{"report_id":"ab9c6cca-6983-43f2-8956-59ca7bb7269b","version":6,"status":"done","tags":[],"date":"2025-11-16T05:32:35Z","url":{"schema":"http","addr":"m.crichd.vip/","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"172.67.180.217","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"m.crichd.vip/web007","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"title":"CricHD Live Cricket Streaming - Watch Live Cricket","dom":{"size":6569,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (1601)","md5":"c0496560cae0a7ac5086090b72dfed6c","sha1":"0f5a35912184ea1615b1b1e24479af5748d7e918","sha256":"40566bae0a4638ca81ac17bde4846254501308a03e216f9c05702411bff48b8f","sha512":"8833b565db952990690c488b456344b52dc54dc83ec8864541cd8ceed63b3a21325468dcff5a86ec50f1b61eb16946fcd579ea5f61a3b2ec892ed7450979f401","ssdeep":"192:3O3772UeD/DOVxZUI34tE1uDHrAFxSoF/feWj:3OLilO714tEQwTS8","tlshash":"8fd1005c39f7a48a4497607847afe3126131c643878cc898fd5de3206f9c90a59ebfe6","dom_hash":"domhash9ce91588d2a71c823270698bac352c92","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"m.crichd.vip/","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"172.67.180.217","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null,"user":{"country_code":"zz"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-21T05:32:35Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":13}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"boopoaglauph.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"boopoaglauph.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"boopoaglauph.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"boopoaglauph.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"boopoaglauph.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"p2yn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"p2yn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"p2yn.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"naupsithizeekee.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"adexchangeclear.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null},"summary":[{"fqdn":"bvtpk.com","ip":{"addr":"104.21.5.190","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-03-16","domain_rank":37068,"first_seen":"2025-05-21T11:34:02.786268Z","last_seen":"2025-11-12T04:22:12.576178Z","alert_count":0,"request_count":1,"received_data":111304,"sent_data":408,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"boopoaglauph.net","ip":{"addr":"139.45.197.245","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2025-02-10","domain_rank":1461127,"first_seen":"2025-03-30T23:35:00.839053Z","last_seen":"2025-11-15T13:16:58.951282Z","alert_count":20,"request_count":4,"received_data":11445,"sent_data":3980,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"sg-nikke.playerinfinite.com","ip":{"addr":"101.33.11.223","port":443,"asn":139341,"as":"ACE","country":"Germany","country_code":"DE"},"domain_registered":"2022-06-08","domain_rank":2912254,"first_seen":"2023-03-27T17:16:39Z","last_seen":"2025-11-13T11:48:21.602303Z","alert_count":0,"request_count":10,"received_data":866820,"sent_data":4878,"comment":"","tags":null,"fingerprints":null},{"fqdn":"static.aix.levelinfinite.com","ip":{"addr":"34.111.178.125","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2013-05-04","domain_rank":3537647,"first_seen":"2024-02-07T12:09:00Z","last_seen":"2025-11-09T05:33:57.999031Z","alert_count":0,"request_count":1,"received_data":152511,"sent_data":445,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]},{"fqdn":"s36.chatango.com","ip":{"addr":"208.93.230.151","port":8081,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"domain_registered":"2004-05-23","domain_rank":3310739,"first_seen":"2025-06-22T15:59:54.63927Z","last_seen":"2025-11-06T11:00:20.475298Z","alert_count":0,"request_count":1,"received_data":129,"sent_data":559,"comment":"","tags":null,"fingerprints":null},{"fqdn":"adexchangeclear.com","ip":{"addr":"104.21.78.155","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2015-04-27","domain_rank":24943,"first_seen":"2025-07-16T08:40:02.47428Z","last_seen":"2025-11-10T10:25:59.488864Z","alert_count":1,"request_count":1,"received_data":1720,"sent_data":1418,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]},{"fqdn":"www.nikke-eu.com","ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"domain_registered":"2024-02-01","domain_rank":0,"first_seen":"2024-03-13T23:41:03Z","last_seen":"2025-11-13T02:28:29.730058Z","alert_count":0,"request_count":13,"received_data":2427238,"sent_data":9360,"comment":"","tags":null,"fingerprints":null},{"fqdn":"rumt-sg.com","ip":{"addr":"43.156.86.55","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"domain_registered":"2022-02-23","domain_rank":36775,"first_seen":"2022-03-02T02:31:03Z","last_seen":"2025-11-12T07:36:25.210612Z","alert_count":0,"request_count":10,"received_data":2272,"sent_data":10331,"comment":"","tags":null,"fingerprints":null},{"fqdn":"st.chatango.com","ip":{"addr":"208.93.230.18","port":443,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"domain_registered":"2004-05-23","domain_rank":442176,"first_seen":"2012-06-04T02:57:52Z","last_seen":"2025-11-09T05:06:38.631935Z","alert_count":0,"request_count":5,"received_data":792785,"sent_data":2409,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2025-11-09T22:13:41.73664Z","alert_count":0,"request_count":1,"received_data":435972,"sent_data":435,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn-apac.onetrust.com","ip":{"addr":"104.18.32.137","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2004-01-12","domain_rank":83687,"first_seen":"2019-02-20T15:31:50Z","last_seen":"2025-11-11T01:09:55.554673Z","alert_count":0,"request_count":12,"received_data":698256,"sent_data":5745,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"asset.popin.cc","ip":{"addr":"34.117.195.210","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2008-04-20","domain_rank":1379285,"first_seen":"2022-04-20T07:38:40Z","last_seen":"2025-11-13T07:21:26.457322Z","alert_count":0,"request_count":2,"received_data":118532,"sent_data":965,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]}]},{"fqdn":"sg-act.playerinfinite.com","ip":{"addr":"43.134.152.232","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"domain_registered":"2022-06-08","domain_rank":2853261,"first_seen":"2023-06-29T08:01:24Z","last_seen":"2025-11-13T02:28:29.730727Z","alert_count":0,"request_count":3,"received_data":1725,"sent_data":1544,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"naupsithizeekee.com","ip":{"addr":"172.67.181.252","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-12-03","domain_rank":290123,"first_seen":"2025-01-03T14:49:49.699555Z","last_seen":"2025-11-06T11:00:21.315435Z","alert_count":1,"request_count":1,"received_data":111396,"sent_data":415,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"track.iegcom.com","ip":{"addr":"34.49.88.155","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2020-11-12","domain_rank":3847295,"first_seen":"2023-04-06T11:14:24Z","last_seen":"2025-11-09T05:33:58.226203Z","alert_count":0,"request_count":5,"received_data":77846,"sent_data":2763,"comment":"","tags":null,"fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}]},{"fqdn":"bat.bing.com","ip":{"addr":"150.171.27.10","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"domain_registered":"1996-01-29","domain_rank":2924,"first_seen":"2014-04-08T09:23:16Z","last_seen":"2025-11-09T22:31:55.870097Z","alert_count":0,"request_count":3,"received_data":114031,"sent_data":1239,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"bat.bing.net","ip":{"addr":"150.171.28.10","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"domain_registered":"1997-09-03","domain_rank":24312,"first_seen":"2023-11-04T08:19:21Z","last_seen":"2025-11-09T22:36:31.537536Z","alert_count":0,"request_count":3,"received_data":1581,"sent_data":3896,"comment":"","tags":null,"fingerprints":null},{"fqdn":"p2yn.com","ip":{"addr":"139.45.195.12","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2022-03-18","domain_rank":40878,"first_seen":"2025-04-23T09:18:49.672335Z","last_seen":"2025-11-09T15:29:38.003583Z","alert_count":6,"request_count":2,"received_data":1657,"sent_data":1192,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"ust.chatango.com","ip":{"addr":"208.93.230.24","port":443,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"domain_registered":"2004-05-23","domain_rank":468722,"first_seen":"2012-12-10T16:31:50Z","last_seen":"2025-11-13T00:48:04.415821Z","alert_count":0,"request_count":2,"received_data":2703,"sent_data":935,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"to.trakzon.com","ip":{"addr":"172.67.221.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-05-12","domain_rank":0,"first_seen":"2025-08-28T09:07:12.613797Z","last_seen":"2025-11-13T06:45:12.536468Z","alert_count":0,"request_count":1,"received_data":2464,"sent_data":625,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"www.redditstatic.com","ip":{"addr":"151.101.65.140","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2011-11-09","domain_rank":5235,"first_seen":"2012-06-30T12:33:28Z","last_seen":"2025-11-10T01:05:08.438467Z","alert_count":0,"request_count":1,"received_data":80374,"sent_data":422,"comment":"","tags":null,"fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}]},{"fqdn":"s.yimg.jp","ip":{"addr":"182.22.24.124","port":443,"asn":23816,"as":"Yahoo Japan Corporation","country":"Japan","country_code":"JP"},"domain_registered":"2003-01-14","domain_rank":45169,"first_seen":"2012-10-25T03:38:43Z","last_seen":"2025-11-10T00:10:32.166282Z","alert_count":0,"request_count":1,"received_data":37022,"sent_data":429,"comment":"","tags":null,"fingerprints":null},{"fqdn":"m.crichd.vip","ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2020-10-04","domain_rank":314114,"first_seen":"2022-10-30T08:02:23Z","last_seen":"2025-11-06T11:00:20.389535Z","alert_count":0,"request_count":32,"received_data":1475061,"sent_data":14551,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Chatango","description":"Chatango is a website used for connecting to a large selection of users.","website":"https://chatango.com","common_platform_enumeration":"","icon":"Chatango.png","categories":["Widgets"]},{"name":"PHP:8.1.29","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-11-09T22:13:15.598397Z","alert_count":0,"request_count":2,"received_data":48290,"sent_data":1054,"comment":"","tags":null,"fingerprints":null},{"fqdn":"a-mpd.com","ip":{"addr":"34.117.152.183","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2021-05-27","domain_rank":152055,"first_seen":"2021-06-07T03:16:59Z","last_seen":"2025-11-13T02:28:29.820227Z","alert_count":0,"request_count":1,"received_data":1438,"sent_data":577,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]},{"fqdn":"__bridge_loaded__","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2024-10-14T16:26:38.423942Z","last_seen":"2025-11-13T05:37:08.552719Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":520,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.playgamer.co","ip":{"addr":"3.167.2.50","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2023-11-14","domain_rank":0,"first_seen":"2020-11-29T03:29:36Z","last_seen":"2025-11-13T11:48:21.595337Z","alert_count":0,"request_count":1,"received_data":3000,"sent_data":696,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"fleraprt.com","ip":{"addr":"139.45.195.252","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2022-01-14","domain_rank":17838,"first_seen":"2022-01-14T22:55:14Z","last_seen":"2025-11-11T03:50:50.561984Z","alert_count":0,"request_count":2,"received_data":908,"sent_data":1171,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"gizokraijaw.net","ip":{"addr":"104.21.65.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-11-06","domain_rank":156158,"first_seen":"2024-11-27T06:54:34.804318Z","last_seen":"2025-11-14T02:41:44.588463Z","alert_count":0,"request_count":1,"received_data":171662,"sent_data":415,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"tzegilo.com","ip":{"addr":"172.67.193.52","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2022-01-14","domain_rank":18163,"first_seen":"2022-01-14T15:27:15Z","last_seen":"2025-11-10T21:57:41.365968Z","alert_count":0,"request_count":1,"received_data":18653,"sent_data":410,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"trace.popin.cc","ip":{"addr":"35.213.89.133","port":443,"asn":15169,"as":"GOOGLE","country":"Japan","country_code":"JP"},"domain_registered":"2008-04-20","domain_rank":76630,"first_seen":"2022-01-06T15:59:37Z","last_seen":"2025-11-12T15:33:58.490596Z","alert_count":0,"request_count":2,"received_data":918,"sent_data":1404,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]},{"fqdn":"geolocation.onetrust.com","ip":{"addr":"172.64.155.119","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2004-01-12","domain_rank":4022,"first_seen":"2018-02-07T11:23:41Z","last_seen":"2025-11-09T22:38:04.767525Z","alert_count":0,"request_count":1,"received_data":461,"sent_data":489,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"www.google.com","ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22,"first_seen":"2015-05-10T13:11:19Z","last_seen":"2025-11-09T22:13:25.255249Z","alert_count":0,"request_count":2,"received_data":985,"sent_data":1858,"comment":"","tags":null,"fingerprints":null},{"fqdn":"t.vibe.co","ip":{"addr":"44.214.249.151","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"domain_registered":"2010-09-08","domain_rank":128996,"first_seen":"2022-11-29T15:00:16Z","last_seen":"2025-11-11T15:33:30.574909Z","alert_count":0,"request_count":1,"received_data":399,"sent_data":863,"comment":"","tags":null,"fingerprints":null},{"fqdn":"usrpubtrk.com","ip":{"addr":"172.67.186.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-06-16","domain_rank":6824,"first_seen":"2025-06-17T13:34:00.105327Z","last_seen":"2025-11-12T16:54:53.41295Z","alert_count":3,"request_count":1,"received_data":526,"sent_data":484,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"www.jupiterlauncher.com","ip":{"addr":"54.176.249.241","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2022-04-13","domain_rank":719356,"first_seen":"2022-06-23T04:50:06Z","last_seen":"2025-11-12T07:36:24.266238Z","alert_count":0,"request_count":2,"received_data":1089,"sent_data":1271,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty:1.19.9.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"api.popin.cc","ip":{"addr":"119.63.193.220","port":443,"asn":38627,"as":"Baidu, Inc.","country":"Japan","country_code":"JP"},"domain_registered":"2008-04-20","domain_rank":160265,"first_seen":"2012-06-19T10:21:37Z","last_seen":"2025-11-13T07:21:26.788349Z","alert_count":0,"request_count":5,"received_data":261529,"sent_data":2576,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"my.rtmark.net","ip":{"addr":"172.64.146.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-10-29","domain_rank":43911,"first_seen":"2015-02-04T09:54:57Z","last_seen":"2025-11-10T01:38:56.234977Z","alert_count":0,"request_count":2,"received_data":1698,"sent_data":913,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-11-09T22:13:15.523411Z","alert_count":0,"request_count":2,"received_data":31407,"sent_data":905,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cdn-apac.onetrust.com/consent/018dd03c-1e82-70b0-a52c-1aa6ee0a1b53/OtAutoBlock.js","fqdn":"cdn-apac.onetrust.com","domain":"onetrust.com","tld":"com"},"ip":{"addr":"104.18.32.137","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d67c658f544ac29a65ceb27e782ce740","sha1":"909b2c0f0fae11bfbf13396617826e7beff3037a","sha256":"dc4be5536bd2ce7609cc980745a63ee1eb53317fdd29bae7e6f548846199ed8c","sha512":"6bd1592b3ee22ec829a59fda85df6a5e337d42444a41daaec6058e1a9138efcb9b3435a0b96bf3891fb1fc74c324226ac2dfcbf9d7003db78d8d440d279c1330","ssdeep":"96:1GInbH6vTKvmYDDaLVQ5rM6gPHDf//KQgG+vylylqftDg1ju1jai:kIn7+TKVDUQ1EHDf/jw6clqftDg1uGi","tlshash":"84a176fce7bc7bb12b4179a480db254ee53aa56291029ce0f048dd90787cf62147fa9d","size":4928,"data":"","first_seen":"2025-11-05T17:06:59.792877Z","last_seen":"2025-11-18T23:33:55.826922Z","times_seen":37,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","fqdn":"www.nikke-eu.com","domain":"nikke-eu.