{"report_id":"a93b99db-0b7d-4cd0-a09f-46ecc229e858","version":6,"status":"done","tags":[],"date":"2026-04-27T08:38:52Z","url":{"schema":"https","addr":"trip74.xyz/","fqdn":"trip74.xyz","domain":"trip74.xyz","tld":"xyz"},"ip":{"addr":"104.21.22.74","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"trip74.xyz/","fqdn":"trip74.xyz","domain":"trip74.xyz","tld":"xyz"},"title":"Трипскан — путешествия, отдых и удобный доступ к сервису онлайн","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"trip74.xyz/","fqdn":"trip74.xyz","domain":"trip74.xyz","tld":"xyz"},"ip":{"addr":"104.21.22.74","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-01T08:38:52Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"user_akbkyowd9geqr98","sensor_type":"yara","title":"Private YARA rules","description":"Private YARA rules","scan_date":"2026-04-27","alert":"Hunting_JS_WebAssembly","trigger":"trip74.xyz/static/js/public/5.22.11/main.js?q=da21bb70fdf4","verdict":"audit","severity":"audit","comment":"","link":"","meta":{"description":"Looking for manual construction of JS wasmCode used in exploits","rule":"Hunting_JS_WebAssembly"},"detection_meta":{"user_id":"akbkyowd9geqr98","detection_id":"01K9VTTZ58QH7V4PSKSDDP3N4H","visibility":"private"}}],"urlquery":null},"summary":[{"fqdn":"trip74.xyz","ip":{"addr":"104.21.22.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-04-21","domain_rank":0,"first_seen":"2026-04-27T08:11:33.187784Z","last_seen":"2026-04-27T08:11:33.187784Z","alert_count":1,"request_count":9,"received_data":2415823,"sent_data":8751,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"trip74.xyz/","fqdn":"trip74.xyz","domain":"trip74.xyz","tld":"xyz"},"ip":{"addr":"104.21.22.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"cb102bf19caf8a02d9aeb64a0524f76b","sha1":"98f991fbc5e3f929204f0035d7aeb7cea03ab42a","sha256":"6eada63994cc0a8ca4434165cea48c3912fc09f18d40dde689477631b541fa75","sha512":"442a4d1e823a5c523b1bf413e1511b8178fe9dd9787de6aa095ea21d2de2ee5fee143a155afd079454932d65eedfa1edfa0ea041f60d51273b81ff5f162b8b0e","ssdeep":"192:koqEN776Bn/HnHPgHoKlys/6+EUdasmdEvE+XZe:BJ/WIo9s/jEC7m+s","tlshash":"4c42dcc10389477df2d80ec59c2f245a20f2b55a7d290259bfb399e7bc36dc4907aa36","size":12296,"data":"","first_seen":"2026-04-27T08:11:37.629044Z","last_seen":"2026-04-27T08:38:53.905017Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trip74.xyz/","fqdn":"trip74.xyz","domain":"trip74.xyz","tld":"xyz"},"ip":{"addr":"104.21.22.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"a38f227fdf337be1e333c12043f554f5","sha1":"a82d786ea87c3ef25578b2fc52eb83946bab070e","sha256":"9314d6900fad529a2ea196f85b47e46555d2f8d5b4d293a868b63d8044199947","sha512":"b0f6aa4c03a69cdc9b7a5ba34a06652611d8a39d6682809b8aaecd8175a519949c4ac4c58cb7b132f65d86e5d07bb8a25367059416170fa3fa9d87cc8441269c","ssdeep":"","tlshash":"cc11e214b65625dcbb8a087108f55dec527c5f81b482da888d4184a5b890a49ea9f85b","size":1020,"data":"","first_seen":"2026-04-27T08:38:53.90772Z","last_seen":"2026-04-27T08:38:53.90772Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trip74.xyz/?__vs=eyJ2IjoxLCJ0cyI6MTc3NzI3OTExMSwibGFuZGluZ191cmwiOiJodHRwczovL3RyaXA3NC54eXovIiwibGFuZGluZ19wYXRoIjoiLyIsImZpcnN0X3JlZmVycmVyX3VybCI6bnVsbCwiZmlyc3RfcmVmZXJyZXJfaG9zdCI6bnVsbCwiZmlyc3Rfc291cmNlIjoiZGlyZWN0IiwiZmlyc3Rfc291cmNlX25hbWUiOiJEaXJlY3QiLCJ1dG1fc291cmNlIjpudWxsLCJ1dG1fbWVkaXVtIjpudWxsLCJ1dG1fY2FtcGFpZ24iOm51bGwsInV0bV90ZXJtIjpudWxsLCJ1dG1fY29udGVudCI6bnVsbH0.844ff6e5fa4e7b9640d731121c6a00e8d5c46d42c4732e8428e395fd52491d34","fqdn":"trip74.xyz","domain":"trip74.xyz","tld":"xyz"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":true,"md5":"3811875ec11a70e6a760c8853718cb60","sha1":"3d1cdb0900ea5f706268dc242f9556fc886a3c8f","sha256":"41280af9159acd6294da902085fb8f400af1622be77bee8d9b6299dc7c9e00a2","sha512":"fd7c61ee68c56c0705a2be4982586ad7f37f796ef0ec0d630b7aec63a74d3578bdf97e83e11700057c73d0e765969305cbf4afbd20f3bc73c4d2ffcfab238c2b","ssdeep":"","tlshash":"2db01201270385b100e1c06c0b327f08e727002f39d0800077adc10f3f299c34503388","size":104,"data":"","first_seen":"2026-04-27T08:11:37.633344Z","last_seen":"2026-04-27T08:38:53.910668Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trip74.xyz/static/js/public/5.22.11/utils.js?q=8c6c8bee448f","fqdn":"trip74.xyz","domain":"trip74.xyz","tld":"xyz"},"ip":{"addr":"104.21.22.