; comments=%5B%22Re%5Cu00e7u%20chez%20moi%20%5Cud83d%5Cudc4d%20SMS%20Orange%20%2B%20le%20compte%20a%20boug%5Cu00e9%20dans%20la%20foul%5Cu00e9e.%20Merci%20%5Cu00e0%20ceux%20qui%20ont%20partag%5Cu00e9%20le%20lien%20avant%22%2C%22J%27ai%20gal%5Cu00e9r%5Cu00e9%20pour%20finir%20le%20partage%20mdrr%20mais%20au%20final%20oui%20j%27ai%20bien%20re%5Cu00e7u%20les%2010%20000%20F%20CFA%20gratuits%20pour%20le%20Tabaski%2C%20histoire%20vraie%20%5Cud83d%5Cudc9a%22%2C%22Pareil%2C%20%5Cu00e7a%20a%20mis%20un%20petit%20moment%20chez%20moi%20%28genre%208%5Cu20139%20min%29%20puis%20j%27ai%20re%5Cu00e7u%20la%20notif%20%3A%20les%2010%20000%20F%20CFA%20gratuits%20de%20l%27A%5Cu00efd%20sont%20l%5Cu00e0%20%5Cud83d%5Cude0a%22%2C%22Franchement%20j%27y%20croyais%20pas%20trop%5Cu2026%20mais%20les%2010%20000%20F%20CFA%20GRATUITS%20du%20Tabaski%20sont%20bien%20tomb%5Cu00e9s%20sur%20mon%20Orange%20Money%2C%20j%27ai%20v%5Cu00e9rifi%5Cu00e9%20le%20solde%20tout%20de%20suite%20%5Cu2705%22%5D; names=%5B%22Moussa%20Ba%22%2C%22Aminata%20Tour%5Cu00e9%22%2C%22A%5Cu00efssata%20Kon%5Cu00e9%22%2C%22S%5Cu00e9kou%20Camara%22%2C%22Cheikh%20Fall%22%2C%22Mariama%20Ciss%5Cu00e9%22%2C%22Amadou%20Diallo%22%2C%22Fatou%20Sow%22%2C%22Kadiatou%20Diarra%22%2C%22Ousmane%20Ndiaye%22%2C%22Ibrahim%20Traor%5Cu00e9%22%5D; loclang=en\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 02 Jun 2026 13:11:21 GMT\r\ncontent-type: text/javascript;charset=utf-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cNeyyXmCgJ8i95MdU2nyDKjVHaUUngSu4Zv7L0IDc1XdaBEgPgp6ogFiVygdF0dBwOY8jh2lFvCdmjxL8OjOfONRjgcdEzF0WGyOMysx7Ug16ULpWrl9WKp0LG80qmPWo3%2F0Jw%3D%3D\"}]}\r\ncf-ray: a056b418793c569a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1085,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"a05c078f75cc56d357fe48178ec7d692","sha1":"b84f68c46b2c95b884755f53c387c405ae555e22","sha256":"12dc0ebddc2b967e7740536a3a80648a41d2c44497edaaa5005e1e968556948c","sha512":"aa6286ead66a10c31f82708d733f23f0f1d366205e02d748df0a62fd82689aa723f71736e187ceb5569b6a74e53f5bd7a0f6ebefa9ddaf10adb2a2f3c97dad5c","ssdeep":"","tlshash":"52112068bc76004caaaa983a5f3f70643031203a9318c910b86df9405fb0ea49497ee8","first_seen":"2026-06-02T13:12:38.729226Z","last_seen":"2026-06-02T13:12:38.729226Z","times_seen":1,"resource_available":true,"data":null}},"time_used":58,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":58,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"orange9.sjmwu.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"orange9.sjmwu.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"orange9.sjmwu.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"orange9.sjmwu.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}