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"d7b06887962b190f067095651fec6677","sha1":"4b57dc768c439a481059c3e5eaef8e034578b1d4","sha256":"8aa38f691970c20b4dcbb277be1ffe2d25bdfd055d37e165f987cc4bcf8670fa","sha512":"6c5a96aca5d08f110fb1d2e4e730f4cb22490dd3a308e5eaf00706ed27e61f431db9d7706196b600b0dbc2ba5c4e8c346d1c2badcd389191ff9683fa132e3f5e","ssdeep":"","tlshash":"5c80044c1010300151011cfd4457051470507014d311d03c104450474d7701407014cc","size":31,"data":"","first_seen":"2023-03-07T01:07:10Z","last_seen":"2026-04-04T04:44:42.84852Z","times_seen":11949,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","fqdn":"www.nikke-eu.com","domain":"nikke-eu.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"77720e25eb6f81f6adccbe89a8054efb","sha1":"970560ec74cb17b0d2268e16ec267b937049b523","sha256":"123f4f2f95b3c8dbec5fc2a1115699b20afaf53f0ecdc84c75867cc5af7e3fe8","sha512":"e78ed5b9127f1f84a2a5b8964f28c5ea2e65ff8d3d4de0ab637b31266c84d8957c37c258431ae5029d6a0e89036a1100dd85f9307227840ca9bf24cf33fc67b1","ssdeep":"","tlshash":"20e02de12c08ac231ba017b0607bd20a3942210035685b80d1aca44031221a7c01ba88","size":324,"data":"","first_seen":"2024-05-01T09:38:52Z","last_seen":"2026-03-05T07:34:47.240818Z","times_seen":46,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","fqdn":"www.nikke-eu.com","domain":"nikke-eu.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"f5000735cc3480f15bddfdf430aa1ed2","sha1":"7b6105000d6d5be01f155ec02009ffa850d17688","sha256":"f7c8cf621fcc76fc0f157740425a34871ff9db64983f96505327d16fa9f5ac3b","sha512":"351309277139b7816cc9b030c0744878232dc67aa4b5cbb9b43b460c2009fb2df735d6f13a49f3a4ae87c3ee320d98522e274c2df43d51a38a248f0af11fa9ce","ssdeep":"","tlshash":"a3e0b7f13c08bc231ba11bb0207fd30f3583210035684f41c1aca4403122097c01bf8c","size":324,"data":"","first_seen":"2024-05-01T09:38:52Z","last_seen":"2026-03-05T07:34:47.250073Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","fqdn":"www.nikke-eu.com","domain":"nikke-eu.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"1f9b27df3c953b5e1cbe5e6f7a798c30","sha1":"c9a32a8cc97cf05249c97b8e600ae42ba98e591d","sha256":"b54945de9ee00fda3085835841d844fb7e88e3566c992613264e945c8fff2380","sha512":"50fef36203e6efca287bb53623c83130bb7133d4b95d872e18b9c39115facda8dd448679d948b2d7915c24582118c4a7f9f4cf334b9ab93d4209d480497116cb","ssdeep":"","tlshash":"9ee0d89812fad41754a261a7093ba125713b44d35e687830bf4c93009f1c71bb1b5be4","size":381,"data":"","first_seen":"2025-11-05T17:06:59.837861Z","last_seen":"2025-11-18T21:11:18.755144Z","times_seen":32,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/web007","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"06d065fd71463aa3f716b82c7497b9c8","sha1":"b243c2aa45ba03374359955618d39aae2b4f475f","sha256":"4f5c481f9cab12206692effaa1650c2a74a0e4911bd99c261745d7f68f7b7d22","sha512":"1ab015afb2bd824758fb69b33a26c62979b9e83da1ff73619fe7f20aa78d51fb7da61a950abc5683353d559b1bfb8f7f086aae978684c0f75dd29d3d327c6be3","ssdeep":"","tlshash":"15c00020e80000808880083020a2020020200208c8008008000a0200280308a2220080","size":159,"data":"","first_seen":"2023-05-26T18:24:13Z","last_seen":"2026-03-28T10:20:45.505147Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","fqdn":"www.nikke-eu.com","domain":"nikke-eu.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"7a8e93a44a63473f4f7d1b6d9cf165c1","sha1":"644435798f1851e43538c15a1bc8305d29fb55c6","sha256":"2fa160508271293aa82037f5a641aca27db42a74f165cca4c114f6f6fc5f0781","sha512":"5e343d9004b4bf579ba3a7ee93d510b610501b9eb642da5ce1bf9e992b5be7706d652d59dd2ee27a8474eec61d50a0ea6fcfebbaf9f554b69b77dddfa081bba8","ssdeep":"","tlshash":"23f020061c67a8344e6a15ea6ab3c111a06230277488e08ef8cdc99a4f11fd8cc23edc","size":460,"data":"","first_seen":"2024-05-01T09:38:51Z","last_seen":"2026-03-05T07:34:47.229661Z","times_seen":60,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.popin.cc/popin_discovery5-min.js","fqdn":"api.popin.cc","domain":"popin.cc","tld":"cc"},"ip":{"addr":"119.63.193.220","port":443,"asn":38627,"as":"Baidu, Inc.","country":"Japan","country_code":"JP"},"introduction_type":"scriptElement","is_inline":false,"md5":"bffc5b4a0392434c9b0f06f62ef9cf93","sha1":"e652e4351683c58b59d781b527a2400070228067","sha256":"61d96a4c9eaa6ac781177f0e542cd1f6671ddeadec20a998b3129ca09bc4879b","sha512":"9e7e21cd8943186458da605cb30ca8942e60a8201f56cd520c0a653cb1b2098bf2e2d4b7e5923bc067a7def964a9ff7e0b0fdddea79cc28bf7b3f620ab2c8754","ssdeep":"1536:138umkZYuii+TxwZ1pXmplts7j4YZ8zDsGrsRxYU/neeZGk/oP8V4ac+BI0BZ4JE:MyqOVZ8zDEY6ZGI4azyO4UYxjzKX","tlshash":"d1f3f9fff24d192e819e45285c2f5f35737a35c89906c50af929d8e16be8e053026bbc","size":159764,"data":"","first_seen":"2025-04-24T04:39:34.093857Z","last_seen":"2026-04-04T04:32:38.985059Z","times_seen":131,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/web007","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"06d065fd71463aa3f716b82c7497b9c8","sha1":"b243c2aa45ba03374359955618d39aae2b4f475f","sha256":"4f5c481f9cab12206692effaa1650c2a74a0e4911bd99c261745d7f68f7b7d22","sha512":"1ab015afb2bd824758fb69b33a26c62979b9e83da1ff73619fe7f20aa78d51fb7da61a950abc5683353d559b1bfb8f7f086aae978684c0f75dd29d3d327c6be3","ssdeep":"","tlshash":"15c00020e80000808880083020a2020020200208c8008008000a0200280308a2220080","size":159,"data":"","first_seen":"2023-05-26T18:24:13Z","last_seen":"2026-03-28T10:20:45.505147Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/web007","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"06d065fd71463aa3f716b82c7497b9c8","sha1":"b243c2aa45ba03374359955618d39aae2b4f475f","sha256":"4f5c481f9cab12206692effaa1650c2a74a0e4911bd99c261745d7f68f7b7d22","sha512":"1ab015afb2bd824758fb69b33a26c62979b9e83da1ff73619fe7f20aa78d51fb7da61a950abc5683353d559b1bfb8f7f086aae978684c0f75dd29d3d327c6be3","ssdeep":"","tlshash":"15c00020e80000808880083020a2020020200208c8008008000a0200280308a2220080","size":159,"data":"","first_seen":"2023-05-26T18:24:13Z","last_seen":"2026-03-28T10:20:45.505147Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/web007","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"06d065fd71463aa3f716b82c7497b9c8","sha1":"b243c2aa45ba03374359955618d39aae2b4f475f","sha256":"4f5c481f9cab12206692effaa1650c2a74a0e4911bd99c261745d7f68f7b7d22","sha512":"1ab015afb2bd824758fb69b33a26c62979b9e83da1ff73619fe7f20aa78d51fb7da61a950abc5683353d559b1bfb8f7f086aae978684c0f75dd29d3d327c6be3","ssdeep":"","tlshash":"15c00020e80000808880083020a2020020200208c8008008000a0200280308a2220080","size":159,"data":"","first_seen":"2023-05-26T18:24:13Z","last_seen":"2026-03-28T10:20:45.505147Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","fqdn":"www.nikke-eu.com","domain":"nikke-eu.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"fee1eea3ffdaa1bb5336f6db6e416dcd","sha1":"4d02cf96443ad1b9eec85008722550f7c7ceec47","sha256":"a34a7f5f6262dd5e1596fd0e9ff63b4cd1447351897f459cacb717e890faa181","sha512":"067605d8fad29095fcf77c0c674519cb9f296f6ead900c5266cd7bf63136ad8d77e7a1359385c60725fd264ef69cf2afd7e8d431414e1131aef27f891d34ae2e","ssdeep":"","tlshash":"79e068bffaa625b2517b70f46b4fa60c022b50332147cd203f6dca812f5081894e0e6f","size":407,"data":"","first_seen":"2024-12-27T16:14:47.872873Z","last_seen":"2026-03-05T07:34:47.233434Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.nikke-eu.com/act/wand/pc-download/polyfill.min.js","fqdn":"www.nikke-eu.com","domain":"nikke-eu.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"3d8c77c2575405a216edcfdc3c21f762","sha1":"3397e0e007482247c4823db5b8214992908500eb","sha256":"b8e664e9e3b9f15db265d8e0e33fb3271c9a95154f2e8f92e8597f2c100dc90b","sha512":"e3ab7213c0b2625a1dad341a5a2f6c545b278a408565821151075c0669773f93b3703a83720a16213607240abd494b99f54acc3cef87cefafb92aa50a5a6f1ab","ssdeep":"1536:42c6fpV0OcdY5h9R5B0BK68p6pRnhqq/8xotQlGW/8NeUSp:4K/0OcG5HBLms48xSQoQf5p","tlshash":"8e9373ccf6c1b09602a37275423f900bb2b7669a711f9940d26bd5e1ad7894fc13be2d","size":93881,"data":"","first_seen":"2024-12-27T16:14:47.761919Z","last_seen":"2026-03-05T07:34:47.217934Z","times_seen":55,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bat.bing.com/bat.js","fqdn":"bat.bing.com","domain":"bing.com","tld":"com"},"ip":{"addr":"150.171.27.10","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"859fe5e4db9e938c0a967b43c678b80d","sha1":"d22c30b0c9a1dcabfed056470e309baad68804e7","sha256":"59d26c74a8a4d20005cb0a2ea23f9db944af214390b409e69734ada61cfbef79","sha512":"035dc73f195d7750556c1448e726d2f2f880ee97142c8869f825423b589b3a59ec9f4f051ddc4e8d617553be131bf82d8a41fe46bd78571714b99ce834cb5468","ssdeep":"768:YcMOThic7/DNIh+Qm3mT1OoLQBDjf6yPGV/Oj7hu23:TMOTkc7h/3ULMjf6yPGhur","tlshash":"b3330a4333509a7645f9419c786a2903a336570e30be70ac7a8cf8e6945de4b7237b7a","size":53955,"data":"","first_seen":"2025-11-10T21:29:14.74734Z","last_seen":"2026-03-29T03:29:44.520952Z","times_seen":13625,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/assets/bootstrap/js/bootstrap.min.js","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1ae0e64754a542cbea996dec63c326fd","sha1":"e2ddfe5a574c29f39b511aada1bd85e0ba60fa70","sha256":"6447e59227786bcda7ad58ef045540cba328e5ec0e5ddbd88b4f57122feaf926","sha512":"822551519f11dd4fa2ad96d08677da68cb0ad45a39ea0b4dea51995b603953b8f85e71a06bbaeba85ee298ee5702eaaaffbfef9c94a615f4eaac4b2e395862cf","ssdeep":"768:K8lBD27UwlNBMl9/qahC2+jS1g8ep0skCXFXflc7Gf3Z1RQ:Be78+S1Klvl13ZrQ","tlshash":"19f29606b23031a107efb1e5515b020b7239696ee90690bc78b9dae53db9c48717bf3d","size":35957,"data":"","first_seen":"2023-03-07T01:07:33Z","last_seen":"2026-04-04T02:50:04.534183Z","times_seen":1735,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.popin.cc/ads/29824.js","fqdn":"api.popin.cc","domain":"popin.cc","tld":"cc"},"ip":{"addr":"119.63.193.220","port":443,"asn":38627,"as":"Baidu, Inc.","country":"Japan","country_code":"JP"},"introduction_type":"scriptElement","is_inline":false,"md5":"19b95068d58c857137d39b525bbdcaa7","sha1":"c74c4e48977080fe5c7a00231316d08a13d6542f","sha256":"dfe030d4d904eacd09848adf7299126104bc4a42bca5986ecd14429eb5f7c042","sha512":"6596e2992cf7304e37244da09cf446613016426fb0556310a7ea826c593a2372750d17352f6409b264957d99d591b36c572818e182dd8104dbbaf55f1382e1dc","ssdeep":"","tlshash":"a31112f3b8558d7b027d69f8603fd42c24e53ce51384e824ca25c41a6ad4d0400a5b94","size":1020,"data":"","first_seen":"2024-12-27T16:14:47.786349Z","last_seen":"2025-12-16T18:53:16.554566Z","times_seen":38,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/web007","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"06d065fd71463aa3f716b82c7497b9c8","sha1":"b243c2aa45ba03374359955618d39aae2b4f475f","sha256":"4f5c481f9cab12206692effaa1650c2a74a0e4911bd99c261745d7f68f7b7d22","sha512":"1ab015afb2bd824758fb69b33a26c62979b9e83da1ff73619fe7f20aa78d51fb7da61a950abc5683353d559b1bfb8f7f086aae978684c0f75dd29d3d327c6be3","ssdeep":"","tlshash":"15c00020e80000808880083020a2020020200208c8008008000a0200280308a2220080","size":159,"data":"","first_seen":"2023-05-26T18:24:13Z","last_seen":"2026-03-28T10:20:45.505147Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn-apac.onetrust.com/scripttemplates/202409.2.0/otBannerSdk.js","fqdn":"cdn-apac.onetrust.com","domain":"onetrust.com","tld":"com"},"ip":{"addr":"104.18.32.137","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"69bd14c7ec0bb23da2dfa38cc1a940aa","sha1":"ea33f2da4a5d389fd07b4162b21b867f6cd3000b","sha256":"d20357455b511ce933ce8d435007781a67ad2c01453af9b88f79e57e14476add","sha512":"d8d49b051ba4fdcca1cc0b72c67dc0e4e88b242024f60f0282e314516d99429121f36bace74594a852fe0e64e0903c7f4119b9f6ebdd5da8e4021f488bef1ae4","ssdeep":"6144:qIfzrfx/KzE7q/s0jvzW2AHCfdIiubTxfPvqAo96V/7jeF:qufx/KzE7q/orTx4961Y","tlshash":"dfa4088d75a0753547e752b8c02b114aba3574adac95806cb40cc5f90ff9f821aa3fbb","size":472088,"data":"","first_seen":"2024-11-28T10:15:36.955915Z","last_seen":"2026-04-04T01:01:39.178912Z","times_seen":1470,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"asset.popin.cc/js/h/val.html?postM=1\u0026trackingid=","fqdn":"asset.popin.cc","domain":"popin.cc","tld":"cc"},"ip":{"addr":"34.117.195.210","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"4216ef1d25a1bc8ff78d9971012320ac","sha1":"cf4f6b0a6cfb93046107230486e4effd0b0cbfc9","sha256":"ff2a3a0f963915471cf63f64d07bbe8242a6117bfd1fb9be285e5c9170d7bd4e","sha512":"6845165856f18d9eb6a2df7b4dd654f4a7f0d8ac1fc51a2c684f03054fe30dfefa8e30bbecd2c9cb520a25b9ea40b49e3fe357e9c3a263f8cf4e41e02aa72b8e","ssdeep":"192:1q5aFuCVFyLZ/CM5zRUoEb1rqOz8Cz0F9MeEQHpQYk:JFyFlEb15z8Cz0vEQHpe","tlshash":"c622dbeb32c5756663a2019d583f3207b32d4c9fa4dc6980ea15e4d03a78adb4337f66","size":10420,"data":"","first_seen":"2024-12-02T15:40:32.603544Z","last_seen":"2026-04-04T05:06:44.895544Z","times_seen":4884,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"st.chatango.com/h5/gz/r1102251136/id.html","fqdn":"st.chatango.com","domain":"chatango.com","tld":"com"},"ip":{"addr":"208.93.230.18","port":443,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"19720c164d56f7e7dfe6748e376f868e","sha1":"0387db7b6a453b71114985d199838b7a3928c76b","sha256":"56e50d855741d508ab6465d3860ef0ad117ab967993b9111caeaec90f64e912b","sha512":"92c957c0af072acc16b029e12b727004dc62c1e88297a9710cb90584299c0158b9033b8d31a44e234488940489c8695dd372cdda93ed83b1dfd062542496a252","ssdeep":"","tlshash":"b07000080000802800228200002ab2a028220008200220020888800080a0800208ac02","size":19,"data":"","first_seen":"2023-03-07T01:18:54Z","last_seen":"2026-04-04T04:49:50.17449Z","times_seen":1919,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/web007","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"06d065fd71463aa3f716b82c7497b9c8","sha1":"b243c2aa45ba03374359955618d39aae2b4f475f","sha256":"4f5c481f9cab12206692effaa1650c2a74a0e4911bd99c261745d7f68f7b7d22","sha512":"1ab015afb2bd824758fb69b33a26c62979b9e83da1ff73619fe7f20aa78d51fb7da61a950abc5683353d559b1bfb8f7f086aae978684c0f75dd29d3d327c6be3","ssdeep":"","tlshash":"15c00020e80000808880083020a2020020200208c8008008000a0200280308a2220080","size":159,"data":"","first_seen":"2023-05-26T18:24:13Z","last_seen":"2026-03-28T10:20:45.505147Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/sandbox%20eval%20code","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"","is_inline":false,"md5":"92b651082ce234f66bb544e678befda3","sha1":"14c21c55ddce43b6f677caadf51d4ab98c6a3df8","sha256":"25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded","sha512":"b4fcbc037e0a3d91db2a624921e96b878e9e18dd998ad5649d77d7d053faf28b09c8725a0542aef702310bf85f3037b70985c274db8acabd021efb171d41f361","ssdeep":"","tlshash":"34c08ca3e74026ae2a1166b2b810e003a2866b015aa78402b00a003b1441fe21aaa1a8","size":147,"data":"","first_seen":"2023-04-11T21:07:53Z","last_seen":"2026-04-04T06:44:25.096104Z","times_seen":771129,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"st.chatango.com/h5/gz/r1102251136/id.html","fqdn":"st.chatango.com","domain":"chatango.com","tld":"com"},"ip":{"addr":"208.93.230.18","port":443,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"3243c0841916ec8412445cf28dc213e1","sha1":"e03e2b55026c2d5a48478b494038ac237a570356","sha256":"43809cbb40cf2c409373635a089746ebaf238092ec2dd2c0880e5ff57b729f99","sha512":"a0d730bbc3c90f7292f18725f4de9b9570dcd6ecfa9992120eab10a07bf7c5d40162892477221c2c1ce534912e5936b9733f9d1f26c0d5b3b2fcd6dec2b4c52a","ssdeep":"","tlshash":"e651d95cd27b48ab69253c6027249f1f8f84ccd3b742d05eaade0dcc305ea47b588931","size":2817,"data":"","first_seen":"2023-03-07T01:18:53Z","last_seen":"2026-04-04T04:49:50.123628Z","times_seen":1423,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","fqdn":"www.nikke-eu.com","domain":"nikke-eu.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"dbac04ee10defe0498f20da258d1743e","sha1":"3045de94e7cfe17054f7c44fa72c8050647d026d","sha256":"875ded069b0e0b90bb875be42ffa6ec74d88283f0445bb802f7f2be055bcce0b","sha512":"bb7782f6e62acda7c1f5bb3af8bf184e1a98bd6d0dec9c63a8b1876b538eb4839b5ff6647f45b5c627ecece13bad001cdb67584efcbae98ff5951738c6a27394","ssdeep":"768:wRFbCAChfdxOX6cS+yrEKv08E9yKWu8lyeC3BpFNykcySIHpq:JKKs8Eetye8FNy/Sc","tlshash":"ce231a9cb2a251b241a754e5643f450bf27029232c17a5acfa75c4eaa8fcfd5a073f34","size":46073,"data":"","first_seen":"2025-11-05T17:06:59.844829Z","last_seen":"2025-11-18T21:11:18.756921Z","times_seen":26,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","fqdn":"www.nikke-eu.com","domain":"nikke-eu.