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f250e54381e343562904102bf4578b54","sha1":"7b47dccc34755e3ae2d5552e781862c07e50c850","sha256":"3584a79d356c4ee11359a75e4ef6d0260696ff09fb6388c2430b9050bc5a9b2e","sha512":"2bddf7020164b67fd60d9e9a9d1ba24bd5bc28d619ee4c0e33a4534f39c5d6706d5976a927d0ee90fa36b16dbfeade532bfb67368e0b2170f5f83852b387cc45","ssdeep":"96:O73exgybeJkA71ERsvyf0jCkVabvtrgYIwCoYajL0:HCJVERw5jfabvFgoCfajQ","tlshash":"e081618876527b6147e320eda4ab7324b2340400354d91d2f26c68967d7791fa7b7f8e","size":4128,"data":"","first_seen":"2026-03-27T23:41:47.222691Z","last_seen":"2026-04-27T08:38:53.884885Z","times_seen":27,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trip74.xyz/","fqdn":"trip74.xyz","domain":"trip74.xyz","tld":"xyz"},"ip":{"addr":"104.21.22.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"a40bd6939a459612103acd94b7151b42","sha1":"6908807bd89a264c6c6883c8a1c1970e7e6daaaf","sha256":"45f4c851c54d5008dd113c29914d36e488d878e796def427fd2bb328e223419e","sha512":"d6d56d8ffb085dcaafedd1b7514a899b8f7faec4cdbe5157adc3261c2e97761bcc86bec51ed530b525cc7b7b2b49da3ca0dcedf7468375f65245d0599e355b2a","ssdeep":"","tlshash":"341104753b295538c6c54087317ee7a83d3250657e02a144c36ccc245d18d8314dfcbe","size":902,"data":"","first_seen":"2026-04-27T08:38:53.913045Z","last_seen":"2026-04-27T08:38:53.913045Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trip74.xyz/static/js/fp-3.4.2.min.js","fqdn":"trip74.xyz","domain":"trip74.xyz","tld":"xyz"},"ip":{"addr":"104.21.22.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"99d326acfb19c84f2697d2ff491c50e0","sha1":"f0420dc5b23c1b8315d2a1f76b436a0b397b6090","sha256":"8abc09e14f2f21c8a02036ccf749fe9580b492a9621bdebd8caf09f435a0926c","sha512":"1082ce2fe2963f287ec3274665e1278e263a515225fdc6b2557a16da80644b7139c2679a19df2b2905e0f822cccdfa89bde626a9a7c80374aee1872d526d68d1","ssdeep":"","tlshash":"391125dd7fe8f4e613b628b0c45f568ed333168859e91882e0d4e58014b141d9217e9d","size":1000,"data":"","first_seen":"2026-04-27T08:38:53.915839Z","last_seen":"2026-04-27T08:38:53.915839Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"52eacadccf13a67dc8eabc9ee2f9a5ff","sha1":"d591e9a65c4901a54bc9b101ddf829d163be52c8","sha256":"7f774b8dfedba4c2fd628e6257c7f18a4885bb73b5794a37e74c7a98e79eeeb7","sha512":"90d0580eb46d11848aaa8ad039502857c48869abd56c5bb93c5edea4de09931ae472b216465d294644f539c10ff6935979fb9bfddd6dbb95807d433d18b65602","ssdeep":"","tlshash":"59d023551975c43856990196107ad3e82a6020947f21730582eccc2b7f11dd35cf195c","size":217,"data":"","first_seen":"2026-04-27T08:38:53.918755Z","last_seen":"2026-04-27T08:38:53.918755Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"trip74.xyz/static/js/fp-3.4.2.min.js","fqdn":"trip74.xyz","domain":"trip74.xyz","tld":"xyz"},"ip":{"addr":"104.21.22.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://trip74.xyz/?__vs=eyJ2IjoxLCJ0cyI6MTc3NzI3OTExMSwibGFuZGluZ191cmwiOiJodHRwczovL3RyaXA3NC54eXovIiwibGFuZGluZ19wYXRoIjoiLyIsImZpcnN0X3JlZmVycmVyX3VybCI6bnVsbCwiZmlyc3RfcmVmZXJyZXJfaG9zdCI6bnVsbCwiZmlyc3Rfc291cmNlIjoiZGlyZWN0IiwiZmlyc3Rfc291cmNlX25hbWUiOiJEaXJlY3QiLCJ1dG1fc291cmNlIjpudWxsLCJ1dG1fbWVkaXVtIjpudWxsLCJ1dG1fY2FtcGFpZ24iOm51bGwsInV0bV90ZXJtIjpudWxsLCJ1dG1fY29udGVudCI6bnVsbH0.844ff6e5fa4e7b9640d731121c6a00e8d5c46d42c4732e8428e395fd52491d34","date":"2026-04-27T08:38:31.905Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trip74.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 07:58:45 GMT","end":"Mon, 20 Jul 2026 07:58:44 GMT"},"fingerprint":{"sha1":"7B:95:CC:DF:3A:4D:70:E9:4B:86:BF:10:F1:AE:04:19:28:48:35:4F","sha256":"B5:61:C9:85:70:1A:F4:9A:48:AD:CC:7D:0B:1B:39:AE:B2:C4:56:93:F3:2B:86:79:B2:AD:8B:FF:1B:C1:A7:A8"}}},"request":{"raw":"GET /static/js/fp-3.4.2.min.js HTTP/1.1\r\nHost: trip74.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://trip74.xyz/?__vs=eyJ2IjoxLCJ0cyI6MTc3NzI3OTExMSwibGFuZGluZ191cmwiOiJodHRwczovL3RyaXA3NC54eXovIiwibGFuZGluZ19wYXRoIjoiLyIsImZpcnN0X3JlZmVycmVyX3VybCI6bnVsbCwiZmlyc3RfcmVmZXJyZXJfaG9zdCI6bnVsbCwiZmlyc3Rfc291cmNlIjoiZGlyZWN0IiwiZmlyc3Rfc291cmNlX25hbWUiOiJEaXJlY3QiLCJ1dG1fc291cmNlIjpudWxsLCJ1dG1fbWVkaXVtIjpudWxsLCJ1dG1fY2FtcGFpZ24iOm51bGwsInV0bV90ZXJtIjpudWxsLCJ1dG1fY29udGVudCI6bnVsbH0.844ff6e5fa4e7b9640d731121c6a00e8d5c46d42c4732e8428e395fd52491d34\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid=1777279111.0a3c62d43847678a1578e6c17cf623; gid=eyJpdiI6IlpRcmxCazNrZWtMdW5KK205Z09GdFE9PSIsInZhbHVlIjoiWG9oODhKSXdQak03WituVHJKY2VQbm4zZjR4VWFpKysrWERCQXNlbEZHYzR6SlV2WFJBMU9QZTZ3NXdPdm5kQmZ5UjlqUW5uVmlkNkVueUdXQUdtVndBOUkrYlMzRSt6Q2NwUE02Wng2c3M9IiwibWFjIjoiMTkwNjNhZTJiMDc2ZjY4MzkzYTZkMDRiMzBmNTMwODQ3MzRkYWY3ZDk3MjViMWQ3Y2ZlZDA1MGRmNGNmZmYzZiIsInRhZyI6IiJ9; _token=CXYbwM6wnYaE1YAcPaYqauujfnc8vjhoKgFPsqvQ\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 27 Apr 2026 08:38:31 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Sun, 07 Dec 2025 23:13:05 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69360a01-83fd\"\r\nexpires: Mon, 27 Apr 2026 22:02:49 GMT\r\ncache-control: public, max-age=86400\r\ncontent-encoding: br\r\nage: 38142\r\npriority: u=2,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XnsApJaLScTBNXF14LaTNgslekzXWfw3dg1irtPdu%2FH5pUo5PRquBN5zw08vSZ1%2BQHpTZyuZ9Fp3%2F9U5nHaWg%2FhlvgeX4Uwv92Vw%2FH0%2BoCTvxHATO4tiQ7q4fcYj\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f2c82f16af0120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":33789,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (33446), with CRLF line terminators","md5":"b4e83eec740bb3bad4c81ce885e2cf61","sha1":"76847f3756b44fb0d256f129241096aad79702e5","sha256":"c791d71c8f3511c87c5b7577894333a15f45e42e74c4b4d5f12556a4abab6fb1","sha512":"7ed2e264231dd20c5ebd8bd4c5def50445b299b717361f2d0607a227b2b808476030c4902b4aa87a1ce3a3627c854511e0526a05b6d9e08038aa61a369e60317","ssdeep":"384:ChQYSwHRBcifEJzXhGUa4LdsF7wRuCfLVg5+pCqNFaiE8E0QIQfJW7us6RfGDUP6:CSMHRU7Lic9NwlJW5iffPREA7Q","tlshash":"d0e207d8b2c3b029227378b6497f6007b63abd15242d4843d57be4c17ca5e5a813bfb9","first_seen":"2026-01-07T08:18:34.289787Z","last_seen":"2026-04-27T08:38:53.882524Z","times_seen":32,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trip74.xyz/static/js/public/5.22.11/utils.js?q=8c6c8bee448f","fqdn":"trip74.xyz","domain":"trip74.xyz","tld":"xyz"},"ip":{"addr":"104.21.22.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://trip74.xyz/?__vs=eyJ2IjoxLCJ0cyI6MTc3NzI3OTExMSwibGFuZGluZ191cmwiOiJodHRwczovL3RyaXA3NC54eXovIiwibGFuZGluZ19wYXRoIjoiLyIsImZpcnN0X3JlZmVycmVyX3VybCI6bnVsbCwiZmlyc3RfcmVmZXJyZXJfaG9zdCI6bnVsbCwiZmlyc3Rfc291cmNlIjoiZGlyZWN0IiwiZmlyc3Rfc291cmNlX25hbWUiOiJEaXJlY3QiLCJ1dG1fc291cmNlIjpudWxsLCJ1dG1fbWVkaXVtIjpudWxsLCJ1dG1fY2FtcGFpZ24iOm51bGwsInV0bV90ZXJtIjpudWxsLCJ1dG1fY29udGVudCI6bnVsbH0.844ff6e5fa4e7b9640d731121c6a00e8d5c46d42c4732e8428e395fd52491d34","date":"2026-04-27T08:38:31.907Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trip74.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 07:58:45 GMT","end":"Mon, 20 Jul 2026 07:58:44 GMT"},"fingerprint":{"sha1":"7B:95:CC:DF:3A:4D:70:E9:4B:86:BF:10:F1:AE:04:19:28:48:35:4F","sha256":"B5:61:C9:85:70:1A:F4:9A:48:AD:CC:7D:0B:1B:39:AE:B2:C4:56:93:F3:2B:86:79:B2:AD:8B:FF:1B:C1:A7:A8"}}},"request":{"raw":"GET /static/js/public/5.22.11/utils.js?q=8c6c8bee448f HTTP/1.1\r\nHost: trip74.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://trip74.xyz/?