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"d6aa7405bc1a08802437a5bca2d56755","sha1":"b200f8b8b3d2996017579ca15ba68d6418a71d9f","sha256":"2ede0eaf9af85434cddfae05a329ac84401bc708dbf9e4c981af1f73b9fc3e36","sha512":"a4f7dbcc04cb2a0c9301063bc870da24f961e4e08f5b724aed80183c9b028b90eab0fb66e8403603ba956b46cf3137fb2c815200edb1f0ed6dbfa2ca1f3ac20a","ssdeep":"","tlshash":"20d0954e6c014730534404d591b7c30cb0e7309f5914c451d0c5c444795cfa54415b9d","size":250,"data":"","first_seen":"2024-12-27T16:14:47.865615Z","last_seen":"2025-11-18T21:11:18.763394Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/web007","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"06d065fd71463aa3f716b82c7497b9c8","sha1":"b243c2aa45ba03374359955618d39aae2b4f475f","sha256":"4f5c481f9cab12206692effaa1650c2a74a0e4911bd99c261745d7f68f7b7d22","sha512":"1ab015afb2bd824758fb69b33a26c62979b9e83da1ff73619fe7f20aa78d51fb7da61a950abc5683353d559b1bfb8f7f086aae978684c0f75dd29d3d327c6be3","ssdeep":"","tlshash":"15c00020e80000808880083020a2020020200208c8008008000a0200280308a2220080","size":159,"data":"","first_seen":"2023-05-26T18:24:13Z","last_seen":"2026-03-28T10:20:45.505147Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/web007","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"06d065fd71463aa3f716b82c7497b9c8","sha1":"b243c2aa45ba03374359955618d39aae2b4f475f","sha256":"4f5c481f9cab12206692effaa1650c2a74a0e4911bd99c261745d7f68f7b7d22","sha512":"1ab015afb2bd824758fb69b33a26c62979b9e83da1ff73619fe7f20aa78d51fb7da61a950abc5683353d559b1bfb8f7f086aae978684c0f75dd29d3d327c6be3","ssdeep":"","tlshash":"15c00020e80000808880083020a2020020200208c8008008000a0200280308a2220080","size":159,"data":"","first_seen":"2023-05-26T18:24:13Z","last_seen":"2026-03-28T10:20:45.505147Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.nikke-eu.com/act/wand/pc-download/assets/index.14836b81.js","fqdn":"www.nikke-eu.com","domain":"nikke-eu.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"85a1b41f071122e522c77e3bc61cdf1d","sha1":"f71bd9c3cfe35ad899ea567b3958988999dde0fd","sha256":"7e638fa5b2e258250008388c25a21b3c9c2c8f2967164cd300e668c6d32a2bce","sha512":"9df77f95b3ef76ed7a9d5137440eb830288c4440e5529dc24b7d5104ae28a12b04535fbc438831207805c0f3c3385b81a179d369aea2d3fa3c0a7edd1678beeb","ssdeep":"12288:GsYk+vuR85ueVMmBd9Sx5y9CVX2jII9RiQZivyeuzTX8oX7MbnmyFW84e4rP+66J:GsYk+vu+Xpk5yMVX2jII9RhZm67HX7Mh","tlshash":"a2b48df73500f75a42ca7001403e391549e8dd6fb37a18eaa6e649965ff8ad38f2b701","size":494514,"data":"","first_seen":"2025-11-06T11:00:44.099193Z","last_seen":"2025-11-18T23:33:55.783713Z","times_seen":33,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.popin.cc/td_js_sdk_171.js","fqdn":"api.popin.cc","domain":"popin.cc","tld":"cc"},"ip":{"addr":"119.63.193.220","port":443,"asn":38627,"as":"Baidu, Inc.","country":"Japan","country_code":"JP"},"introduction_type":"scriptElement","is_inline":false,"md5":"407bff8fef2ee540c10553635a3eb41b","sha1":"e9bf07b0b86385d633e8be06d58c75807d652127","sha256":"906b6bddd2ef3b6d40c60673e5626b2195e21f44bba44042553be4de34c69f89","sha512":"31396162023c434ef7ed676bf7eeeb73bc2472c9d78526719ebf7efc5ea125f09506f898997f5535665059cda7c46a03b94b9f55fbaf8eb8af9f5697fc6d985d","ssdeep":"768:XIC4FsqrMdFUGCRqxAM+J5hJdGxP6C0QE1d8/r3RdtuZqSqKm9bEABMeMif:H6rMKaC31W/TRdtTSqKfJ4f","tlshash":"4373204abae27530e203f139866fd808b275a45b199ded49394cd2a44f2543c87f9fec","size":77192,"data":"","first_seen":"2025-06-16T05:04:06.65767Z","last_seen":"2026-04-04T04:32:38.954572Z","times_seen":149,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gizokraijaw.net/401/9283842","fqdn":"gizokraijaw.net","domain":"gizokraijaw.net","tld":"net"},"ip":{"addr":"104.21.65.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"72e30197d438a8b689ab782906b39482","sha1":"817edade0c5c1507e2c336e3d08ca05fc2a93568","sha256":"95e87ce31ad943569bba49871050e50cc6a2d72134a042724e1767f59422b020","sha512":"3d9e8575a3dfe55261ff991f4a6c882c535067d52e5d223d245280d5eb0a3f873fee5a067e2d9d0fb7cbe52ea69ed94ce9a05449b61362740270a6bd836810d2","ssdeep":"3072:721zSqHyUv9114rTN9kSq8y2u+zoCeTSD1rgNy3edy6/2DUa8S443V0EFICtLHh/:mgnzkSGSzNeTSAXI6/2DUaYIVjIELBiw","tlshash":"7af3d788b292b1551d72a134322f824eb5dfab605c4e4a80d19be1b27f3706ed377dd8","size":170781,"data":"","first_seen":"2025-11-14T14:20:58.248512Z","last_seen":"2025-11-18T09:44:57.092465Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/web007","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"06d065fd71463aa3f716b82c7497b9c8","sha1":"b243c2aa45ba03374359955618d39aae2b4f475f","sha256":"4f5c481f9cab12206692effaa1650c2a74a0e4911bd99c261745d7f68f7b7d22","sha512":"1ab015afb2bd824758fb69b33a26c62979b9e83da1ff73619fe7f20aa78d51fb7da61a950abc5683353d559b1bfb8f7f086aae978684c0f75dd29d3d327c6be3","ssdeep":"","tlshash":"15c00020e80000808880083020a2020020200208c8008008000a0200280308a2220080","size":159,"data":"","first_seen":"2023-05-26T18:24:13Z","last_seen":"2026-03-28T10:20:45.505147Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","fqdn":"www.nikke-eu.com","domain":"nikke-eu.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"23252a8ae70290db78d51dd60166edf2","sha1":"1cd47bf1923010c9c5e88bf1d8d7bf2236b52743","sha256":"a6a2f72c0a698bd470b68d9b449a0616c39e5b4bd2a44af526b5996a25a3cc64","sha512":"f3c31c6ff4ab66af3d25c13df08157b7a528e91d2b6b058e8688e507b2d6f456460c49ea093f2b785a8c63a441de8107515e99c79ac13439bed0b978c0b7fa77","ssdeep":"","tlshash":"34e0ab697d1d7406828594284fafe925726b70941803c99a8a8fcc901d3db17001fedf","size":427,"data":"","first_seen":"2024-05-01T09:38:52Z","last_seen":"2026-03-05T07:34:47.226237Z","times_seen":43,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-PNH3M7B","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"513b14ad615d16b65b459f728ae56605","sha1":"ba4e3ec813cc4bf76fa5810d1fe5f90c66dcf453","sha256":"efc550e79a19bd831d55bae7ae035be3dd3b0b8c91875a3365ecd1fa166276b2","sha512":"088c2e1b3c5986143087d4cf9102c6d715ad7349699fd0b6412ef5124bcee7b4fea49ec31960ac722d5ee39b281d27bc3938799f5b7533da1a7383453798c8df","ssdeep":"6144:I2CoRC8hsjtxj34Jbc2sUOJdR+rVm+QZWHYN0bk:I2dR/hytVCbhsYQZWS","tlshash":"f89419ceb3d6746683d2b478403f018ba57b68a2b44cd895f1cacde52e7069a0163f7d","size":435322,"data":"","first_seen":"2025-11-15T22:46:29.017707Z","last_seen":"2025-11-16T05:32:51.382196Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","fqdn":"www.nikke-eu.com","domain":"nikke-eu.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"da7a12130bde9e4d9542df349bbd1751","sha1":"c5d154077833dd12d190460a9354547358ca5fb9","sha256":"e9c1ed27a5a4efc3cba4f50c28769cc1d97514e2eda696ad447b760ffc7fa762","sha512":"480b20225f34d333c1706364906b861d865ae7ae28ffa790caaa36175860b5b586614815924ae047b177b4f93bacff982b7e7f1fb9aa8cd88a9a0209bd38f2e9","ssdeep":"96:RfaToiQyEdCJrxu4EsiArEKje6il+z7hi6J7sr/:RfaToiQyEdCJ9u4EJoe6ikz7hi6J7sr/","tlshash":"2e91336d14fbb0120693b4e8274f5248b13550177c0de8867aac4b647f9eaad81f3eed","size":4409,"data":"","first_seen":"2025-11-05T17:06:59.851071Z","last_seen":"2025-11-18T21:11:18.757487Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"asset.popin.cc/js/pixel.js","fqdn":"asset.popin.cc","domain":"popin.cc","tld":"cc"},"ip":{"addr":"34.117.195.210","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b449d51591c3b7c347fb1ad6f13bb560","sha1":"534c07e06ffaa6b9449621d7678c352f7acbd3a5","sha256":"d1a09ffb2200db959fff955a99895b70eb8fe299236b492a3f2e49415be66028","sha512":"9e0e1ac6b5c2e4f62b9e221a163ca1c47d9af61d0c9db513aeb9de90ed5e1399f38524fe0d8a2367177eb9ae9a1ad752e265db6c17ec84f52b4162286431a45c","ssdeep":"1536:rvE4AHciD3Vid+nmdOHurUFt870wpKKmbnzFLVGtLyHXAcEUB3cB2Cvg:aV30xdEwvmbnzFLAEHXdIjvg","tlshash":"1aa318c0af40f16893512033172f6036d80e4ec955e9999cfa2af948ffe8f8465f59b5","size":106519,"data":"","first_seen":"2025-08-15T21:32:22.881191Z","last_seen":"2026-03-07T20:52:20.917557Z","times_seen":85,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/web007","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"06d065fd71463aa3f716b82c7497b9c8","sha1":"b243c2aa45ba03374359955618d39aae2b4f475f","sha256":"4f5c481f9cab12206692effaa1650c2a74a0e4911bd99c261745d7f68f7b7d22","sha512":"1ab015afb2bd824758fb69b33a26c62979b9e83da1ff73619fe7f20aa78d51fb7da61a950abc5683353d559b1bfb8f7f086aae978684c0f75dd29d3d327c6be3","ssdeep":"","tlshash":"15c00020e80000808880083020a2020020200208c8008008000a0200280308a2220080","size":159,"data":"","first_seen":"2023-05-26T18:24:13Z","last_seen":"2026-03-28T10:20:45.505147Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/web007","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"06d065fd71463aa3f716b82c7497b9c8","sha1":"b243c2aa45ba03374359955618d39aae2b4f475f","sha256":"4f5c481f9cab12206692effaa1650c2a74a0e4911bd99c261745d7f68f7b7d22","sha512":"1ab015afb2bd824758fb69b33a26c62979b9e83da1ff73619fe7f20aa78d51fb7da61a950abc5683353d559b1bfb8f7f086aae978684c0f75dd29d3d327c6be3","ssdeep":"","tlshash":"15c00020e80000808880083020a2020020200208c8008008000a0200280308a2220080","size":159,"data":"","first_seen":"2023-05-26T18:24:13Z","last_seen":"2026-03-28T10:20:45.505147Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/web007","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"06d065fd71463aa3f716b82c7497b9c8","sha1":"b243c2aa45ba03374359955618d39aae2b4f475f","sha256":"4f5c481f9cab12206692effaa1650c2a74a0e4911bd99c261745d7f68f7b7d22","sha512":"1ab015afb2bd824758fb69b33a26c62979b9e83da1ff73619fe7f20aa78d51fb7da61a950abc5683353d559b1bfb8f7f086aae978684c0f75dd29d3d327c6be3","ssdeep":"","tlshash":"15c00020e80000808880083020a2020020200208c8008008000a0200280308a2220080","size":159,"data":"","first_seen":"2023-05-26T18:24:13Z","last_seen":"2026-03-28T10:20:45.505147Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/web007","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"786fec19a7e7b279427d45b29bb212ac","sha1":"3d80741b5b2933f5bd9e5a8b2a2734a51781af0f","sha256":"6dfd8a7c14a3d8c1d1db90835bb390432f33d2565fdeef6b1fd2aed0bd0a4f6b","sha512":"62ec1b8f9c32bae4e11ece194b00996781bf9fa9c403770f4f1e84278ad2d39ccfdeb653736f3544dcff53cda57061dd2335d79a9e42090d642493862ecf7336","ssdeep":"","tlshash":"0cd02b01f39d7700d3bc307dc209a98aca7deea530001e26e1884c0c0991d23117ec58","size":280,"data":"","first_seen":"2023-03-10T13:57:31Z","last_seen":"2026-03-28T10:20:45.51725Z","times_seen":30,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/web007","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"06d065fd71463aa3f716b82c7497b9c8","sha1":"b243c2aa45ba03374359955618d39aae2b4f475f","sha256":"4f5c481f9cab12206692effaa1650c2a74a0e4911bd99c261745d7f68f7b7d22","sha512":"1ab015afb2bd824758fb69b33a26c62979b9e83da1ff73619fe7f20aa78d51fb7da61a950abc5683353d559b1bfb8f7f086aae978684c0f75dd29d3d327c6be3","ssdeep":"","tlshash":"15c00020e80000808880083020a2020020200208c8008008000a0200280308a2220080","size":159,"data":"","first_seen":"2023-05-26T18:24:13Z","last_seen":"2026-03-28T10:20:45.505147Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"f193e0d87917cb8866ef6464c5096c6a","sha1":"4079660c5cb79f6ca8c132a347a3c80022abe2cb","sha256":"0c62c11e910d7c0d6b6c9800b70e78bfd9220e1f78bd7bb34ae4c3646d05f6e5","sha512":"ee98cb5bb787529da36b2031d0aa1c850fd830e863d6ace46a5e7d457a9c5ad22f9071a06269d99750165f424bea3be78387acc222ebddf1d5769824f2d4d4ba","ssdeep":"","tlshash":"026000300000000cf03003c0000300cc0000c30000000000000030000000003c0030cc","size":13,"data":"","first_seen":"2023-03-07T23:33:47Z","last_seen":"2026-04-04T04:39:06.371514Z","times_seen":2353,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"https","addr":"s.yimg.jp/images/listing/tool/cv/ytag.js","fqdn":"s.yimg.jp","domain":"yimg.jp","tld":"jp"},"ip":{"addr":"182.22.24.124","port":443,"asn":23816,"as":"Yahoo Japan Corporation","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:18.687Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"edge01.yahoo.co.jp","organization":"LY Corporation"},"issuer":{"commonName":"Cybertrust Japan SureServer CA G4","organization":"Cybertrust Japan Co., Ltd."},"validity":{"start":"Wed, 05 Nov 2025 11:06:13 GMT","end":"Fri, 04 Dec 2026 14:59:00 GMT"},"fingerprint":{"sha1":"39:9C:92:CC:72:2E:19:D5:03:C3:C9:ED:58:7E:03:30:41:19:64:F6","sha256":"E6:94:9F:F0:FE:BC:51:88:C0:DE:5B:52:8D:0D:47:40:36:C1:39:90:4E:EA:BF:A5:D2:D3:B8:D3:8E:5E:32:1A"}}},"request":{"raw":"GET /images/listing/tool/cv/ytag.js HTTP/1.1\r\nHost: s.yimg.jp\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Sun, 16 Nov 2025 05:28:58 GMT\r\nvary: Accept-Encoding\r\nx-ntap-sg-trace-id: ec02aa31167fb32d\r\nlast-modified: Tue, 12 Aug 2025 07:13:41 GMT\r\ncache-control: public, max-age=600\r\ncontent-encoding: gzip\r\naccept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch\r\npermissions-policy: ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*\r\nage: 201\r\ncontent-length: 11750\r\nx-z-chihaya: r=1\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":36474,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (36474), with no line terminators","md5":"6bd80e05b34f524111fbb909416b5485","sha1":"c02bab0b478bef5accf6a8d7514d0f5eff37abbe","sha256":"23df58fb91f796994ef46853792d12420a90cc32dad71ce447621fe86eb1c187","sha512":"17f3578e50879d0f4c4412d2b09460fec83c718022f0b703d5cf2410994a910878fba2662b7acfabefa07c2afa251fcd820601f0831147ac9a989c2d42b25eb7","ssdeep":"768:YQI3sAbsMTnNs8DGXepEMYRgoiaVeo1b31fv1nKbOr3OKZxf8gYynJfXojWbHbgU:qbG5Xjxz9SVY4K","tlshash":"5df20a5131d6e01a83d545d9197a1220e3789a04388ec8c4f73e5cab6e26f47c6b3fbe","first_seen":"2025-08-12T09:39:18.626113Z","last_seen":"2025-11-25T00:00:16.053172Z","times_seen":10148,"resource_available":true,"data":null}},"time_used":2014,"timings":{"blocked":847,"dns":258,"connect":290,"send":0,"wait":309,"receive":7,"ssl":299},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.nikke-eu.com/act/wand/pc-download/locales/merged/locales_1761909514536_0.js","fqdn":"www.nikke-eu.com","domain":"nikke-eu.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:18.756Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"nikke-eu.com","organization":"PROXIMA BETA PTE. LIMITED"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 17 Feb 2025 00:00:00 GMT","end":"Wed, 18 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4E:FB:88:CA:40:A1:31:87:4F:97:97:6A:22:B0:FF:2E:E1:05:F8:34","sha256":"28:C3:99:73:D6:D0:D3:D2:B1:57:C9:C7:66:61:2B:DF:2A:BE:F0:2F:14:6A:2E:77:E8:42:65:3C:DA:8A:EE:C0"}}},"request":{"raw":"GET /act/wand/pc-download/locales/merged/locales_1761909514536_0.js HTTP/1.1\r\nHost: www.nikke-eu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/act/wand/pc-download/assets/index.d154e7f6.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 31 Oct 2025 11:19:03 GMT\r\nContent-Encoding: gzip\r\nEtag: \"6b14e4ae099d8f627ecb3429091c6abe\"\r\nContent-Type: application/javascript\r\nDate: Fri, 31 Oct 2025 11:19:51 GMT\r\nServer: tencent-cos\r\nx-cos-hash-crc64ecma: 559656335899662567\r\nx-cos-request-id: NjkwNDliNTdfOTllZjc4MGJfMTQ1XzFkNjUwYjZk\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-trace-id: OGVmYzZiMmQzYjA2OWNhODk0NTRkMTBiOWVmMDAxODc0OWRkZjk0ZDM1NmI1M2E2MTRlY2MzZDhmNmI5MWI1OWE4OGMxZjNjY2JiNTBmMTVmMWY1MzAzYzkyZGQ2ZWM4MzZkMTZiZDQxYTg4MzRiMzIwYzRkYTRjMWFkNDM3YjQ=\r\nx-cosindex-replication-status: Complete\r\nContent-Length: 26947\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 6141029749943550414\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":94153,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (63041), with no line terminators","md5":"6b14e4ae099d8f627ecb3429091c6abe","sha1":"8b3c8a5e349cac8ddb64ff459cac9fbd9d7bba83","sha256":"2d443dea969679002899ea98ddca8c03090a16a48ba38e76fffb0fe30e0a392e","sha512":"3669837a3ff82611cfd7ff77f4804763ef625cf174c724e6460ce63dfc9964c2296a14015355f2e2fcb692e081b49586659eec4a51696785a605bff8ac2ef504","ssdeep":"1536:lTdD9WY3z1eabvOG3iLGB7U4zvZKVs7GM6GjlMS+B4RMnPgw9D3:lhD9WY3zcabvt3wGFU4vJGC5WBgw9z","tlshash":"7793b6ae17cb193f56510bd41e27bc94a9fe389784eda1c5e1805f8ee4a4a7fcf80118","first_seen":"2025-11-05T17:06:59.826692Z","last_seen":"2025-11-18T23:33:55.844908Z","times_seen":37,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/assets/uploads/channels/21.jpg","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.crichd.vip/web007","date":"2025-11-16T05:32:11.609Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crichd.