__vs=eyJ2IjoxLCJ0cyI6MTc3NzI3OTExMSwibGFuZGluZ191cmwiOiJodHRwczovL3RyaXA3NC54eXovIiwibGFuZGluZ19wYXRoIjoiLyIsImZpcnN0X3JlZmVycmVyX3VybCI6bnVsbCwiZmlyc3RfcmVmZXJyZXJfaG9zdCI6bnVsbCwiZmlyc3Rfc291cmNlIjoiZGlyZWN0IiwiZmlyc3Rfc291cmNlX25hbWUiOiJEaXJlY3QiLCJ1dG1fc291cmNlIjpudWxsLCJ1dG1fbWVkaXVtIjpudWxsLCJ1dG1fY2FtcGFpZ24iOm51bGwsInV0bV90ZXJtIjpudWxsLCJ1dG1fY29udGVudCI6bnVsbH0.844ff6e5fa4e7b9640d731121c6a00e8d5c46d42c4732e8428e395fd52491d34\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid=1777279111.0a3c62d43847678a1578e6c17cf623; gid=eyJpdiI6IlpRcmxCazNrZWtMdW5KK205Z09GdFE9PSIsInZhbHVlIjoiWG9oODhKSXdQak03WituVHJKY2VQbm4zZjR4VWFpKysrWERCQXNlbEZHYzR6SlV2WFJBMU9QZTZ3NXdPdm5kQmZ5UjlqUW5uVmlkNkVueUdXQUdtVndBOUkrYlMzRSt6Q2NwUE02Wng2c3M9IiwibWFjIjoiMTkwNjNhZTJiMDc2ZjY4MzkzYTZkMDRiMzBmNTMwODQ3MzRkYWY3ZDk3MjViMWQ3Y2ZlZDA1MGRmNGNmZmYzZiIsInRhZyI6IiJ9; _token=CXYbwM6wnYaE1YAcPaYqauujfnc8vjhoKgFPsqvQ\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 27 Apr 2026 08:38:31 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Thu, 09 Apr 2026 10:42:49 GMT\r\nvary: Accept-Encoding\r\netag: \"69d782a9-1020\"\r\nexpires: Mon, 27 Apr 2026 22:02:49 GMT\r\ncache-control: public, max-age=86400\r\ncontent-encoding: br\r\nage: 38142\r\npriority: u=2,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FQAhHPsXms1syCh41JfNPiBng0atqEv61jUNGBgTLDJPCNSTpl%2Blo0gEA5FS3Nfj3%2BQ%2BbferW9cvk%2B5u840a3wRUOZ1WTxtx%2FcRsL7fg1N63pv3xKr%2BF2aL1sFBd\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f2c82f16af1120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4128,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (4128), with no line terminators","md5":"f250e54381e343562904102bf4578b54","sha1":"7b47dccc34755e3ae2d5552e781862c07e50c850","sha256":"3584a79d356c4ee11359a75e4ef6d0260696ff09fb6388c2430b9050bc5a9b2e","sha512":"2bddf7020164b67fd60d9e9a9d1ba24bd5bc28d619ee4c0e33a4534f39c5d6706d5976a927d0ee90fa36b16dbfeade532bfb67368e0b2170f5f83852b387cc45","ssdeep":"96:O73exgybeJkA71ERsvyf0jCkVabvtrgYIwCoYajL0:HCJVERw5jfabvFgoCfajQ","tlshash":"e081618876527b6147e320eda4ab7324b2340400354d91d2f26c68967d7791fa7b7f8e","first_seen":"2026-03-27T23:41:47.222691Z","last_seen":"2026-04-27T08:38:53.884885Z","times_seen":27,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trip74.xyz/static/js/public/5.22.11/main.js?q=da21bb70fdf4","fqdn":"trip74.xyz","domain":"trip74.xyz","tld":"xyz"},"ip":{"addr":"104.21.22.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://trip74.xyz/?__vs=eyJ2IjoxLCJ0cyI6MTc3NzI3OTExMSwibGFuZGluZ191cmwiOiJodHRwczovL3RyaXA3NC54eXovIiwibGFuZGluZ19wYXRoIjoiLyIsImZpcnN0X3JlZmVycmVyX3VybCI6bnVsbCwiZmlyc3RfcmVmZXJyZXJfaG9zdCI6bnVsbCwiZmlyc3Rfc291cmNlIjoiZGlyZWN0IiwiZmlyc3Rfc291cmNlX25hbWUiOiJEaXJlY3QiLCJ1dG1fc291cmNlIjpudWxsLCJ1dG1fbWVkaXVtIjpudWxsLCJ1dG1fY2FtcGFpZ24iOm51bGwsInV0bV90ZXJtIjpudWxsLCJ1dG1fY29udGVudCI6bnVsbH0.844ff6e5fa4e7b9640d731121c6a00e8d5c46d42c4732e8428e395fd52491d34","date":"2026-04-27T08:38:31.910Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trip74.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 07:58:45 GMT","end":"Mon, 20 Jul 2026 07:58:44 GMT"},"fingerprint":{"sha1":"7B:95:CC:DF:3A:4D:70:E9:4B:86:BF:10:F1:AE:04:19:28:48:35:4F","sha256":"B5:61:C9:85:70:1A:F4:9A:48:AD:CC:7D:0B:1B:39:AE:B2:C4:56:93:F3:2B:86:79:B2:AD:8B:FF:1B:C1:A7:A8"}}},"request":{"raw":"GET /static/js/public/5.22.11/main.js?q=da21bb70fdf4 HTTP/1.1\r\nHost: trip74.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://trip74.xyz/?