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:56:14 GMT","end":"Thu, 05 Feb 2026 05:53:57 GMT"},"fingerprint":{"sha1":"40:25:3E:9A:40:8E:95:C7:E1:D7:E0:E5:03:BD:16:64:DB:44:2E:46","sha256":"35:43:E1:EF:96:B6:B2:9D:09:40:04:F9:0B:26:FE:53:B4:89:D6:E1:4D:6E:4F:3C:5E:59:6B:8F:07:CA:23:1D"}}},"request":{"raw":"GET /assets/uploads/channels/21.jpg HTTP/1.1\r\nHost: m.crichd.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.crichd.vip/web007\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 05:32:11 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Thu, 15 Feb 2018 12:03:21 GMT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2xKiGeiLHtQSirN8NAlEJ942691IZSjuPdPtcKhP69WCtYlIZtklFT767xU%2B%2BEdNL6Buje0g6lNHNIpF9K3mb8rB%2B6BbIlG1ybM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: \"5a857709-12e4\"\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 1961\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: 99f49b3c18d856c7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4836,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 298x120, components 3","md5":"99324c80b1a791ffaa2e2e276459d5a7","sha1":"cd8f6c7df5c622b89d32c9f4089fa1b69fbd4b0a","sha256":"209fade9b64906eb4864a7954a9e2d97d4c236aef2dff6ea4d8b0159c7212ab2","sha512":"e2838129aee7cff7c62209af294f98421680cdfebfb90b04b1f788c95eddb31b4a5d227e9087fddc00f525d7387cded2f077fd9b442b6ea69f10815f57e59e1f","ssdeep":"96:YdQR59uESZQsMEwWm3gkaZ8vE9noxWLz7snixdU1e3MLG4BGbbR:wMrhVs23vfMLz7V6LqkGbbR","tlshash":"0aa16c12202d864bc3dc9171af5860375249e821e1cc171838f115b65f1fbf8aaede5f","first_seen":"2023-05-26T18:24:14Z","last_seen":"2026-02-08T14:16:08.293807Z","times_seen":29,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/assets/images/live.gif","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.crichd.vip/web007","date":"2025-11-16T05:32:11.622Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crichd.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:56:14 GMT","end":"Thu, 05 Feb 2026 05:53:57 GMT"},"fingerprint":{"sha1":"40:25:3E:9A:40:8E:95:C7:E1:D7:E0:E5:03:BD:16:64:DB:44:2E:46","sha256":"35:43:E1:EF:96:B6:B2:9D:09:40:04:F9:0B:26:FE:53:B4:89:D6:E1:4D:6E:4F:3C:5E:59:6B:8F:07:CA:23:1D"}}},"request":{"raw":"GET /assets/images/live.gif HTTP/1.1\r\nHost: m.crichd.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.crichd.vip/web007\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 05:32:11 GMT\r\ncontent-type: image/gif\r\nlast-modified: Mon, 13 Feb 2017 20:33:39 GMT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3CyD82ypuKNcBQZJQ9cSWgKIMjeFFencwZy4QaeuqpqJvlbGoV7Hjlz%2F2xjlT5owbVDKezbzzbE0QMWYKo%2FCI7XLhb45NSsxPlQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: \"58a21823-42b\"\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 1961\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: 99f49b3c18dd56c7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1067,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 16 x 14","md5":"262c1cf78551b9b1dc1e6e60cd87ce4d","sha1":"b2564a4c75ccd45f12e3d235732fdc7f62776d92","sha256":"1df7dbcc88078e1e3a41b4f5035f0784d3ce337d95f0d6542c39d8f1d4de1a11","sha512":"02dcaa23ecd11f7aa2f62b66bd0fb5b46ffe9a0d7c886cf23e52e85030419f24b9495e9c731e8e0fdaebc9bcb60e4184b0db8905f8c3eb90411fcc74f03a2971","ssdeep":"","tlshash":"74114462e0e47135ebd188b1901ee6095995cd21166dd6660e2fbc7cacc00fef6ac5c5","first_seen":"2023-05-14T01:26:08Z","last_seen":"2026-03-28T10:20:45.49895Z","times_seen":62,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/lato/v25/S6uyw4BMUTPHjx4wXg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://m.crichd.vip/web007","date":"2025-11-16T05:32:11.887Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:04 GMT","end":"Mon, 19 Jan 2026 08:35:03 GMT"},"fingerprint":{"sha1":"4A:97:40:A8:11:17:BA:08:56:28:6E:0B:93:8B:64:13:1D:67:D4:2A","sha256":"A2:0A:13:FD:98:22:74:26:3F:C1:44:5C:92:27:22:17:A8:65:07:40:50:F9:14:02:11:E4:87:7F:C5:D2:F1:42"}}},"request":{"raw":"GET /s/lato/v25/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://m.crichd.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 23580\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 12 Nov 2025 00:02:04 GMT\r\nexpires: Thu, 12 Nov 2026 00:02:04 GMT\r\ncache-control: public, max-age=31536000\r\nage: 365408\r\nlast-modified: Mon, 15 Sep 2025 17:09:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23580,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 23580, version 1.0","md5":"e1b3b5908c9cf23dfb2b9c52b9a023ab","sha1":"fcd4136085f2a03481d9958cc6793a5ed98e714c","sha256":"918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537","sha512":"b2da7ef768385707afed62ca1f178efc6aa14519762e3f270129b3afee4d3782cb991e6fa66b3b08a2f81ff7caba0b4c34c726d952198b2ac4a784b36eb2a828","ssdeep":"384:dRkIAJ8pVwWTW5VVjdVn8+2yvAMdriCEOY0kfW9GkAPqpPHi2vUuUSzB8:dKIAJ8pVHTZ+riY9oCpPHiodUeK","tlshash":"91b2e1ce5d546e3a8028213785c17b488273572e9edf42c6dd83a6263a7092cfd3d96e","first_seen":"2023-04-05T13:28:45Z","last_seen":"2026-04-04T06:46:39.189604Z","times_seen":183857,"resource_available":false,"data":null}},"time_used":267,"timings":{"blocked":124,"dns":18,"connect":15,"send":0,"wait":16,"receive":14,"ssl":77},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tzegilo.com/stattag.js","fqdn":"tzegilo.com","domain":"tzegilo.com","tld":"com"},"ip":{"addr":"172.67.193.52","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://st.chatango.com/h5/gz/r1102251136/id.html","date":"2025-11-16T05:32:15.980Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tzegilo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 06:43:47 GMT","end":"Mon, 09 Feb 2026 07:38:46 GMT"},"fingerprint":{"sha1":"D5:38:99:61:B8:EA:99:50:AE:A6:42:89:19:46:3D:27:F6:80:AE:53","sha256":"EB:AA:B8:24:FF:C4:D3:0A:D8:6E:81:A6:73:F2:98:E7:69:A1:0F:95:6F:52:21:C6:59:D5:A0:26:AD:55:F8:CC"}}},"request":{"raw":"GET /stattag.js HTTP/1.1\r\nHost: tzegilo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://st.chatango.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 16 Nov 2025 05:32:15 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Thu, 11 Jul 2024 10:23:58 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nlink: \u003chttps://flerap.com/\u003e; rel=preconnect; crossorigin, \u003chttps://fleraprt.com/\u003e; rel=preconnect; crossorigin\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8ODxDCjuZKixQYwmFqla6polGahcVOjVD39rdaXtRVBsnqi2gXqyXjU7Hzws3o7FF9hYQc%2FCn9DQ9It3PqLJZtxBPMlT6r%2BEcQ%3D%3D\"}]}\r\nage: 4088\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\netag: W/\"668fb2be-45d7\"\r\ncontent-encoding: br\r\ncf-ray: 99f49b57f910b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17879,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (17229)","md5":"01227f5edc20e0ff4ed643b27cb8bb68","sha1":"d71a88f7341f2b1bdaa7deb9a66888607bd52598","sha256":"75c91d86601e23ab56d872b31b42660f893fc6d6b0785e085c06c2c038e98fb2","sha512":"88046b07c07ff6de47ef7d1e0d7ca281fc48e91fc6a292cdf611457b96ac92bb0068971cfd55c0cc3e6179d7335e77a6a14b15fa502bbae7b2233546da6c0f98","ssdeep":"384:WDWdyJ+TJTwWV+6RUL2qq8L6jW4+QL1zWAWvVRIDiei:7so1V+g+d+j4pJ5","tlshash":"8d82094a72d525ee82a3a1d10cef612ffb664e86a97e1785e381b49c187404ec3d7f90","first_seen":"2024-07-11T16:28:55Z","last_seen":"2026-04-04T03:00:17.365104Z","times_seen":6340,"resource_available":true,"data":null}},"time_used":47,"timings":{"blocked":19,"dns":5,"connect":1,"send":0,"wait":8,"receive":0,"ssl":11},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.nikke-eu.com/act/wand/pc-download/polyfill.min.js","fqdn":"www.nikke-eu.com","domain":"nikke-eu.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:18.307Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"nikke-eu.com","organization":"PROXIMA BETA PTE. LIMITED"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 17 Feb 2025 00:00:00 GMT","end":"Wed, 18 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4E:FB:88:CA:40:A1:31:87:4F:97:97:6A:22:B0:FF:2E:E1:05:F8:34","sha256":"28:C3:99:73:D6:D0:D3:D2:B1:57:C9:C7:66:61:2B:DF:2A:BE:F0:2F:14:6A:2E:77:E8:42:65:3C:DA:8A:EE:C0"}}},"request":{"raw":"GET /act/wand/pc-download/polyfill.min.js HTTP/1.1\r\nHost: www.nikke-eu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Mon, 04 Aug 2025 04:40:03 GMT\r\nContent-Encoding: gzip\r\nEtag: \"3d8c77c2575405a216edcfdc3c21f762\"\r\nContent-Type: application/javascript\r\nDate: Tue, 02 Sep 2025 15:15:05 GMT\r\nServer: tencent-cos\r\nx-cos-hash-crc64ecma: 5722186795504652527\r\nx-cos-request-id: NjhiNzA5ZjlfODZlZjc4MGJfOTc1OV8xNDZhM2Q5Zg==\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cosindex-replication-status: Complete\r\nContent-Length: 31742\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 1328012918538419790\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":93881,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (38900), with NEL line terminators","md5":"3d8c77c2575405a216edcfdc3c21f762","sha1":"3397e0e007482247c4823db5b8214992908500eb","sha256":"b8e664e9e3b9f15db265d8e0e33fb3271c9a95154f2e8f92e8597f2c100dc90b","sha512":"e3ab7213c0b2625a1dad341a5a2f6c545b278a408565821151075c0669773f93b3703a83720a16213607240abd494b99f54acc3cef87cefafb92aa50a5a6f1ab","ssdeep":"1536:42c6fpV0OcdY5h9R5B0BK68p6pRnhqq/8xotQlGW/8NeUSp:4K/0OcG5HBLms48xSQoQf5p","tlshash":"8e9373ccf6c1b09602a37275423f900bb2b7669a711f9940d26bd5e1ad7894fc13be2d","first_seen":"2024-12-27T16:14:47.761919Z","last_seen":"2026-03-05T07:34:47.217934Z","times_seen":55,"resource_available":true,"data":null}},"time_used":88,"timings":{"blocked":36,"dns":2,"connect":11,"send":0,"wait":12,"receive":1,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rumt-sg.com/speed/performance?dnsLookup=188\u0026tcp=225\u0026ssl=201\u0026ttfb=21\u0026contentDownload=4\u0026domParse=468\u0026resourceDownload=4293\u0026firstScreenTiming=0\u0026id=dWmboSvoOJ09Wa7ZwW\u0026uin=\u0026version=1.37.4\u0026aid=6bfd39ea-7aa2-409a-9923-32f587048567\u0026env=production\u0026platform=3\u0026netType=100\u0026vp=0%20*%200\u0026sr=1280%20*%201024\u0026sessionId=session-1763271139022\u0026from=https%3A%2F%2Fwww.nikke-eu.com%2Fact%2Fwand%2Fpc-download%2Findex.html%3Fcampaign%3Dpwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU%26campaignid%3DEU%26ad_group%3D3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3%26spend%3D8.0%26clickid%3D23297e6b208c4f40b67b6623522aa70a%26action_type%3Dclick%26uanetwork%3Dpwngames%26lang_type%3Den\u0026referer=","fqdn":"rumt-sg.com","domain":"rumt-sg.com","tld":"com"},"ip":{"addr":"43.156.86.55","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:31.034Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rumt-sg.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Fri, 03 Jan 2025 00:00:00 GMT","end":"Tue, 03 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B3:A2:75:8F:A9:60:48:97:57:63:D7:37:E1:55:58:7E:91:C7:B2:AA","sha256":"99:16:99:A9:EF:66:CA:0E:C4:8A:94:C3:5B:1C:F4:58:C1:D9:54:FE:E8:60:E2:8A:C7:CD:9F:C9:0D:7E:98:23"}}},"request":{"raw":"GET /speed/performance?dnsLookup=188\u0026tcp=225\u0026ssl=201\u0026ttfb=21\u0026contentDownload=4\u0026domParse=468\u0026resourceDownload=4293\u0026firstScreenTiming=0\u0026id=dWmboSvoOJ09Wa7ZwW\u0026uin=\u0026version=1.37.4\u0026aid=6bfd39ea-7aa2-409a-9923-32f587048567\u0026env=production\u0026platform=3\u0026netType=100\u0026vp=0%20*%200\u0026sr=1280%20*%201024\u0026sessionId=session-1763271139022\u0026from=https%3A%2F%2Fwww.nikke-eu.com%2Fact%2Fwand%2Fpc-download%2Findex.html%3Fcampaign%3Dpwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU%26campaignid%3DEU%26ad_group%3D3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3%26spend%3D8.0%26clickid%3D23297e6b208c4f40b67b6623522aa70a%26action_type%3Dclick%26uanetwork%3Dpwngames%26lang_type%3Den\u0026referer= HTTP/1.1\r\nHost: rumt-sg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.nikke-eu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sun, 16 Nov 2025 05:32:31 GMT\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T06:46:00.057853Z","times_seen":13320224,"resource_available":true,"data":null}},"time_used":178,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/assets/uploads/channels/56.png","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.crichd.vip/web007","date":"2025-11-16T05:32:11.583Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crichd.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:56:14 GMT","end":"Thu, 05 Feb 2026 05:53:57 GMT"},"fingerprint":{"sha1":"40:25:3E:9A:40:8E:95:C7:E1:D7:E0:E5:03:BD:16:64:DB:44:2E:46","sha256":"35:43:E1:EF:96:B6:B2:9D:09:40:04:F9:0B:26:FE:53:B4:89:D6:E1:4D:6E:4F:3C:5E:59:6B:8F:07:CA:23:1D"}}},"request":{"raw":"GET /assets/uploads/channels/56.png HTTP/1.1\r\nHost: m.crichd.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.crichd.vip/web007\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 05:32:11 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 23 Oct 2021 09:19:39 GMT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BpNHfB2ce72b3gqPHqI9xsobDMq%2FPpKhjPokbgcCtudLIzE2KD17OYRB39MIn2QZzf9FqEaw2YqPW40TwQnL3x6Ztd2bv1j5xGo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: \"6173d3ab-2fee6\"\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 1961\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: 99f49b3bf8d156c7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":196326,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1030 x 117, 8-bit/color RGB, non-interlaced","md5":"52e4c28473be523b42d635548f1e56be","sha1":"0760f2f228f0359a13f27f58094dba9085f93128","sha256":"4d1fa0a7875df706e21096ac86dfd1408471ee55175098f4fc7e7231a3d3c52f","sha512":"d544d7c50d35fd97fcfdd0cab85554ff1e4de56c9d6716085b8cdff5394e08ced8f4d7dbb4a12b7d67f43c29efc3e77b6d46561253af3052b53aad04c5d45593","ssdeep":"3072:Nw6eOWLp16c5PyVu5ohyc95knbaquapDUXNtGqZ9GIPI0uQE0FX:Nh0SyPyVuWhz95knbCbXNtGqfVI0uQJX","tlshash":"ff141298f5c87bc3413d836a243e595bf908b74a2aeb37147336e0a79700d29d1fa45a","first_seen":"2023-05-26T18:24:13Z","last_seen":"2026-02-08T14:16:08.278682Z","times_seen":27,"resource_available":false,"data":null}},"time_used":70,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":58,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/assets/images/favicon.ico?1000","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.crichd.vip/web007","date":"2025-11-16T05:32:12.241Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crichd.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:56:14 GMT","end":"Thu, 05 Feb 2026 05:53:57 GMT"},"fingerprint":{"sha1":"40:25:3E:9A:40:8E:95:C7:E1:D7:E0:E5:03:BD:16:64:DB:44:2E:46","sha256":"35:43:E1:EF:96:B6:B2:9D:09:40:04:F9:0B:26:FE:53:B4:89:D6:E1:4D:6E:4F:3C:5E:59:6B:8F:07:CA:23:1D"}}},"request":{"raw":"GET /assets/images/favicon.ico?1000 HTTP/1.1\r\nHost: m.crichd.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.crichd.vip/web007\r\nCookie: website_clock=00%3A00\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 05:32:12 GMT\r\ncontent-type: image/x-icon\r\nlast-modified: Fri, 30 Aug 2024 13:15:34 GMT\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zz2uHDpm98tr%2Bx4y1BRc8JciEZI9Ivh%2FLCZ4Alu5d%2BKsOhoGmK0Cwn95yFmSvMVMJJOQGll0WSkfyXKOMLspZMgnTwhU1j8jb5A%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: \"66d1c5f6-83c0\"\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 1060\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: 99f49b4078ec56c7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":33728,"size_decoded":0,"mime_type":"image/x-icon","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, description=ball for cricket sport isolated,\u0001, xresolution=81, yresolution=89], progressive, precision 8, 612x612, components 3","md5":"157c0787b89a67efb754e74f97c8ed90","sha1":"363581191f7476b09f591f9574184a0586b64098","sha256":"794061e3b3fc2ce76248a8686449699e2589bd22a5fa1665578d7119650438e7","sha512":"38d543596e84896df12bc1f113dc3c5f1f70d6b9c82269dac85e1ae6c3a7b5a15804bc1df5a129df67a102941beb75420282bfce41a6314ec6ccc7aad3b3a661","ssdeep":"768:7rTNznp/k1E9h4t6t7x5AMotznCGJJI5bgFZ8MQdUjIIvJ8Cyh4:7rTZnp/qE9TBxGZCGb+bgFZuWXvJ8CV","tlshash":"e2e2e1333b15656ad42d3f722fe643489d3f1cd427fad66a38170a68683638561c0ecb","first_seen":"2025-07-17T18:00:00.054827Z","last_seen":"2026-02-08T14:16:08.25484Z","times_seen":8,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"st.chatango.com/h5/gz/r1102251136/id.html","fqdn":"st.chatango.com","domain":"chatango.com","tld":"com"},"ip":{"addr":"208.93.230.18","port":443,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://m.crichd.vip/web007","date":"2025-11-16T05:32:12.466Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.chatango.