__vs=eyJ2IjoxLCJ0cyI6MTc3NzI3OTExMSwibGFuZGluZ191cmwiOiJodHRwczovL3RyaXA3NC54eXovIiwibGFuZGluZ19wYXRoIjoiLyIsImZpcnN0X3JlZmVycmVyX3VybCI6bnVsbCwiZmlyc3RfcmVmZXJyZXJfaG9zdCI6bnVsbCwiZmlyc3Rfc291cmNlIjoiZGlyZWN0IiwiZmlyc3Rfc291cmNlX25hbWUiOiJEaXJlY3QiLCJ1dG1fc291cmNlIjpudWxsLCJ1dG1fbWVkaXVtIjpudWxsLCJ1dG1fY2FtcGFpZ24iOm51bGwsInV0bV90ZXJtIjpudWxsLCJ1dG1fY29udGVudCI6bnVsbH0.844ff6e5fa4e7b9640d731121c6a00e8d5c46d42c4732e8428e395fd52491d34\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid=1777279111.0a3c62d43847678a1578e6c17cf623; gid=eyJpdiI6IlpRcmxCazNrZWtMdW5KK205Z09GdFE9PSIsInZhbHVlIjoiWG9oODhKSXdQak03WituVHJKY2VQbm4zZjR4VWFpKysrWERCQXNlbEZHYzR6SlV2WFJBMU9QZTZ3NXdPdm5kQmZ5UjlqUW5uVmlkNkVueUdXQUdtVndBOUkrYlMzRSt6Q2NwUE02Wng2c3M9IiwibWFjIjoiMTkwNjNhZTJiMDc2ZjY4MzkzYTZkMDRiMzBmNTMwODQ3MzRkYWY3ZDk3MjViMWQ3Y2ZlZDA1MGRmNGNmZmYzZiIsInRhZyI6IiJ9; _token=CXYbwM6wnYaE1YAcPaYqauujfnc8vjhoKgFPsqvQ\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 27 Apr 2026 08:38:31 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Thu, 09 Apr 2026 10:42:51 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69d782ab-2355ff\"\r\nexpires: Mon, 27 Apr 2026 22:02:49 GMT\r\ncache-control: public, max-age=86400\r\ncontent-encoding: br\r\nage: 38142\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=J5IBu9L8gJzrSZfP159idwZCTExuwLsIqhRPd4yZpPkx2lAWBwJMtBld2u5rVObZhyZJ61zk4Q1B8ugydNrRzl4SypMaDHcu2E06rnZM7qF7H3j8753I3bMwuq3A\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f2c82f16af2120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2315775,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65464), with CRLF line terminators","md5":"707d628cf5489cd20d01c804e5cbf7a0","sha1":"dfce48911374f8aec24aa63c9235f6bd5d7a52bd","sha256":"db56a0b998036c760c640f7a0d3af0cb01a6ce960e5f63f6e3cf81e11df7781d","sha512":"50fe3c134eb92067c2284d6ddc1eb095f6446f959bdc0fe84f6240d9525946613faa8c2275e83d7081eb7cbfce2cb599c6ec901616181d15a5b4aadd3fe2b737","ssdeep":"12288:JwGztMKUKgcQkCn0RXyMK5THdMjAiayrg0+OXr75jy7r:JzMcQERiMKVzia2XrNjy7r","tlshash":"bd255ad8b1d2f06547f310b680ff180af37e2929640d9861f261e8c978b955ea13bf6d","first_seen":"2026-04-10T07:10:48.632651Z","last_seen":"2026-04-27T08:38:53.887223Z","times_seen":7,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":34,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"user_akbkyowd9geqr98","sensor_type":"yara","title":"Private YARA rules","description":"Private YARA rules","scan_date":"2026-04-27","alert":"Hunting_JS_WebAssembly","trigger":"trip74.xyz/static/js/public/5.22.11/main.js?q=da21bb70fdf4","verdict":"audit","severity":"audit","comment":"","link":"","meta":{"description":"Looking for manual construction of JS wasmCode used in exploits","rule":"Hunting_JS_WebAssembly"},"detection_meta":{"user_id":"akbkyowd9geqr98","detection_id":"01K9VTTZ58QH7V4PSKSDDP3N4H","visibility":"private"}}],"urlquery":null}},{"url":{"schema":"https","addr":"trip74.xyz/static/css/main.cd2c6126.css?q=92f114d10cc6","fqdn":"trip74.xyz","domain":"trip74.xyz","tld":"xyz"},"ip":{"addr":"104.21.22.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://trip74.xyz/?__vs=eyJ2IjoxLCJ0cyI6MTc3NzI3OTExMSwibGFuZGluZ191cmwiOiJodHRwczovL3RyaXA3NC54eXovIiwibGFuZGluZ19wYXRoIjoiLyIsImZpcnN0X3JlZmVycmVyX3VybCI6bnVsbCwiZmlyc3RfcmVmZXJyZXJfaG9zdCI6bnVsbCwiZmlyc3Rfc291cmNlIjoiZGlyZWN0IiwiZmlyc3Rfc291cmNlX25hbWUiOiJEaXJlY3QiLCJ1dG1fc291cmNlIjpudWxsLCJ1dG1fbWVkaXVtIjpudWxsLCJ1dG1fY2FtcGFpZ24iOm51bGwsInV0bV90ZXJtIjpudWxsLCJ1dG1fY29udGVudCI6bnVsbH0.844ff6e5fa4e7b9640d731121c6a00e8d5c46d42c4732e8428e395fd52491d34","date":"2026-04-27T08:38:31.912Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trip74.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 07:58:45 GMT","end":"Mon, 20 Jul 2026 07:58:44 GMT"},"fingerprint":{"sha1":"7B:95:CC:DF:3A:4D:70:E9:4B:86:BF:10:F1:AE:04:19:28:48:35:4F","sha256":"B5:61:C9:85:70:1A:F4:9A:48:AD:CC:7D:0B:1B:39:AE:B2:C4:56:93:F3:2B:86:79:B2:AD:8B:FF:1B:C1:A7:A8"}}},"request":{"raw":"GET /static/css/main.cd2c6126.css?q=92f114d10cc6 HTTP/1.1\r\nHost: trip74.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://trip74.xyz/?