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 15 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:69:E1:D0:F3:D1:74:D0:DA:D5:22:F8:D3:1E:06:08:AD:10:C4:11","sha256":"09:28:F7:57:15:FC:10:13:9B:36:F1:1C:C5:1D:EE:8C:45:0E:F5:7B:37:E3:7C:84:D3:8B:89:EE:9E:19:0E:20"}}},"request":{"raw":"GET /h5/gz/r1102251136/id.html HTTP/1.1\r\nHost: st.chatango.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.crichd.vip/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 16 Nov 2025 05:32:12 GMT\r\nContent-Type: text/html\r\nContent-Length: 224258\r\nLast-Modified: Sun, 02 Nov 2025 19:40:21 GMT\r\nConnection: keep-alive\r\nETag: \"6907b3a5-36c02\"\r\nExpires: Mon, 16 Nov 2026 05:32:12 GMT\r\nCache-Control: max-age=31536000\r\nContent-Encoding: gzip\r\nP3P: CP=\"Chatango does not have a P3P policy. Please see our privacy policy: http://chatango.com/page?full_privacy\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":697710,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (54430), with CRLF, LF line terminators","md5":"0e556c66601fa0a2f6414c1507fc264c","sha1":"e52166ca3ab7abfe34cb50f176255701dd357989","sha256":"2535ae7df6f7eda9ca26b2ff542954df23c50ca2df33a6fd246336106b90d788","sha512":"0a4e741e1db40535f7be501a08d08e1a2325d6d2ed39bccbe107f4cafc01c50f7b85e377a0ca249502e0e74beac905f262803aecfb02dc1d6fa3e1f497f3b2cc","ssdeep":"12288:cRHV9ZpBGeXuSa6x6+P1xhyRifELFr74GQYY/udq2o:YHV9ZpbuSa6x6+NxhyRifcFr74GQYM","tlshash":"83e4189db7613225c2a3e1f4806b1155723b60ade5049b6cb24ddcf4ae7486c227bfbc","first_seen":"2025-11-03T23:42:14.869332Z","last_seen":"2025-12-12T20:01:09.48044Z","times_seen":94,"resource_available":false,"data":null}},"time_used":670,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":167,"receive":503,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.nikke-eu.com/act/wand/pc-download/assets/index.d154e7f6.js","fqdn":"www.nikke-eu.com","domain":"nikke-eu.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:18.301Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"nikke-eu.com","organization":"PROXIMA BETA PTE. LIMITED"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 17 Feb 2025 00:00:00 GMT","end":"Wed, 18 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4E:FB:88:CA:40:A1:31:87:4F:97:97:6A:22:B0:FF:2E:E1:05:F8:34","sha256":"28:C3:99:73:D6:D0:D3:D2:B1:57:C9:C7:66:61:2B:DF:2A:BE:F0:2F:14:6A:2E:77:E8:42:65:3C:DA:8A:EE:C0"}}},"request":{"raw":"GET /act/wand/pc-download/assets/index.d154e7f6.js HTTP/1.1\r\nHost: www.nikke-eu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 31 Oct 2025 11:19:03 GMT\r\nContent-Encoding: gzip\r\nEtag: \"276bb96731fba666285a245b263da998\"\r\nContent-Type: application/javascript\r\nDate: Fri, 31 Oct 2025 11:19:49 GMT\r\nServer: tencent-cos\r\nx-cos-hash-crc64ecma: 10065314695926652816\r\nx-cos-request-id: NjkwNDliNTVfOWYwZTc5MWVfM2RkNmRfMWQ3N2NjOTQ=\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-trace-id: OGVmYzZiMmQzYjA2OWNhODk0NTRkMTBiOWVmMDAxODc0OWRkZjk0ZDM1NmI1M2E2MTRlY2MzZDhmNmI5MWI1OWE4OGMxZjNjY2JiNTBmMTVmMWY1MzAzYzkyZGQ2ZWM4MzZkMTZiZDQxYTg4MzRiMzIwYzRkYTRjMWFkNDM3YjQ=\r\nx-cosindex-replication-status: Complete\r\nContent-Length: 157581\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 3781764906507526301\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":573708,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (26371)","md5":"276bb96731fba666285a245b263da998","sha1":"6b00609e75666e354fe18784268143966e14dd9a","sha256":"bd444c6e0f1c9925d79a257bb2c3df656d8581ac91c9642fccaf9cdc95d731ea","sha512":"95c4aebbea2d7edb1de77283cf90d483b5b74086031a9c698ca3a7b12ac50f9119a65953b34f8e03e9b9bd9c8aa972d6b97fbe69554a033ef980c0d294d5d67e","ssdeep":"6144:dTWcfLmYD5Hmm8sFbnXh8B62QA4T1DnOcSUOg/c9BXsFwd7dlVgwsKgCi8+YLNsn:dTWM7th8p34T1y9psyd7dGqRsyRm","tlshash":"cac46dd9f2a6a43a06ea20e0e43b150eb5350849e408e5fdfe7c9cf7dba45059136b3c","first_seen":"2025-11-05T17:06:59.78846Z","last_seen":"2025-11-18T23:33:55.844258Z","times_seen":37,"resource_available":true,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":46,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-PNH3M7B","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:18.724Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:33:50 GMT","end":"Mon, 19 Jan 2026 08:33:49 GMT"},"fingerprint":{"sha1":"48:8A:E6:98:60:86:BA:71:57:34:7F:7F:AB:BA:86:86:8F:73:20:E2","sha256":"AF:F1:47:F8:37:C7:C4:95:30:91:49:71:1C:6F:0E:A8:5A:0D:92:0C:E2:D9:F4:A7:AF:27:C5:6B:39:0D:33:46"}}},"request":{"raw":"GET /gtm.js?id=GTM-PNH3M7B HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sun, 16 Nov 2025 05:32:18 GMT\r\nexpires: Sun, 16 Nov 2025 05:32:18 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Sun, 16 Nov 2025 03:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 145294\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":435322,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (16477)","md5":"513b14ad615d16b65b459f728ae56605","sha1":"ba4e3ec813cc4bf76fa5810d1fe5f90c66dcf453","sha256":"efc550e79a19bd831d55bae7ae035be3dd3b0b8c91875a3365ecd1fa166276b2","sha512":"088c2e1b3c5986143087d4cf9102c6d715ad7349699fd0b6412ef5124bcee7b4fea49ec31960ac722d5ee39b281d27bc3938799f5b7533da1a7383453798c8df","ssdeep":"6144:I2CoRC8hsjtxj34Jbc2sUOJdR+rVm+QZWHYN0bk:I2dR/hytVCbhsYQZWS","tlshash":"f89419ceb3d6746683d2b478403f018ba57b68a2b44cd895f1cacde52e7069a0163f7d","first_seen":"2025-11-15T22:46:29.017707Z","last_seen":"2025-11-16T05:32:51.382196Z","times_seen":2,"resource_available":true,"data":null}},"time_used":366,"timings":{"blocked":115,"dns":0,"connect":28,"send":0,"wait":58,"receive":77,"ssl":83},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn-apac.onetrust.com/logos/static/ot_company_logo.png","fqdn":"cdn-apac.onetrust.com","domain":"onetrust.com","tld":"com"},"ip":{"addr":"104.18.32.137","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:19.199Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"onetrust.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 01:43:25 GMT","end":"Wed, 11 Feb 2026 02:43:23 GMT"},"fingerprint":{"sha1":"EB:6B:52:98:E5:B0:CA:A9:F4:63:C7:8E:59:8E:6D:FC:AA:B9:90:B7","sha256":"05:40:C5:36:2E:62:5C:4A:3F:E1:1A:F7:DA:C5:5B:0F:02:8B:BE:79:C2:92:21:8C:52:78:FB:BE:03:EA:D1:AD"}}},"request":{"raw":"GET /logos/static/ot_company_logo.png HTTP/1.1\r\nHost: cdn-apac.onetrust.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 16 Nov 2025 05:32:19 GMT\r\ncontent-type: image/png\r\ncontent-length: 8666\r\ncf-ray: 99f49b6bed5d35a6-OSL\r\ncontent-md5: rstrgrQJ65M8PVOYMzpFlA==\r\nlast-modified: Wed, 12 Nov 2025 08:04:58 GMT\r\netag: 0x8DE21C22C26D20B\r\nx-ms-request-id: 0ac7ef13-b01e-0031-3026-547819000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,ETag,Last-Modified,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\ncf-cache-status: HIT\r\nage: 6531\r\nexpires: Mon, 17 Nov 2025 05:32:19 GMT\r\ncache-control: public, max-age=86400\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8666,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 600 x 106, 8-bit/color RGBA, non-interlaced","md5":"aecb6b82b409eb933c3d5398333a4594","sha1":"b3c1e078d55dd660a368b506b8b21024451426ad","sha256":"56615530ca1fa2eb144ef8d4c4bf06604115367f9f4cfff6bad1b4e8f344d3c7","sha512":"5edcf4bb9cbb36501ff21a4e06f86ed542689994823efc1e78697c15e033925df8c817395648653c0c0a754ec840d3d916f0e6c03ae0cc577239bc5749beb60e","ssdeep":"192:X0YIB/s/MyNJNG3id1t8kQBDGGzjOItNasnHpl7qltVHRrcT:kYi/s/MgEaX8kczjO4NaAAb1+T","tlshash":"9102b0de5a39d2039cabc6e730c6d8256f724916862a721acf389d147970ff38250a73","first_seen":"2025-01-28T04:28:53.011067Z","last_seen":"2026-04-04T06:00:45.012326Z","times_seen":24601,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"boopoaglauph.net/401/9283842?oo=1\u0026sw_version=v1.758.0-s\u0026oaid=08028361f72b4f92ec2c9a7e627fbf14\u0026st=true","fqdn":"boopoaglauph.net","domain":"boopoaglauph.net","tld":"net"},"ip":{"addr":"139.45.197.245","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://st.chatango.com/h5/gz/r1102251136/id.html","date":"2025-11-16T05:32:15.676Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"boopoaglauph.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 05:15:43 GMT","end":"Tue, 06 Jan 2026 05:15:42 GMT"},"fingerprint":{"sha1":"24:89:62:DF:C4:F0:79:46:2C:3A:8F:46:18:AB:42:BA:0F:D1:CE:EF","sha256":"63:66:51:4C:3B:6E:AF:90:62:78:E9:83:18:5A:5B:7D:F8:DB:EA:64:A3:DA:8E:0D:D2:46:89:27:83:4A:0A:3F"}}},"request":{"raw":"POST /401/9283842?oo=1\u0026sw_version=v1.758.0-s\u0026oaid=08028361f72b4f92ec2c9a7e627fbf14\u0026st=true HTTP/1.1\r\nHost: boopoaglauph.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 3358\r\nOrigin: https://st.chatango.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://st.chatango.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 16 Nov 2025 05:32:15 GMT\r\ncontent-type: application/json\r\nx-trace-id: 0b72d528a07d19f01ef49b7e2aca904c\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\ncache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0\r\npragma: no-cache\r\nvary: Origin\r\naccess-control-allow-origin: https://st.chatango.com\r\naccess-control-expose-headers: Link\r\naccess-control-allow-credentials: true\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version\r\nset-cookie: OAID=08028361f72b4f92ec2c9a7e627fbf14; expires=Mon, 16 Nov 2026 05:32:15 GMT; path=/; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *, *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2166,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"0d9815e97f3285c9c04063b761d15c10","sha1":"d43ade55806e522a41454052fc6c8eabf6e37f42","sha256":"26524dc3177dff3d88d8fff048b564b17bba2cd0e91bbda099621e7be44338a3","sha512":"a981f9beefbb64043dfed2fd1b6d49ee04e1964c627a26a30a8c2c27b3bb56aea97d04235f92e8f97e2ba1bf10c0eacfda8955d8273865504275acd66732f96f","ssdeep":"","tlshash":"684126088d28417e82ee5ab6dc076d471abd511f7a4c752ee7494d1770ebce503eb20b","first_seen":"2025-11-16T05:32:51.385262Z","last_seen":"2025-11-16T05:32:51.385262Z","times_seen":1,"resource_available":false,"data":null}},"time_used":203,"timings":{"blocked":86,"dns":1,"connect":26,"send":0,"wait":31,"receive":0,"ssl":56},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"boopoaglauph.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"boopoaglauph.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"boopoaglauph.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"boopoaglauph.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"boopoaglauph.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn-apac.onetrust.com/consent/018dd03c-1e82-70b0-a52c-1aa6ee0a1b53/018df2cc-26a4-7437-88ea-ad0d65ce4427/en.json","fqdn":"cdn-apac.onetrust.com","domain":"onetrust.com","tld":"com"},"ip":{"addr":"104.18.32.137","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:19.018Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"onetrust.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 01:43:25 GMT","end":"Wed, 11 Feb 2026 02:43:23 GMT"},"fingerprint":{"sha1":"EB:6B:52:98:E5:B0:CA:A9:F4:63:C7:8E:59:8E:6D:FC:AA:B9:90:B7","sha256":"05:40:C5:36:2E:62:5C:4A:3F:E1:1A:F7:DA:C5:5B:0F:02:8B:BE:79:C2:92:21:8C:52:78:FB:BE:03:EA:D1:AD"}}},"request":{"raw":"GET /consent/018dd03c-1e82-70b0-a52c-1aa6ee0a1b53/018df2cc-26a4-7437-88ea-ad0d65ce4427/en.json HTTP/1.1\r\nHost: cdn-apac.onetrust.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.nikke-eu.com/\r\nOrigin: https://www.nikke-eu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 16 Nov 2025 05:32:19 GMT\r\ncontent-type: application/x-javascript\r\nserver: cloudflare\r\ncf-ray: 99f49b6abbf435a6-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 37580\r\ncache-control: public, max-age=86400\r\ncontent-encoding: gzip\r\netag: 0x8DD3B8C2BD7715E\r\nlast-modified: Thu, 23 Jan 2025 08:58:57 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,ETag,Last-Modified,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding, X-OneTrust-IsBot\r\ncontent-md5: FC95bx7Z+8jpW6pfRBWPHQ==\r\nx-ms-blob-type: BlockBlob\r\nx-ms-lease-status: unlocked\r\nx-ms-request-id: 65e919e0-701e-0011-134c-3e03be000000\r\nx-ms-version: 2009-09-19\r\nx-onetrust-isbot: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":61531,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JSON text data","md5":"43f14d8aaec1ca40d5de9e01b8ec7464","sha1":"0566fb0af146d6daccab32fbe73b1e839ab21d88","sha256":"aa60c8a473620e175700a90374a6593815c04f02b1100abf0c41108ae894dde6","sha512":"f3da973184d9b8ec7e6e4aaa342ce20b4800a92e3e71e950e2e40945b0e42ae82028f59f444ebb26d2f9535b7f31a1806017d62c88db5cfc1c04ce274bba89e1","ssdeep":"768:g/lyTRD+W52JzWHIcKQFmknkPKzeZ8K/KjKvHz1cl3rucJlYRAv7u6UOdRaPS0G8:g/l0CgI4mknkSiRcNruSlYROhWPb7B","tlshash":"b553f806465528fd4b4f4302a4b9bf8fe33c1552f760cd1aea584e385193be66a7338b","first_seen":"2025-11-05T17:06:59.785408Z","last_seen":"2025-11-18T23:33:55.828182Z","times_seen":37,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.nikke-eu.com/act/wand/pc-download/assets/index.821cb101.js","fqdn":"www.nikke-eu.com","domain":"nikke-eu.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:20.336Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"nikke-eu.com","organization":"PROXIMA BETA PTE. LIMITED"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 17 Feb 2025 00:00:00 GMT","end":"Wed, 18 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4E:FB:88:CA:40:A1:31:87:4F:97:97:6A:22:B0:FF:2E:E1:05:F8:34","sha256":"28:C3:99:73:D6:D0:D3:D2:B1:57:C9:C7:66:61:2B:DF:2A:BE:F0:2F:14:6A:2E:77:E8:42:65:3C:DA:8A:EE:C0"}}},"request":{"raw":"GET /act/wand/pc-download/assets/index.821cb101.js HTTP/1.1\r\nHost: www.nikke-eu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/act/wand/pc-download/assets/index.d154e7f6.js\r\nCookie: dv0qai26lg6v2y6kl7yyc36brextd7fh7oqka1bs=pjqjfznqkhh; dv0qai26lg6v2y6kl7yyc36brextdwnac34rge5n=vp9qox301xg; dv0qai26lg6v2y6kl7yyc36brextdzxres5brlto=uoq8vm6ryrb; dv0qai26lg6v2y6kl7yyc36brextd4knc9bn9qzp=6yemacqwvsw; dv0qai26lg6v2y6kl7yyc36brextdzwbdd07dgme=i9fpn5b0i18; dv0qai26lg6v2y6kl7yyc36brextdq4v4mq8bh2i=fza95rh2pkr; dv0qai26lg6v2y6kl7yyc36brextd1g0m9ov5ws4=cmx1qbmdd6a; _mg_ckp=eyJja1RrZERGIjoiIn0=; dv0qai26lg6v2y6kl7yyc36brextdp88m8vgsd2a=nqtsmbvpya; dv0qai26lg6v2y6kl7yyc36brextdq3raj5vuunp=jvqymuu1p7; dv0qai26lg6v2y6kl7yyc36brextd51w0i1h33tk=llhg26u9s89; dv0qai26lg6v2y6kl7yyc36brextdbbotnzlo1qg=dzlpcebqbo\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Mon, 19 May 2025 11:04:19 GMT\r\nContent-Encoding: gzip\r\nEtag: \"f138b748a4ac714927fb7c55d5b2c22b\"\r\nContent-Type: application/javascript\r\nDate: Tue, 22 Jul 2025 06:50:02 GMT\r\nServer: tencent-cos\r\nx-cos-hash-crc64ecma: 3771195092807119672\r\nx-cos-request-id: Njg3ZjM0OWFfZWZlZjc4MGJfMTBhMjVfZTVlZWI1Nw==\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-trace-id: OGVmYzZiMmQzYjA2OWNhODk0NTRkMTBiOWVmMDAxODc0OWRkZjk0ZDM1NmI1M2E2MTRlY2MzZDhmNmI5MWI1OWE4OGMxZjNjY2JiNTBmMTVmMWY1MzAzYzkyZGQ2ZWM4MzZkMTZiZDQxYTg4MzRiMzIwYzRkYTRjMWFkNDM3YjQ=\r\nx-cosindex-replication-status: Complete\r\nContent-Length: 304\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 17524495900447663524\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":809,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (808)","md5":"f138b748a4ac714927fb7c55d5b2c22b","sha1":"1ebd8889eca7aac4464d531ba447a64e8b72a1b6","sha256":"cea587088b937ce0d73983ff1e3fb2a5e2696cd56de93550ce8d525c8f527554","sha512":"b129749c0aa8e41bf7881fd92b2e00e8a12953fd66eb81ea0e6f1df620f4f225723f57c6f34c529f4dcbf8ee2ec148916b59a068f9dd1d730e551e0fbb2000cd","ssdeep":"","tlshash":"80016f852fadb171e071f9b8a5272182e2188f341142d90bb148a552eae055f810fdb8","first_seen":"2025-11-06T11:00:44.034735Z","last_seen":"2025-11-18T23:33:55.797532Z","times_seen":26,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"track.iegcom.com/report","fqdn":"track.iegcom.com","domain":"iegcom.com","tld":"com"},"ip":{"addr":"34.49.88.155","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:22.995Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"track.iegcom.com","organization":""},"issuer":{"commonName":"DNSPod DV TLS RSA CA 2025","organization":"DNSPod, Inc."},"validity":{"start":"Tue, 28 Oct 2025 00:00:00 GMT","end":"Tue, 27 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:2A:71:4B:75:E9:66:F5:FD:05:E7:53:B7:1A:20:FF:DD:F4:A0:56","sha256":"81:74:2D:04:92:3C:B4:23:12:7C:91:86:68:90:62:25:5B:DB:75:03:F6:41:BF:00:BF:57:60:9C:93:DB:6E:E6"}}},"request":{"raw":"POST /report HTTP/1.1\r\nHost: track.iegcom.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 1570\r\nOrigin: https://www.nikke-eu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 201 Created\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\ncontent-type: application/json; charset=utf-8\r\netag: W/\"19-pSuUqvA1T8UMUbHJkpqfXlk/bjI\"\r\nx-cloud-trace-context: 48d023afd16cca289f54a2982959a9ca\r\ndate: Sun, 16 Nov 2025 05:32:23 GMT\r\nserver: Google Frontend\r\ncontent-length: 25\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"201","status_text":"Created","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":25,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"66f41088bf6267ad8ea40e3533e2f275","sha1":"a52b94aaf0354fc50c51b1c9929a9f5e593f6e32","sha256":"cf29e1b2087058ccb7d034620fc45bb35671afa6509fbd6459f315ddf6b82343","sha512":"bf3b0c147804c73fdb49592ed285c3b650ee3d0581e2893524182322f56608845765dd44928b84b051b7fddf5d243388c9f1f82508e6f2f8fad3213ad5eca933","ssdeep":"","tlshash":"6d7000330008088322003c0c00030b0a208008a0aa000ba0c02c080c8a0c088a382000","first_seen":"2023-05-06T09:48:28Z","last_seen":"2026-04-01T23:27:14.185594Z","times_seen":132,"resource_available":false,"data":null}},"time_used":67,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":67,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/assets/uploads/channels/53.png","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.crichd.vip/web007","date":"2025-11-16T05:32:11.574Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crichd.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:56:14 GMT","end":"Thu, 05 Feb 2026 05:53:57 GMT"},"fingerprint":{"sha1":"40:25:3E:9A:40:8E:95:C7:E1:D7:E0:E5:03:BD:16:64:DB:44:2E:46","sha256":"35:43:E1:EF:96:B6:B2:9D:09:40:04:F9:0B:26:FE:53:B4:89:D6:E1:4D:6E:4F:3C:5E:59:6B:8F:07:CA:23:1D"}}},"request":{"raw":"GET /assets/uploads/channels/53.png HTTP/1.1\r\nHost: m.crichd.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.crichd.vip/web007\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 05:32:11 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 28 Oct 2021 20:47:32 GMT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cKuQILpgEXc%2Fb%2F5FtWxVayYeqjWWkaCdcMhMtI%2F%2BEV69tmaIIu3fUc9vI%2FUpSdw1pgiWcrQbA0%2FAaPq9Ufjv6%2FmLD54zyUvXTb8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: \"617b0c64-1acbe\"\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 1961\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: 99f49b3bf8d256c7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":109758,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 634 x 247, 8-bit/color RGBA, non-interlaced","md5":"568b23d163fddd114dcdfcbdc3d433e9","sha1":"f2210d533587f7e5ffa18875a52c0711e4748b2a","sha256":"1bcfd0f8ad7d1527faf56aef7dd0b7958ce4dbb06e2d833405ddd012d6dac1bf","sha512":"380588f988a00884754a47263c08452c5c1cb31a066b585c73b31890c8914559be44edc0998469a41d2adf15a8de9a7c7b5c2e09afeeccd0e16c58f1deccaa43","ssdeep":"3072:FaGGhyvrGV6gaIVEashkFhS1sRvd1XV0UOIC1LVDWve0:8hp6gy+OEnV0XSe0","tlshash":"28b30230ee9ce16152edcfa1f2b824d628386cd1452a7adc58c32770a77c6e4509f78c","first_seen":"2023-05-26T18:24:13Z","last_seen":"2026-02-08T14:16:08.331253Z","times_seen":29,"resource_available":false,"data":null}},"time_used":66,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":55,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trace.popin.cc/api/bidder/track/pixel/pageview?tn=f9f2b1ef23fe2759c2cad0953029a94b\u0026spd=\u0026mgd=5baf84d02e84419791e3d1920e6eff4b\u0026ptd=\u0026tkd=\u0026acd=\u0026cpid=\u0026v=216178889","fqdn":"trace.popin.cc","domain":"popin.cc","tld":"cc"},"ip":{"addr":"35.213.89.133","port":443,"asn":15169,"as":"GOOGLE","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:20.756Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trace.popin.cc","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Sat, 08 Nov 2025 17:04:06 GMT","end":"Fri, 06 Feb 2026 17:59:01 GMT"},"fingerprint":{"sha1":"29:A2:44:E3:CA:AA:A0:77:AC:D3:9D:7A:6C:B4:F8:89:E9:9F:78:6E","sha256":"47:2F:04:5B:90:7C:9E:1D:ED:CD:76:6F:44:30:B4:7D:A1:8C:C6:FB:4F:F9:AA:96:50:7B:E6:9E:B1:68:5E:B2"}}},"request":{"raw":"POST /api/bidder/track/pixel/pageview?tn=f9f2b1ef23fe2759c2cad0953029a94b\u0026spd=\u0026mgd=5baf84d02e84419791e3d1920e6eff4b\u0026ptd=\u0026tkd=\u0026acd=\u0026cpid=\u0026v=216178889 HTTP/1.1\r\nHost: trace.popin.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.nikke-eu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nCookie: dv0qai26lg6v2y6kl7yyc36brextdhvlkauebxm5=f8e6g75xr3i; dv0qai26lg6v2y6kl7yyc36brextdcrccz011kp7=ob8zdcm5a3f; dv0qai26lg6v2y6kl7yyc36brextd55y7alon8dt=zczz1i7bbk\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 2\r\ncontent-type: application/json; charset=utf-8\r\nset-cookie: __mguid_=118684526ee4717e2kxrj000mi1a40cm; Path=/; Domain=popin.cc; Max-Age=31536000; Secure; SameSite=None\r\ndate: Sun, 16 Nov 2025 05:32:21 GMT\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":2,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"9d4568c009d203ab10e33ea9953a0264","sha1":"dd29ecf524b030a65261e3059c48ab9e1ecb2585","sha256":"12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126","sha512":"64d24560970ca14d349bea0e7d2526d4754bf3283568ab4dd602bd79eb454dc3657d5bb6f9a30c90ea98d9600ebd0fb45d582f4cae3f8e3c50b0e8fb18059892","ssdeep":"","tlshash":"c710000000000000000000000000000030000000000000000000000000000000000000","first_seen":"2023-03-09T21:44:55Z","last_seen":"2026-04-04T05:06:44.858587Z","times_seen":14367,"resource_available":true,"data":null}},"time_used":1594,"timings":{"blocked":646,"dns":8,"connect":252,"send":0,"wait":301,"receive":0,"ssl":384},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rumt-sg.com/collect?id=dWmboSvoOJ09Wa7ZwW\u0026uin=\u0026version=1.37.4\u0026aid=6bfd39ea-7aa2-409a-9923-32f587048567\u0026env=production\u0026platform=3\u0026netType=100\u0026vp=0%20*%200\u0026sr=1280%20*%201024\u0026sessionId=session-1763271139022\u0026from=https%3A%2F%2Fwww.nikke-eu.com%2Fact%2Fwand%2Fpc-download%2Findex.html%3Fcampaign%3Dpwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU%26campaignid%3DEU%26ad_group%3D3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3%26spend%3D8.0%26clickid%3D23297e6b208c4f40b67b6623522aa70a%26action_type%3Dclick%26uanetwork%3Dpwngames%26lang_type%3Den\u0026referer=","fqdn":"rumt-sg.com","domain":"rumt-sg.com","tld":"com"},"ip":{"addr":"43.156.86.55","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:21.674Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rumt-sg.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Fri, 03 Jan 2025 00:00:00 GMT","end":"Tue, 03 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B3:A2:75:8F:A9:60:48:97:57:63:D7:37:E1:55:58:7E:91:C7:B2:AA","sha256":"99:16:99:A9:EF:66:CA:0E:C4:8A:94:C3:5B:1C:F4:58:C1:D9:54:FE:E8:60:E2:8A:C7:CD:9F:C9:0D:7E:98:23"}}},"request":{"raw":"POST /collect?id=dWmboSvoOJ09Wa7ZwW\u0026uin=\u0026version=1.37.4\u0026aid=6bfd39ea-7aa2-409a-9923-32f587048567\u0026env=production\u0026platform=3\u0026netType=100\u0026vp=0%20*%200\u0026sr=1280%20*%201024\u0026sessionId=session-1763271139022\u0026from=https%3A%2F%2Fwww.nikke-eu.com%2Fact%2Fwand%2Fpc-download%2Findex.html%3Fcampaign%3Dpwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU%26campaignid%3DEU%26ad_group%3D3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3%26spend%3D8.0%26clickid%3D23297e6b208c4f40b67b6623522aa70a%26action_type%3Dclick%26uanetwork%3Dpwngames%26lang_type%3Den\u0026referer= HTTP/1.1\r\nHost: rumt-sg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 5825\r\nOrigin: https://www.nikke-eu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sun, 16 Nov 2025 05:32:21 GMT\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T06:46:00.057853Z","times_seen":13320224,"resource_available":true,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?frm=2\u0026en=page_view\u0026dl=https%3A%2F%2Fwww.nikke-eu.com%2Fact%2Fwand%2Fpc-download%2Findex.html\u0026scrsrc=www.googletagmanager.com\u0026rnd=933542880.1763271139\u0026dt=Immersive%20SF%20RPG%20Shooter%20with%20adorable%20Nikkes\u0026navt=n\u0026npa=1\u0026gtm=45He5bc1v899501813za200zd899501813xea\u0026gcd=13l3l3l2l1l1\u0026dma_cps=syphamo\u0026dma=1\u0026tag_exp=103116026~103200004~104527906~104528500~104684208~104684211~105391252~115583767~115938465~115938468~116217636~116217638\u0026tft=1763271139254\u0026tfd=1711\u0026apve=1\u0026apvf=f\u0026img=1","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:22.058Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:33:51 GMT","end":"Mon, 19 Jan 2026 08:33:50 GMT"},"fingerprint":{"sha1":"99:FF:FA:35:E4:FB:4B:28:B0:D5:C1:D4:AD:3F:43:AA:85:22:87:8B","sha256":"30:D1:CE:98:2F:EB:E2:4A:53:22:1C:BF:BB:4E:BC:2C:CA:E1:CE:CF:B7:9D:20:26:F9:55:2A:6B:ED:AD:DA:83"}}},"request":{"raw":"GET /ccm/collect?frm=2\u0026en=page_view\u0026dl=https%3A%2F%2Fwww.nikke-eu.com%2Fact%2Fwand%2Fpc-download%2Findex.html\u0026scrsrc=www.googletagmanager.com\u0026rnd=933542880.1763271139\u0026dt=Immersive%20SF%20RPG%20Shooter%20with%20adorable%20Nikkes\u0026navt=n\u0026npa=1\u0026gtm=45He5bc1v899501813za200zd899501813xea\u0026gcd=13l3l3l2l1l1\u0026dma_cps=syphamo\u0026dma=1\u0026tag_exp=103116026~103200004~104527906~104528500~104684208~104684211~105391252~115583767~115938465~115938468~116217636~116217638\u0026tft=1763271139254\u0026tfd=1711\u0026apve=1\u0026apvf=f\u0026img=1 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/plain\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\npragma: no-cache\r\ndate: Sun, 16 Nov 2025 05:32:22 GMT\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T06:46:00.057853Z","times_seen":13320224,"resource_available":true,"data":null}},"time_used":48,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rumt-sg.com/speed?id=dWmboSvoOJ09Wa7ZwW\u0026uin=\u0026version=1.37.4\u0026aid=6bfd39ea-7aa2-409a-9923-32f587048567\u0026env=production\u0026platform=3\u0026netType=100\u0026vp=0%20*%200\u0026sr=1280%20*%201024\u0026sessionId=session-1763271139022\u0026from=https%3A%2F%2Fwww.nikke-eu.com%2Fact%2Fwand%2Fpc-download%2Findex.html%3Fcampaign%3Dpwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU%26campaignid%3DEU%26ad_group%3D3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3%26spend%3D8.0%26clickid%3D23297e6b208c4f40b67b6623522aa70a%26action_type%3Dclick%26uanetwork%3Dpwngames%26lang_type%3Den\u0026referer=","fqdn":"rumt-sg.com","domain":"rumt-sg.com","tld":"com"},"ip":{"addr":"43.156.86.55","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:24.285Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rumt-sg.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Fri, 03 Jan 2025 00:00:00 GMT","end":"Tue, 03 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B3:A2:75:8F:A9:60:48:97:57:63:D7:37:E1:55:58:7E:91:C7:B2:AA","sha256":"99:16:99:A9:EF:66:CA:0E:C4:8A:94:C3:5B:1C:F4:58:C1:D9:54:FE:E8:60:E2:8A:C7:CD:9F:C9:0D:7E:98:23"}}},"request":{"raw":"POST /speed?id=dWmboSvoOJ09Wa7ZwW\u0026uin=\u0026version=1.37.4\u0026aid=6bfd39ea-7aa2-409a-9923-32f587048567\u0026env=production\u0026platform=3\u0026netType=100\u0026vp=0%20*%200\u0026sr=1280%20*%201024\u0026sessionId=session-1763271139022\u0026from=https%3A%2F%2Fwww.nikke-eu.com%2Fact%2Fwand%2Fpc-download%2Findex.html%3Fcampaign%3Dpwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU%26campaignid%3DEU%26ad_group%3D3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3%26spend%3D8.0%26clickid%3D23297e6b208c4f40b67b6623522aa70a%26action_type%3Dclick%26uanetwork%3Dpwngames%26lang_type%3Den\u0026referer= HTTP/1.1\r\nHost: rumt-sg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: multipart/form-data; boundary=---------------------------282076262714208246902998344641\r\nContent-Length: 22510\r\nOrigin: https://www.nikke-eu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sun, 16 Nov 2025 05:32:24 GMT\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T06:46:00.057853Z","times_seen":13320224,"resource_available":true,"data":null}},"time_used":384,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":384,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","fqdn":"www.nikke-eu.com","domain":"nikke-eu.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://st.chatango.com/h5/gz/r1102251136/id.html","date":"2025-11-16T05:32:17.710Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"nikke-eu.com","organization":"PROXIMA BETA PTE. LIMITED"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 17 Feb 2025 00:00:00 GMT","end":"Wed, 18 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4E:FB:88:CA:40:A1:31:87:4F:97:97:6A:22:B0:FF:2E:E1:05:F8:34","sha256":"28:C3:99:73:D6:D0:D3:D2:B1:57:C9:C7:66:61:2B:DF:2A:BE:F0:2F:14:6A:2E:77:E8:42:65:3C:DA:8A:EE:C0"}}},"request":{"raw":"GET /act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames HTTP/1.1\r\nHost: www.nikke-eu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 31 Oct 2025 11:19:03 GMT\r\nContent-Encoding: gzip\r\nEtag: \"8563b1910cadcc98ce55f463e3a6ab0a\"\r\nContent-Type: text/html\r\nDate: Fri, 31 Oct 2025 11:19:48 GMT\r\nServer: tencent-cos\r\nx-cos-hash-crc64ecma: 14716266334859034875\r\nx-cos-request-id: NjkwNDliNTRfOGMxNTc5MWVfMzRjOTNfMWQ1YWY2MDc=\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cosindex-replication-status: Complete\r\nContent-Length: 22569\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 3399586866780705616\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":75584,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (45536)","md5":"e99288dc6bd87a5f387454143903728e","sha1":"0a9927ff18a420d924f485ce4a2572c690535293","sha256":"68a1539e37ce7138fc239654921a3a2524c7b937ae6083ce5c8ef6ba2dc5669c","sha512":"8cd987f5d0088e397bcbb1f606cab92abf9486a7e9051c687837c2fa3fa87161b2b3875e23548a15ec1a1f3a8885f1da5df8d42ab3c3e671b29ac83fa4ccfab1","ssdeep":"1536:qpePhv2n+mKKs8Eetye8FNy/SBzHwwnMLd/Ld1LdNUnmLd1LdaIb:qpmhvKK52eNCp7F7/","tlshash":"9373199d79a2917241e721e5153fa109b13124133c0aed9cfaacc6e49fbcfd68472f68","first_seen":"2025-11-05T17:06:59.825738Z","last_seen":"2025-11-18T23:33:55.824634Z","times_seen":37,"resource_available":false,"data":null}},"time_used":852,"timings":{"blocked":414,"dns":188,"connect":20,"send":0,"wait":21,"receive":3,"ssl":201},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t.vibe.co/pixel/s?aid=l7haW4\u0026gid=\u0026cid=4bdf3581-09d3-4fc1-aeff-54243009a578\u0026eid=b3e4170a-f44a-4388-9135-2b3e3036b867\u0026a=page_view\u0026ed=\u0026v=gtm_1\u0026url=https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames\u0026ref=\u0026ts=1763271139277\u0026trk=trkid\u0026t=img","fqdn":"t.vibe.co","domain":"vibe.co","tld":"co"},"ip":{"addr":"44.214.249.151","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:19.283Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"vibe.co","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 03 Mar 2025 00:00:00 GMT","end":"Thu, 02 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"80:F3:84:8A:96:4D:82:4F:1B:3B:B1:D6:86:42:48:6C:8A:05:F3:3F","sha256":"A8:BF:01:1C:6A:E9:F7:C3:FD:26:C6:61:64:E1:0F:39:B7:20:5F:E6:BB:8D:33:19:88:10:E5:46:D1:A3:80:28"}}},"request":{"raw":"GET /pixel/s?aid=l7haW4\u0026gid=\u0026cid=4bdf3581-09d3-4fc1-aeff-54243009a578\u0026eid=b3e4170a-f44a-4388-9135-2b3e3036b867\u0026a=page_view\u0026ed=\u0026v=gtm_1\u0026url=https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames\u0026ref=\u0026ts=1763271139277\u0026trk=trkid\u0026t=img HTTP/1.1\r\nHost: t.vibe.