__vs=eyJ2IjoxLCJ0cyI6MTc3NzI3OTExMSwibGFuZGluZ191cmwiOiJodHRwczovL3RyaXA3NC54eXovIiwibGFuZGluZ19wYXRoIjoiLyIsImZpcnN0X3JlZmVycmVyX3VybCI6bnVsbCwiZmlyc3RfcmVmZXJyZXJfaG9zdCI6bnVsbCwiZmlyc3Rfc291cmNlIjoiZGlyZWN0IiwiZmlyc3Rfc291cmNlX25hbWUiOiJEaXJlY3QiLCJ1dG1fc291cmNlIjpudWxsLCJ1dG1fbWVkaXVtIjpudWxsLCJ1dG1fY2FtcGFpZ24iOm51bGwsInV0bV90ZXJtIjpudWxsLCJ1dG1fY29udGVudCI6bnVsbH0.844ff6e5fa4e7b9640d731121c6a00e8d5c46d42c4732e8428e395fd52491d34\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid=1777279111.0a3c62d43847678a1578e6c17cf623; gid=eyJpdiI6IlpRcmxCazNrZWtMdW5KK205Z09GdFE9PSIsInZhbHVlIjoiWG9oODhKSXdQak03WituVHJKY2VQbm4zZjR4VWFpKysrWERCQXNlbEZHYzR6SlV2WFJBMU9QZTZ3NXdPdm5kQmZ5UjlqUW5uVmlkNkVueUdXQUdtVndBOUkrYlMzRSt6Q2NwUE02Wng2c3M9IiwibWFjIjoiMTkwNjNhZTJiMDc2ZjY4MzkzYTZkMDRiMzBmNTMwODQ3MzRkYWY3ZDk3MjViMWQ3Y2ZlZDA1MGRmNGNmZmYzZiIsInRhZyI6IiJ9; _token=CXYbwM6wnYaE1YAcPaYqauujfnc8vjhoKgFPsqvQ\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 27 Apr 2026 08:38:31 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 12 Dec 2025 15:53:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693c3a5d-9557\"\r\nexpires: Mon, 27 Apr 2026 22:02:49 GMT\r\ncache-control: public, max-age=86400\r\ncontent-encoding: br\r\nage: 38142\r\npriority: u=2,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EEq1wRKc5kzDMw1z%2FHzBb4%2Fj39Yx4bYsfvQq9QCH4DS9JziPvo3TlrAPbsAa%2FUSTuFJB%2B7oVsBD8vZPXH%2FEzaaIJfZCdPGffDQQ8pHc3u3gGr%2BKk9BHV7Lph6e9C\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f2c82f16af3120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":38231,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (38220), with no line terminators","md5":"d1dcb1e6e57038517d96b8f1fb7d3239","sha1":"55d5f97a4ad98ae8dd94042c94ac9e97ff5abb45","sha256":"69901fcdca68fc30e87f2169ecf385bf74b85c9b4392f81ae8aa6ed6b5fbdc54","sha512":"3d1e591348ae87ce56a749814222634cbfc8f7a3f6891d5242cdbe262efe1ed8d85788b38d1b9f2a78d6f1795cbfe07a8c930efe5679ec2860e61b1e7fb6ff94","ssdeep":"192:RJaQDUcTq+fpwN9bHyHcnDbXStqUeInqcGfcrhGOivdHaadlhKhK4CK4hRGK4hwb:RgB8p2N2Lgy8DeNA9","tlshash":"e203fc0094001dae9d3b453266ccfe4af30f7a9f957d96e9f945b80922be2cc06ef645","first_seen":"2025-04-22T07:24:42.799205Z","last_seen":"2026-04-27T08:38:53.889489Z","times_seen":44,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trip74.xyz/favicon.svg","fqdn":"trip74.xyz","domain":"trip74.xyz","tld":"xyz"},"ip":{"addr":"104.21.22.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trip74.xyz/?__vs=eyJ2IjoxLCJ0cyI6MTc3NzI3OTExMSwibGFuZGluZ191cmwiOiJodHRwczovL3RyaXA3NC54eXovIiwibGFuZGluZ19wYXRoIjoiLyIsImZpcnN0X3JlZmVycmVyX3VybCI6bnVsbCwiZmlyc3RfcmVmZXJyZXJfaG9zdCI6bnVsbCwiZmlyc3Rfc291cmNlIjoiZGlyZWN0IiwiZmlyc3Rfc291cmNlX25hbWUiOiJEaXJlY3QiLCJ1dG1fc291cmNlIjpudWxsLCJ1dG1fbWVkaXVtIjpudWxsLCJ1dG1fY2FtcGFpZ24iOm51bGwsInV0bV90ZXJtIjpudWxsLCJ1dG1fY29udGVudCI6bnVsbH0.844ff6e5fa4e7b9640d731121c6a00e8d5c46d42c4732e8428e395fd52491d34","date":"2026-04-27T08:38:32.595Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trip74.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 07:58:45 GMT","end":"Mon, 20 Jul 2026 07:58:44 GMT"},"fingerprint":{"sha1":"7B:95:CC:DF:3A:4D:70:E9:4B:86:BF:10:F1:AE:04:19:28:48:35:4F","sha256":"B5:61:C9:85:70:1A:F4:9A:48:AD:CC:7D:0B:1B:39:AE:B2:C4:56:93:F3:2B:86:79:B2:AD:8B:FF:1B:C1:A7:A8"}}},"request":{"raw":"GET /favicon.svg HTTP/1.1\r\nHost: trip74.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://trip74.xyz/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid=1777279111.0a3c62d43847678a1578e6c17cf623; gid=eyJpdiI6IlpRcmxCazNrZWtMdW5KK205Z09GdFE9PSIsInZhbHVlIjoiWG9oODhKSXdQak03WituVHJKY2VQbm4zZjR4VWFpKysrWERCQXNlbEZHYzR6SlV2WFJBMU9QZTZ3NXdPdm5kQmZ5UjlqUW5uVmlkNkVueUdXQUdtVndBOUkrYlMzRSt6Q2NwUE02Wng2c3M9IiwibWFjIjoiMTkwNjNhZTJiMDc2ZjY4MzkzYTZkMDRiMzBmNTMwODQ3MzRkYWY3ZDk3MjViMWQ3Y2ZlZDA1MGRmNGNmZmYzZiIsInRhZyI6IiJ9; _token=CXYbwM6wnYaE1YAcPaYqauujfnc8vjhoKgFPsqvQ\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 27 Apr 2026 08:38:33 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 31 Oct 2025 19:35:10 GMT\r\nvary: Accept-Encoding\r\netag: \"69050f6e-560\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\nage: 1641\r\npriority: u=6,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qswCClzDeNrcvMl7%2B%2FXGwA5daYZ9zHHP39TFDESe7He1VjxcyfIwH9XXmBoCzL6s1v6TRY1NxWJdmSQbpwWel0p6VLE57Ch2xQTTJGbbwsof5J30R0FpLSv7bq2x\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f2c82f8dbc5120a-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1376,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c5cfb4fddc6fcf16d600c10b2c42e0fa","sha1":"fc16671e23f0596b64ce5c9bc53696af8340fba9","sha256":"11f6518b3856ca00caeb57dcb36dd7aa5f1af333cde6beb0195509db5c3305db","sha512":"8b8ec2db3851ab3bd0180fa9ccc5daa1bd0cdaf4fe7bd3f68492bd93d7a3a21467dce850f80f6e779d86423485a231c72bb7ac425acb935d137b672974b48078","ssdeep":"","tlshash":"f1219bedb998d980e586c739ca0fe436922231fc9e5540c05811333372961bb5c3fed0","first_seen":"2025-10-01T10:06:51.593937Z","last_seen":"2026-04-27T08:38:53.891671Z","times_seen":41,"resource_available":false,"data":null}},"time_used":498,"timings":{"blocked":490,"dns":0,"connect":0,"send":0,"wait":7,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trip74.xyz/","fqdn":"trip74.xyz","domain":"trip74.xyz","tld":"xyz"},"ip":{"addr":"104.21.22.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-27T08:38:31.245Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trip74.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 07:58:45 GMT","end":"Mon, 20 Jul 2026 07:58:44 GMT"},"fingerprint":{"sha1":"7B:95:CC:DF:3A:4D:70:E9:4B:86:BF:10:F1:AE:04:19:28:48:35:4F","sha256":"B5:61:C9:85:70:1A:F4:9A:48:AD:CC:7D:0B:1B:39:AE:B2:C4:56:93:F3:2B:86:79:B2:AD:8B:FF:1B:C1:A7:A8"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: trip74.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 27 Apr 2026 08:38:31 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\ncache-control: no-cache, must-revalidate\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BwGnnlJss3xg44m2i2cMotI8aHgQL1ofFdLrv23AUGMHPgfBFKaEz5Au7%2BGmao7OaIAZO8bn%2Bp2acK8VYSEjllyqyH%2Ff3ofvT5RoPWKTZaVoy9utL%2FX28wlK4Vui\"}]}\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9f2c82edba9c7127-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16546,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (12340)","md5":"f96f1c4bfa149acc9fb6cdc3d5ecdc02","sha1":"6fdece7675c38c108ce7d6e683d1cc9ee3bdc29f","sha256":"cf85a8dd2fd45c5d331439a80951d12039dcf296a5db1e5e6d3fd792413778b9","sha512":"e16ca8415068f299fe423a3ce44ab31369cf0c991eddfe2d5e6b73e95a1e993467a2fb982312133daf76fa9d2d1839ea1411e59747ab29ac79a15a65e28a118c","ssdeep":"192:f2lg+oqEN776Bn/HnHPgHoKlys/6+EUdasmdEvE+XZRitDicEg8q1wYqnx/a:fmUJ/WIo9s/jEC7m+OtDicEgZqnx/a","tlshash":"e96253910389467cf2c81dc19c2f645e20f2b56a7d191248afb29debbc76dc4807aa36","first_seen":"2026-04-27T08:38:53.894019Z","last_seen":"2026-04-27T08:38:53.894019Z","times_seen":1,"resource_available":true,"data":null}},"time_used":251,"timings":{"blocked":66,"dns":50,"connect":1,"send":0,"wait":114,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trip74.xyz/favicon.svg","fqdn":"trip74.xyz","domain":"trip74.xyz","tld":"xyz"},"ip":{"addr":"104.21.22.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trip74.xyz/","date":"2026-04-27T08:38:31.651Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trip74.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 07:58:45 GMT","end":"Mon, 20 Jul 2026 07:58:44 GMT"},"fingerprint":{"sha1":"7B:95:CC:DF:3A:4D:70:E9:4B:86:BF:10:F1:AE:04:19:28:48:35:4F","sha256":"B5:61:C9:85:70:1A:F4:9A:48:AD:CC:7D:0B:1B:39:AE:B2:C4:56:93:F3:2B:86:79:B2:AD:8B:FF:1B:C1:A7:A8"}}},"request":{"raw":"GET /favicon.svg HTTP/1.1\r\nHost: trip74.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trip74.xyz/\r\nCookie: uid=1777279111.0a3c62d43847678a1578e6c17cf623\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T13:20:13.402452Z","times_seen":14281195,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trip74.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"trip74.xyz","domain":"trip74.xyz","tld":"xyz"},"ip":{"addr":"104.21.22.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://trip74.xyz/","date":"2026-04-27T08:38:31.654Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trip74.