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 16 Nov 2025 05:32:19 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\nlast-modified: Sun, 16 Nov 2025 05:32:19 GMT\r\nexpires: Wed, 11 Nov 1998 11:11:11 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nvary: origin\r\naccess-control-allow-credentials: true\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"df3e567d6f16d040326c7a0ea29a4f41","sha1":"ea7df583983133b62712b5e73bffbcd45cc53736","sha256":"548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87","sha512":"b2ca25a3311dc42942e046eb1a27038b71d689925b7d6b3ebb4d7cd2c7b9a0c7de3d10175790ac060dc3f8acf3c1708c336626be06879097f4d0ecaa7f567041","ssdeep":"","tlshash":"c2900003caa08002c2a2c0300a0a03002f88a2300228030e80bc30acec3a3a22c02000","first_seen":"2023-04-05T03:49:37Z","last_seen":"2026-04-04T06:28:41.80319Z","times_seen":91582,"resource_available":true,"data":null}},"time_used":1379,"timings":{"blocked":643,"dns":20,"connect":93,"send":0,"wait":93,"receive":0,"ssl":528},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rumt-sg.com/collect?id=dWmboSvoOJ09Wa7ZwW\u0026uin=\u0026version=1.37.4\u0026aid=6bfd39ea-7aa2-409a-9923-32f587048567\u0026env=production\u0026platform=3\u0026netType=100\u0026vp=0%20*%200\u0026sr=1280%20*%201024\u0026sessionId=session-1763271139022\u0026from=https%3A%2F%2Fwww.nikke-eu.com%2Fact%2Fwand%2Fpc-download%2Findex.html%3Fcampaign%3Dpwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU%26campaignid%3DEU%26ad_group%3D3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3%26spend%3D8.0%26clickid%3D23297e6b208c4f40b67b6623522aa70a%26action_type%3Dclick%26uanetwork%3Dpwngames%26lang_type%3Den\u0026referer=","fqdn":"rumt-sg.com","domain":"rumt-sg.com","tld":"com"},"ip":{"addr":"43.156.86.55","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:23.281Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rumt-sg.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Fri, 03 Jan 2025 00:00:00 GMT","end":"Tue, 03 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B3:A2:75:8F:A9:60:48:97:57:63:D7:37:E1:55:58:7E:91:C7:B2:AA","sha256":"99:16:99:A9:EF:66:CA:0E:C4:8A:94:C3:5B:1C:F4:58:C1:D9:54:FE:E8:60:E2:8A:C7:CD:9F:C9:0D:7E:98:23"}}},"request":{"raw":"POST /collect?id=dWmboSvoOJ09Wa7ZwW\u0026uin=\u0026version=1.37.4\u0026aid=6bfd39ea-7aa2-409a-9923-32f587048567\u0026env=production\u0026platform=3\u0026netType=100\u0026vp=0%20*%200\u0026sr=1280%20*%201024\u0026sessionId=session-1763271139022\u0026from=https%3A%2F%2Fwww.nikke-eu.com%2Fact%2Fwand%2Fpc-download%2Findex.html%3Fcampaign%3Dpwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU%26campaignid%3DEU%26ad_group%3D3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3%26spend%3D8.0%26clickid%3D23297e6b208c4f40b67b6623522aa70a%26action_type%3Dclick%26uanetwork%3Dpwngames%26lang_type%3Den\u0026referer= HTTP/1.1\r\nHost: rumt-sg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 1897\r\nOrigin: https://www.nikke-eu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sun, 16 Nov 2025 05:32:23 GMT\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T06:46:00.057853Z","times_seen":13320224,"resource_available":true,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/assets/uploads/channels/18.png","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.crichd.vip/web007","date":"2025-11-16T05:32:11.587Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crichd.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:56:14 GMT","end":"Thu, 05 Feb 2026 05:53:57 GMT"},"fingerprint":{"sha1":"40:25:3E:9A:40:8E:95:C7:E1:D7:E0:E5:03:BD:16:64:DB:44:2E:46","sha256":"35:43:E1:EF:96:B6:B2:9D:09:40:04:F9:0B:26:FE:53:B4:89:D6:E1:4D:6E:4F:3C:5E:59:6B:8F:07:CA:23:1D"}}},"request":{"raw":"GET /assets/uploads/channels/18.png HTTP/1.1\r\nHost: m.crichd.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.crichd.vip/web007\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 05:32:11 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 13 Feb 2017 20:51:27 GMT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iO7OaKMU%2Brc63YOwMvoWrPYW%2FN3DWlusO%2FdnDonLli51PgRZehItgCu%2BJQAweCJy0Tg5lJANiUPe7gEBF2XhUc%2BkGqvEB5Xl9QQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: \"58a21c4f-352f\"\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 1961\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: 99f49b3c08d356c7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13615,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 50, 8-bit/color RGBA, non-interlaced","md5":"a429051deae74831671410c8c1a1314a","sha1":"d04a8ec6d5393b187f9dbb7751ecb79c88a16b4f","sha256":"f0886a11f3f118a58b9065fe7c8d0f33cc77df6f7f6637e9f5050c7d4fe1403c","sha512":"49e79fae537dbc073e2525e84df131abae9daa9150b32c111bb7bac8daa05680915f5fbdce744ce5c30efd91060d02d9965a1f2b15dd07982d78580df0bcce56","ssdeep":"192:qyb6sHKaCZ/sc9UssTSiSAiuO315VlqWPwFeq/HYnuzNTACzq9xf01mtK7b9:db6kf1FerAiX/YWoFLHYuzkgmUh","tlshash":"db52d035d306944ffe1984dd35a39448ea87196e79fb69dee1336dc1481060c7fd6084","first_seen":"2023-05-26T18:24:14Z","last_seen":"2026-02-08T14:16:08.319232Z","times_seen":29,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"boopoaglauph.net/500/9283842?excludes=\u0026oaid=08028361f72b4f92ec2c9a7e627fbf14\u0026tgp=\u0026of=true\u0026sw_version=v1.758.0-s\u0026dmn=gizokraijaw.net\u0026fs=0\u0026cf=0\u0026sw=1280\u0026sh=1024\u0026sah=1024\u0026wx=0\u0026wy=0\u0026ww=1280\u0026wh=1024\u0026cw=271\u0026wiw=271\u0026wih=500\u0026wfc=3\u0026pl=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr1102251136%2Fid.html\u0026drf=https%3A%2F%2Fm.crichd.vip%2F\u0026np=1\u0026pt=0\u0026nb=1\u0026ng=0\u0026ix=1\u0026nw=1\u0026tb=false\u0026navlng=en-US\u0026bto=0\u0026btz=UTC\u0026jsp=1","fqdn":"boopoaglauph.net","domain":"boopoaglauph.net","tld":"net"},"ip":{"addr":"139.45.197.245","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://st.chatango.com/h5/gz/r1102251136/id.html","date":"2025-11-16T05:32:16.307Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"boopoaglauph.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 05:15:43 GMT","end":"Tue, 06 Jan 2026 05:15:42 GMT"},"fingerprint":{"sha1":"24:89:62:DF:C4:F0:79:46:2C:3A:8F:46:18:AB:42:BA:0F:D1:CE:EF","sha256":"63:66:51:4C:3B:6E:AF:90:62:78:E9:83:18:5A:5B:7D:F8:DB:EA:64:A3:DA:8E:0D:D2:46:89:27:83:4A:0A:3F"}}},"request":{"raw":"GET /500/9283842?excludes=\u0026oaid=08028361f72b4f92ec2c9a7e627fbf14\u0026tgp=\u0026of=true\u0026sw_version=v1.758.0-s\u0026dmn=gizokraijaw.net\u0026fs=0\u0026cf=0\u0026sw=1280\u0026sh=1024\u0026sah=1024\u0026wx=0\u0026wy=0\u0026ww=1280\u0026wh=1024\u0026cw=271\u0026wiw=271\u0026wih=500\u0026wfc=3\u0026pl=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr1102251136%2Fid.html\u0026drf=https%3A%2F%2Fm.crichd.vip%2F\u0026np=1\u0026pt=0\u0026nb=1\u0026ng=0\u0026ix=1\u0026nw=1\u0026tb=false\u0026navlng=en-US\u0026bto=0\u0026btz=UTC\u0026jsp=1 HTTP/1.1\r\nHost: boopoaglauph.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nOrigin: https://st.chatango.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://st.chatango.com/\r\nCookie: OAID=08028361f72b4f92ec2c9a7e627fbf14\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 16 Nov 2025 05:32:16 GMT\r\ncontent-type: application/javascript\r\nx-trace-id: ff2d0459a68721c3e457e3e9e36ae210\r\ncache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0\r\npragma: no-cache\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\nvary: Origin\r\naccess-control-allow-origin: https://st.chatango.com\r\naccess-control-expose-headers: Link\r\naccess-control-allow-credentials: true\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version\r\nset-cookie: OAID=08028361f72b4f92ec2c9a7e627fbf14; expires=Mon, 16 Nov 2026 05:32:16 GMT; path=/; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *, *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6013,"size_decoded":0,"mime_type":"application/javascript","magic":"JSON text data","md5":"f4b3581b6018367cb5dc477072b77d75","sha1":"5337d49c280c756cce7e220ecf6196e4cfa570e1","sha256":"7c56fc4b42e1b8399b14f24aef59a6f78e14321e770f0a7ef0d1e64a6017b92b","sha512":"80383fbf16ace052d975d1ef18969052edceae8296dfd5a4338f7623befde0b2f75a106a6780fa3f2f15ed4a0b23c82e57c5cbf9a8122afd67accc10cfb0f912","ssdeep":"96:JAiX6r9xwwKVyhCeCHUE8WQN3weA0rs7c/uRdhpPC7h+TReJNThdh2hJbm:JAiXI9KAEXUE87weABpPmWgD+Ja","tlshash":"68c1c8df7505d913c9c0af0c27b52d76d8d759291ae72a4c93cec57a82de0b458aa340","first_seen":"2025-11-16T05:32:51.40384Z","last_seen":"2025-11-16T05:32:51.40384Z","times_seen":1,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"boopoaglauph.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"boopoaglauph.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"boopoaglauph.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"boopoaglauph.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"boopoaglauph.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"a-mpd.com/pixel.png?own=c3b830f9a769b49d3250795223caad4d\u0026agt=1fafa7253357262103a42a0fdc865bba\u0026brnd=a61125a78f723e93f8a27e83de942258\u0026pg=7b7b2e218512eee8870c0d4600754161","fqdn":"a-mpd.com","domain":"a-mpd.com","tld":"com"},"ip":{"addr":"34.117.152.183","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:19.298Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a-mpd.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Thu, 09 Oct 2025 02:53:58 GMT","end":"Wed, 07 Jan 2026 03:47:52 GMT"},"fingerprint":{"sha1":"08:C4:9E:DC:D8:B5:22:2B:D4:CB:D5:10:48:49:CD:BF:9C:4F:BA:85","sha256":"3C:33:3B:4E:E6:D2:0E:97:00:79:59:2F:5C:C4:99:6E:1F:C2:CE:0D:53:A6:A9:13:E7:5F:CF:EC:86:0A:34:85"}}},"request":{"raw":"GET /pixel.png?own=c3b830f9a769b49d3250795223caad4d\u0026agt=1fafa7253357262103a42a0fdc865bba\u0026brnd=a61125a78f723e93f8a27e83de942258\u0026pg=7b7b2e218512eee8870c0d4600754161 HTTP/1.1\r\nHost: a-mpd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AOCedOHeO8-tOyLrZ343z7V01JU_yhDMgyRu1ksNHJFfOpehE8NECpVcrNPZs9enQbosg7UdyTk8tUA\r\nx-goog-generation: 1623038254979491\r\nx-goog-metageneration: 2\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 609\r\nx-goog-meta-set-cookie: coucou=binome\r\ncontent-language: en\r\nx-goog-hash: crc32c=Yf0PfA==, md5=aAIXX2GtxAYX6LqHowqmvQ==\r\nx-goog-storage-class: REGIONAL\r\naccept-ranges: bytes\r\ncontent-length: 609\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Content-Type\r\nserver: UploadServer\r\ndate: Sun, 16 Nov 2025 04:33:27 GMT\r\nage: 3532\r\nlast-modified: Mon, 07 Jun 2021 03:57:34 GMT\r\netag: \"6802175f61adc40617e8ba87a30aa6bd\"\r\ncontent-type: image/png\r\ncache-control: public,max-age=3600\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":609,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced","md5":"6802175f61adc40617e8ba87a30aa6bd","sha1":"14c099df9dae2f8586dd5f38f7afd9b3d2e277e5","sha256":"0b960c8f9b3fb4ca1d0b1f43e40b5defd11dbf0fd60ebad49ad50ecc06119170","sha512":"50466572449cd8d16a56c89a26efca5cf8dda8e66efed13ca0d54213b8a8b333fee180923713adf1ff39ca9b86109f29a3577931d8c1baa21907ad26aa3518db","ssdeep":"","tlshash":"b7f046a12c909191ca4f9631cde55041deb28a02bb8ada49f58de87b0f401ca1acf2c9","first_seen":"2023-04-08T22:50:28Z","last_seen":"2026-04-03T12:31:35.861286Z","times_seen":2422,"resource_available":false,"data":null}},"time_used":270,"timings":{"blocked":128,"dns":35,"connect":13,"send":0,"wait":13,"receive":0,"ssl":78},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bat.bing.com/p/action/187030255.js","fqdn":"bat.bing.com","domain":"bing.com","tld":"com"},"ip":{"addr":"150.171.27.10","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:22.054Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.bing.com","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 04","organization":"Microsoft Corporation"},"validity":{"start":"Tue, 09 Sep 2025 10:31:56 GMT","end":"Sun, 08 Mar 2026 10:31:56 GMT"},"fingerprint":{"sha1":"50:8E:E5:0E:CF:A8:D3:35:02:44:1B:62:B8:0C:E5:6C:F2:92:A0:4A","sha256":"AE:24:3D:66:8E:C9:C7:F7:4A:0D:CD:1A:D2:1C:66:76:B4:EF:E3:0C:39:72:89:34:B3:62:09:3A:F8:86:BF:77"}}},"request":{"raw":"GET /p/action/187030255.js HTTP/1.1\r\nHost: bat.bing.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: private,max-age=60\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-cache: CONFIG_NOCACHE\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\nx-msedge-ref: Ref A: D648BD15F041441D8F9D2335432622FA Ref B: OSL231050213034 Ref C: 2025-11-16T05:32:22Z\r\ndate: Sun, 16 Nov 2025 05:32:21 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4130,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with CRLF, LF line terminators","md5":"3673d1fb96d71c6052160655070035ae","sha1":"84699a16080b20aa5e86a5cfcb5c3300ec79050c","sha256":"b99de1b6a67ae4db3b2c90e0c1980a30180e376b4df2146af8d44954e8cf0445","sha512":"adfd76451c13fe380bb42b8881eeb8fcd4eb2c1e13486a542cfd7a2fe95032d13a34fb6566613366c5a1f330f5a68df490ed35058adb8feaf7fe71dfda1d3012","ssdeep":"96:e2ZLc5WT9BvpXKZhUyXuXsk8hLb3Dhm2ykOoe:e2ZLc5WNXK3XuXW5K","tlshash":"9c8140aeb556307958b6f33dd77a9428fb73126b6245ea5078acc8406f38c180678fdc","first_seen":"2025-11-05T17:06:59.779394Z","last_seen":"2025-12-16T18:53:16.586252Z","times_seen":36,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sg-nikke.playerinfinite.com/act/wand/eb4c3a4b-c4f0-4406-bd80-779fd94eae65.webp","fqdn":"sg-nikke.playerinfinite.com","domain":"playerinfinite.com","tld":"com"},"ip":{"addr":"101.33.11.223","port":443,"asn":139341,"as":"ACE","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:23.164Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.playerinfinite.com","organization":"PROXIMA BETA PTE. LIMITED"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 16 Jun 2025 00:00:00 GMT","end":"Mon, 15 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:E7:1F:F5:AE:3C:B7:87:C6:B4:16:8A:44:C2:36:33:62:2C:8F:B3","sha256":"2A:E9:FF:31:20:68:39:73:71:6D:3D:92:50:E4:5A:6C:84:DB:96:95:1E:AC:F4:0E:CB:8C:93:CF:43:86:F5:FE"}}},"request":{"raw":"GET /act/wand/eb4c3a4b-c4f0-4406-bd80-779fd94eae65.webp HTTP/1.1\r\nHost: sg-nikke.playerinfinite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 31 Oct 2025 01:46:44 GMT\r\nEtag: \"745ee2cfc252ce63f2a501c5c6dff3e0\"\r\nContent-Type: image/webp\r\nContent-Length: 7412\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 18138725778023998458\r\nConnection: keep-alive\r\nServer: lego_ovs_video\r\nDate: Sun, 16 Nov 2025 05:32:23 GMT\r\nX-Cache-Lookup: Cache Hit\r\nCache-Control: max-age=604800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7412,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"745ee2cfc252ce63f2a501c5c6dff3e0","sha1":"4314d1d099631ba5df5edff6e0b7d20baf7537a6","sha256":"b75234f1a76e53ac7e90df2cc1d8a04a3ef39f7b0d35c176d046581ae8022e2e","sha512":"96fba2d26682d5be267f44a5203a64293eb83f62b78f6f28f2e582d5d879db67788d66de9694f2a489085a4f8908276ed381b420e85e08f588b8880e7fb3bf02","ssdeep":"96:68I1McbEn1/TDajokVGvKOz3pD7PtOhUnl66zSesVxt4lCVOHKD4Ec/nQKz7RgFc:65VEZmWrzpDIpTdEKD4PQ07Rs3ptPSuy","tlshash":"d5e18e4abd66990e44f390b5f7bc845314d727b2ce43e026cb6b0b4d12491c15b7dfa5","first_seen":"2025-11-06T11:00:44.101852Z","last_seen":"2026-03-05T07:34:47.181843Z","times_seen":19,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"p2yn.com/5/9353294/?oo=1\u0026js_build=iclick-v1.1618.0\u0026userId=08028361f72b4f92ec2c9a7e627fbf14\u0026dmn=bvtpk.com\u0026tt=2\u0026ix=1","fqdn":"p2yn.com","domain":"p2yn.com","tld":"com"},"ip":{"addr":"139.45.195.12","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://st.chatango.com/h5/gz/r1102251136/id.html","date":"2025-11-16T05:32:15.959Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"p2yn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Sep 2025 05:27:55 GMT","end":"Sun, 28 Dec 2025 05:27:54 GMT"},"fingerprint":{"sha1":"3A:5A:0E:B8:A9:06:87:BA:DC:58:BC:E1:AE:2A:E3:CB:58:5D:59:7D","sha256":"27:5C:19:3A:05:81:0F:0E:62:D4:C2:B2:7E:E1:93:86:B8:9F:2C:9D:90:0B:A5:AE:52:48:27:FE:CA:75:F4:5E"}}},"request":{"raw":"POST /5/9353294/?oo=1\u0026js_build=iclick-v1.1618.0\u0026userId=08028361f72b4f92ec2c9a7e627fbf14\u0026dmn=bvtpk.com\u0026tt=2\u0026ix=1 HTTP/1.1\r\nHost: p2yn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 2674\r\nOrigin: https://st.chatango.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://st.chatango.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx\r\ndate: Sun, 16 Nov 2025 05:32:15 GMT\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: https://st.chatango.