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 07:58:45 GMT","end":"Mon, 20 Jul 2026 07:58:44 GMT"},"fingerprint":{"sha1":"7B:95:CC:DF:3A:4D:70:E9:4B:86:BF:10:F1:AE:04:19:28:48:35:4F","sha256":"B5:61:C9:85:70:1A:F4:9A:48:AD:CC:7D:0B:1B:39:AE:B2:C4:56:93:F3:2B:86:79:B2:AD:8B:FF:1B:C1:A7:A8"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1\r\nHost: trip74.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid=1777279111.0a3c62d43847678a1578e6c17cf623\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T13:20:13.402452Z","times_seen":14281195,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trip74.xyz/fonts.css","fqdn":"trip74.xyz","domain":"trip74.xyz","tld":"xyz"},"ip":{"addr":"104.21.22.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://trip74.xyz/?__vs=eyJ2IjoxLCJ0cyI6MTc3NzI3OTExMSwibGFuZGluZ191cmwiOiJodHRwczovL3RyaXA3NC54eXovIiwibGFuZGluZ19wYXRoIjoiLyIsImZpcnN0X3JlZmVycmVyX3VybCI6bnVsbCwiZmlyc3RfcmVmZXJyZXJfaG9zdCI6bnVsbCwiZmlyc3Rfc291cmNlIjoiZGlyZWN0IiwiZmlyc3Rfc291cmNlX25hbWUiOiJEaXJlY3QiLCJ1dG1fc291cmNlIjpudWxsLCJ1dG1fbWVkaXVtIjpudWxsLCJ1dG1fY2FtcGFpZ24iOm51bGwsInV0bV90ZXJtIjpudWxsLCJ1dG1fY29udGVudCI6bnVsbH0.844ff6e5fa4e7b9640d731121c6a00e8d5c46d42c4732e8428e395fd52491d34","date":"2026-04-27T08:38:31.901Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trip74.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 07:58:45 GMT","end":"Mon, 20 Jul 2026 07:58:44 GMT"},"fingerprint":{"sha1":"7B:95:CC:DF:3A:4D:70:E9:4B:86:BF:10:F1:AE:04:19:28:48:35:4F","sha256":"B5:61:C9:85:70:1A:F4:9A:48:AD:CC:7D:0B:1B:39:AE:B2:C4:56:93:F3:2B:86:79:B2:AD:8B:FF:1B:C1:A7:A8"}}},"request":{"raw":"GET /fonts.css HTTP/1.1\r\nHost: trip74.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://trip74.xyz/?__vs=eyJ2IjoxLCJ0cyI6MTc3NzI3OTExMSwibGFuZGluZ191cmwiOiJodHRwczovL3RyaXA3NC54eXovIiwibGFuZGluZ19wYXRoIjoiLyIsImZpcnN0X3JlZmVycmVyX3VybCI6bnVsbCwiZmlyc3RfcmVmZXJyZXJfaG9zdCI6bnVsbCwiZmlyc3Rfc291cmNlIjoiZGlyZWN0IiwiZmlyc3Rfc291cmNlX25hbWUiOiJEaXJlY3QiLCJ1dG1fc291cmNlIjpudWxsLCJ1dG1fbWVkaXVtIjpudWxsLCJ1dG1fY2FtcGFpZ24iOm51bGwsInV0bV90ZXJtIjpudWxsLCJ1dG1fY29udGVudCI6bnVsbH0.844ff6e5fa4e7b9640d731121c6a00e8d5c46d42c4732e8428e395fd52491d34\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid=1777279111.0a3c62d43847678a1578e6c17cf623; gid=eyJpdiI6IlpRcmxCazNrZWtMdW5KK205Z09GdFE9PSIsInZhbHVlIjoiWG9oODhKSXdQak03WituVHJKY2VQbm4zZjR4VWFpKysrWERCQXNlbEZHYzR6SlV2WFJBMU9QZTZ3NXdPdm5kQmZ5UjlqUW5uVmlkNkVueUdXQUdtVndBOUkrYlMzRSt6Q2NwUE02Wng2c3M9IiwibWFjIjoiMTkwNjNhZTJiMDc2ZjY4MzkzYTZkMDRiMzBmNTMwODQ3MzRkYWY3ZDk3MjViMWQ3Y2ZlZDA1MGRmNGNmZmYzZiIsInRhZyI6IiJ9; _token=CXYbwM6wnYaE1YAcPaYqauujfnc8vjhoKgFPsqvQ\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 27 Apr 2026 08:38:31 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 31 Oct 2025 19:36:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69050fa6-349\"\r\nexpires: Mon, 27 Apr 2026 22:02:49 GMT\r\ncache-control: public, max-age=86400\r\ncontent-encoding: br\r\nage: 38142\r\npriority: u=2,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ol38EZUo1xaOub2WPqnkT%2BtrhzXhDpXIgTmojvsCr8Hkp1HrVlq5HGLdzvICWtv3ulHtoyDjxzsl2Hig9zAPEj8d%2BdinRo79Zrvsctv9aVC3JFsNeV4drrKBsPeE\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f2c82f16aef120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":841,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"55b4cc6f0356bfc46ca4032b3308d331","sha1":"9787f4352762dac15945ce0cac48a2f0b9a1aab2","sha256":"91b77f64071aff97992c8e78ac3f39bdf82db963c5f85e5dac9d751a73e8852d","sha512":"c065f34277f4c3d76776d53aa3c1220bdfe25343c7c7423551144c064a69ed25c2371895ca030ebb2a214f9b1bc9296e11dc812a6b2c4d6a495d543eb48703ef","ssdeep":"","tlshash":"2d01cc44401c3031e6780c9eb3db1f18e82d24671499c638baa22a60dff282e5370f6d","first_seen":"2026-01-07T08:18:34.280232Z","last_seen":"2026-04-27T08:38:53.902699Z","times_seen":29,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}