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\npragma: no-cache, no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T06:46:00.057853Z","times_seen":13320224,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"p2yn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"p2yn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"p2yn.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"__bridge_loaded__/","fqdn":"__bridge_loaded__","domain":"__bridge_loaded__","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:18.728Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: __bridge_loaded__\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T06:46:00.057853Z","times_seen":13320224,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/assets/uploads/channels/52.png","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.crichd.vip/web007","date":"2025-11-16T05:32:11.620Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crichd.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:56:14 GMT","end":"Thu, 05 Feb 2026 05:53:57 GMT"},"fingerprint":{"sha1":"40:25:3E:9A:40:8E:95:C7:E1:D7:E0:E5:03:BD:16:64:DB:44:2E:46","sha256":"35:43:E1:EF:96:B6:B2:9D:09:40:04:F9:0B:26:FE:53:B4:89:D6:E1:4D:6E:4F:3C:5E:59:6B:8F:07:CA:23:1D"}}},"request":{"raw":"GET /assets/uploads/channels/52.png HTTP/1.1\r\nHost: m.crichd.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.crichd.vip/web007\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 05:32:11 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 28 Oct 2021 20:49:08 GMT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5PPB55V3XT8kIbrFPQnzT3D5wnbUKWC8yJMXGjnl3bXF66xDoXv9U00%2BiA1KHopCZktK4R1%2FU975nS81SN%2BSpJO10LwdojlTAQ0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: \"617b0cc4-1778\"\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 1961\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: 99f49b3c18dc56c7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6008,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 119 x 31, 8-bit/color RGBA, non-interlaced","md5":"921bf1936f266fd267f753e3c4b317c7","sha1":"b4ed03777108dbf241007031c14ce95efddd8dda","sha256":"ae7db9f81545600e5a51adc3321b863e30af45500a37652d48189aba97a627df","sha512":"5126d316a69244d9d9805d6e2727e37b68ec14fcd19321dbf83444b7ea3920d8d3ca13aa2e309f464339b61f67170e669932f2fa7675f13cc5df42719b56e977","ssdeep":"96:eXHt+JcNgOSiS4XsAYNpf2ESN4cUS3MZgMPQuLf5fsA30eghzNgv1AWeSoC9:KoONgOLPXsAYnVS3MTrLhUAaXgvWbC9","tlshash":"d9c19fb874067f6d639b284e8d849bd154c18737212d777f5d47a63260e325e4242c38","first_seen":"2023-05-26T18:24:13Z","last_seen":"2026-02-08T14:16:08.303752Z","times_seen":29,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"track.iegcom.com/c/0eQ4H9?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click","fqdn":"track.iegcom.com","domain":"iegcom.com","tld":"com"},"ip":{"addr":"34.49.88.155","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://st.chatango.com/h5/gz/r1102251136/id.html","date":"2025-11-16T05:32:17.552Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"track.iegcom.com","organization":""},"issuer":{"commonName":"DNSPod DV TLS RSA CA 2025","organization":"DNSPod, Inc."},"validity":{"start":"Tue, 28 Oct 2025 00:00:00 GMT","end":"Tue, 27 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:2A:71:4B:75:E9:66:F5:FD:05:E7:53:B7:1A:20:FF:DD:F4:A0:56","sha256":"81:74:2D:04:92:3C:B4:23:12:7C:91:86:68:90:62:25:5B:DB:75:03:F6:41:BF:00:BF:57:60:9C:93:DB:6E:E6"}}},"request":{"raw":"GET /c/0eQ4H9?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click HTTP/1.1\r\nHost: track.iegcom.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\nlocation: https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames\r\nvary: Accept\r\ncontent-type: text/html; charset=utf-8\r\nx-cloud-trace-context: dab7c057fe532fb60f386d684fda73ac\r\ndate: Sun, 16 Nov 2025 05:32:17 GMT\r\nserver: Google Frontend\r\ncontent-length: 634\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":75584,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T06:46:00.057853Z","times_seen":13320224,"resource_available":true,"data":null}},"time_used":252,"timings":{"blocked":99,"dns":43,"connect":13,"send":0,"wait":54,"receive":0,"ssl":41},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.aix.levelinfinite.com/sdk/aix_track_web_sdk_v2.js","fqdn":"static.aix.levelinfinite.com","domain":"levelinfinite.com","tld":"com"},"ip":{"addr":"34.111.178.125","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:18.299Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.aix.levelinfinite.com","organization":""},"issuer":{"commonName":"DNSPod RSA DV","organization":"DNSPod, Inc."},"validity":{"start":"Mon, 19 May 2025 00:00:00 GMT","end":"Fri, 12 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"7D:CF:5A:AC:66:2E:EB:43:1C:82:7D:09:F9:A6:92:68:87:44:F9:A8","sha256":"D2:D3:AA:14:66:89:AE:1B:0B:F8:75:13:A8:D3:28:DC:BA:26:3F:CE:D1:16:C7:86:E7:FF:0E:DB:C4:93:F0:A8"}}},"request":{"raw":"GET /sdk/aix_track_web_sdk_v2.js HTTP/1.1\r\nHost: static.aix.levelinfinite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AOCedOG9nAaSc9yKnGFc60FTIkcazU1wKp2vQwx9YZpOKuunuec98cMEER97H2_xUX0y6PThpTGN40I\r\nx-goog-generation: 1758205152992458\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 151550\r\nx-goog-hash: crc32c=/TU1SA==, md5=i5R1rA47enFuu/31EZM90g==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\nserver: UploadServer\r\nvia: 1.1 google\r\ncontent-encoding: br\r\ncontent-length: 51621\r\ndate: Sun, 16 Nov 2025 05:05:48 GMT\r\nage: 1590\r\nlast-modified: Thu, 18 Sep 2025 14:19:13 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\ncache-control: public,max-age=3600\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS\r\naccess-control-allow-headers: cache-control,content-type,game,session-id,x-trace-id,pragma,front-token,rid,fdi-version,anti-csrf,authorization,st-auth-mode\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":151550,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65530), with no line terminators","md5":"8b9475ac0e3b7a716ebbfdf511933dd2","sha1":"712e89ebd82acdc746c5d6edbd950bfb5ae9179d","sha256":"1218403ac302b0da77ee758a6e0d260e69d952e90fa63114cd720f58ad3f4528","sha512":"563cac1294b21af0c10d1f4845433c7a738a5251668c9f82a9c952d2bf0730624b591cd27f8ef8c2928fea9f27e6bd1a48b21498a22168135398ee9a56775a69","ssdeep":"3072:jsz8064R3eKn2VHO85lKdjrfQlSGYkIXhu9KO+:J4R3eKn2VHO85lKdjrfQlSGYkIXhG8","tlshash":"3be3e5ddb2c7f06243e3a575402f210bf23a6e55a84d8494e222d5e17c79a8f9237f78","first_seen":"2025-09-20T23:36:36.246021Z","last_seen":"2025-11-18T23:33:55.745173Z","times_seen":61,"resource_available":true,"data":null}},"time_used":1193,"timings":{"blocked":560,"dns":129,"connect":26,"send":0,"wait":27,"receive":37,"ssl":412},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/assets/uploads/channels/22.png","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.crichd.vip/web007","date":"2025-11-16T05:32:11.610Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crichd.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:56:14 GMT","end":"Thu, 05 Feb 2026 05:53:57 GMT"},"fingerprint":{"sha1":"40:25:3E:9A:40:8E:95:C7:E1:D7:E0:E5:03:BD:16:64:DB:44:2E:46","sha256":"35:43:E1:EF:96:B6:B2:9D:09:40:04:F9:0B:26:FE:53:B4:89:D6:E1:4D:6E:4F:3C:5E:59:6B:8F:07:CA:23:1D"}}},"request":{"raw":"GET /assets/uploads/channels/22.png HTTP/1.1\r\nHost: m.crichd.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.crichd.vip/web007\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 05:32:11 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 28 Oct 2021 20:49:40 GMT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VtUl4gwb5RABkE8Gf66EUK08k1W1FwVHl6cKon%2FbRqKq9swRrrYo7UP%2Ftq1eun33BXZxW0SJogJcS2%2FnuCahWN6maUmW0y92GZQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: \"617b0ce4-1ce6\"\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 1961\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: 99f49b3c18d956c7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7398,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 204 x 34, 8-bit/color RGBA, non-interlaced","md5":"a270059bf781496fcf43cd6c2e6a6c0e","sha1":"980d05fc51854a1d894bb7fda2e736086e44162a","sha256":"3b4bf7cd0855b0576ff9d51fd2c5c37035029b6483311966f5f4a545ecfa5343","sha512":"2a421b035c7b3104bd04a7e820cf0ca9c09cc4c89c08dc9a80dff8c65f6da985b9ad70ebef303a2372b3c1ba2896a3d0be5ce1341e080349dec86744aff76cbe","ssdeep":"192:RoONgOLPXsAYnpSD11ucWGbxHQWoDCacQTl2J:SOWOLv5qQ7EIkncIl2J","tlshash":"1fe1bf37f8c7956b963f0c0a0db9d124215a3a37907cb2fe9ea041a210d7b5a1a9a479","first_seen":"2023-05-26T18:24:14Z","last_seen":"2026-02-08T14:16:08.251019Z","times_seen":27,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?frm=2\u0026en=page_view\u0026dl=https%3A%2F%2Fwww.nikke-eu.com%2Fact%2Fwand%2Fpc-download%2Findex.html\u0026scrsrc=www.googletagmanager.com\u0026rnd=933542880.1763271139\u0026dt=Immersive%20SF%20RPG%20Shooter%20with%20adorable%20Nikkes\u0026navt=n\u0026npa=1\u0026gtm=45He5bc1v899501813za200zd899501813xea\u0026gcd=13l3l3l2l1l1\u0026dma_cps=syphamo\u0026dma=1\u0026tag_exp=103116026~103200004~104527906~104528500~104684208~104684211~105391252~115583767~115938465~115938468~116217636~116217638\u0026tft=1763271139254\u0026tfd=1711\u0026apve=1\u0026apvf=f","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:21.190Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:51 GMT","end":"Mon, 19 Jan 2026 08:35:50 GMT"},"fingerprint":{"sha1":"21:0F:94:6B:44:9F:BB:AA:A3:6F:0D:C4:85:0B:B0:A0:AA:DB:67:72","sha256":"CD:3A:F0:3B:B3:27:BA:BE:E9:D1:21:F1:A4:FB:D8:3F:09:26:AB:58:5C:18:95:13:99:12:2A:8F:9C:0B:F1:C0"}}},"request":{"raw":"POST /ccm/collect?frm=2\u0026en=page_view\u0026dl=https%3A%2F%2Fwww.nikke-eu.com%2Fact%2Fwand%2Fpc-download%2Findex.html\u0026scrsrc=www.googletagmanager.com\u0026rnd=933542880.1763271139\u0026dt=Immersive%20SF%20RPG%20Shooter%20with%20adorable%20Nikkes\u0026navt=n\u0026npa=1\u0026gtm=45He5bc1v899501813za200zd899501813xea\u0026gcd=13l3l3l2l1l1\u0026dma_cps=syphamo\u0026dma=1\u0026tag_exp=103116026~103200004~104527906~104528500~104684208~104684211~105391252~115583767~115938465~115938468~116217636~116217638\u0026tft=1763271139254\u0026tfd=1711\u0026apve=1\u0026apvf=f HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.nikke-eu.com/\r\nOrigin: https://www.nikke-eu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\npragma: no-cache\r\ndate: Sun, 16 Nov 2025 05:32:21 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-type: text/plain\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: https://www.nikke-eu.com\r\naccess-control-expose-headers: date,vary,vary,vary,server,content-length\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T06:46:00.057853Z","times_seen":13320224,"resource_available":true,"data":null}},"time_used":346,"timings":{"blocked":157,"dns":0,"connect":18,"send":0,"wait":31,"receive":0,"ssl":137},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/assets/uploads/channels/50.png","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.crichd.vip/web007","date":"2025-11-16T05:32:11.591Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crichd.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:56:14 GMT","end":"Thu, 05 Feb 2026 05:53:57 GMT"},"fingerprint":{"sha1":"40:25:3E:9A:40:8E:95:C7:E1:D7:E0:E5:03:BD:16:64:DB:44:2E:46","sha256":"35:43:E1:EF:96:B6:B2:9D:09:40:04:F9:0B:26:FE:53:B4:89:D6:E1:4D:6E:4F:3C:5E:59:6B:8F:07:CA:23:1D"}}},"request":{"raw":"GET /assets/uploads/channels/50.png HTTP/1.1\r\nHost: m.crichd.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.crichd.vip/web007\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 05:32:11 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 01 Apr 2018 23:47:33 GMT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FaRxkrYiBRkzRaUk1PAoQjO5103tM%2FoA7xtVDyDbfhVm2HciqnCf9XkDpm7TjNJIrniChOxdX5QDyrIKtejwzGdEUPEYUiZagl8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: \"5ac16f95-5dc1\"\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 1961\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: 99f49b3c08d456c7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":24001,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 800 x 200, 8-bit/color RGBA, non-interlaced","md5":"2e32c452bdf574f5d1efd16b91bd2648","sha1":"4584147f89e6e4ac8abe1cd1ca08f66899ae93ad","sha256":"850e0c6cf0f17829da83f3c98b5637450edfd0cf41cf1f036a664a806db02e5a","sha512":"40bdd42fcc774d086280d408156923e82458a8b9e74c10c87cc15c11f414db56d3439478a51579ba85ab679f62c4c693e502ca4020e19f73a6eb02cfb3f04a27","ssdeep":"384:quGoDcYQ98YtlHOnttUKR4cftRhYc6LQbhn3Oe5Lnz47dL6Xt/0eaLRP6yCY8:quGAcLqOl0KKR1ft/HN3OSLQoF0eQM","tlshash":"20b2e08288bdf6474c8f1574fd9c2f93e2a156ba07f693a8c030d86d4282d3815bb889","first_seen":"2024-08-19T20:24:35.673795Z","last_seen":"2026-02-08T14:16:08.336403Z","times_seen":9,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/lato/v25/S6u9w4BMUTPHh6UVSwiPGQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://m.crichd.vip/web007","date":"2025-11-16T05:32:11.919Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:04 GMT","end":"Mon, 19 Jan 2026 08:35:03 GMT"},"fingerprint":{"sha1":"4A:97:40:A8:11:17:BA:08:56:28:6E:0B:93:8B:64:13:1D:67:D4:2A","sha256":"A2:0A:13:FD:98:22:74:26:3F:C1:44:5C:92:27:22:17:A8:65:07:40:50:F9:14:02:11:E4:87:7F:C5:D2:F1:42"}}},"request":{"raw":"GET /s/lato/v25/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://m.crichd.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 23040\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 12 Nov 2025 00:04:07 GMT\r\nexpires: Thu, 12 Nov 2026 00:04:07 GMT\r\ncache-control: public, max-age=31536000\r\nage: 365285\r\nlast-modified: Mon, 15 Sep 2025 17:11:31 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23040,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 23040, version 1.0","md5":"de69cf9e514df447d1b0bb16f49d2457","sha1":"2ac78601179c3a63ba3f3f3081556b12ddcaf655","sha256":"c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49","sha512":"4aebb7e54d88827d4a02808f04901c0d09b756c518202b056a6c0f664948f5585221d16967f546e064187c6545acef15d59b68d0a7a59897bd899d3e9dda37b1","ssdeep":"384:adpABC4a0HkBpR1HWtGu06B6lsoAKiwY0HcLKglV6Z+DVb35PJZDdiZeJ1vqYg:0AHa0Ezf2tZn6lsoABwTKK46ZQb3V7wD","tlshash":"fca2e1c05cc1e2d4ae02daf7fda5a4eab4e2f01123a8f65f8f114b75d505993640fe01","first_seen":"2023-04-05T13:28:45Z","last_seen":"2026-04-04T06:44:15.5109Z","times_seen":135004,"resource_available":true,"data":null}},"time_used":237,"timings":{"blocked":110,"dns":0,"connect":0,"send":0,"wait":15,"receive":6,"ssl":106},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usrpubtrk.com/ut/hb.php?cb=0.5467424807988063\u0026v=1","fqdn":"usrpubtrk.com","domain":"usrpubtrk.com","tld":"com"},"ip":{"addr":"172.67.186.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://m.crichd.vip/web007","date":"2025-11-16T05:32:11.993Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usrpubtrk.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 12 Oct 2025 12:29:00 GMT","end":"Sat, 10 Jan 2026 13:27:25 GMT"},"fingerprint":{"sha1":"2D:85:E1:CC:5C:69:E9:00:F0:2A:D7:4D:EC:27:FD:E4:0E:99:3F:1F","sha256":"FF:B8:FC:07:03:69:0B:74:AC:FD:81:98:21:29:56:B1:D8:28:5E:79:5B:0B:DF:E3:6B:94:DB:9F:B8:AF:5B:7F"}}},"request":{"raw":"POST /ut/hb.php?cb=0.5467424807988063\u0026v=1 HTTP/1.1\r\nHost: usrpubtrk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 1407\r\nOrigin: https://m.crichd.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.crichd.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sun, 16 Nov 2025 05:32:12 GMT\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WMBVZW%2FKV8gu9xy1JeQUWC9ONUJlI5GtmlZqnkD06AWrrBpqaDJaZoSCJ4h%2BA58Rnjt7acV3M3SW70iMaP9%2BqVkCVvjsqkE41Zcr\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 99f49b3f0a2d56c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T06:46:00.057853Z","times_seen":13320224,"resource_available":true,"data":null}},"time_used":183,"timings":{"blocked":20,"dns":4,"connect":1,"send":0,"wait":143,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.jupiterlauncher.com/api/v1/fleet.platform.game.TinyLinkProxy/Long2Short?channel_id=3\u0026game_id=29080\u0026sdk_version=2.0\u0026seq=\u0026source=1\u0026ts=1763271141","fqdn":"www.jupiterlauncher.com","domain":"jupiterlauncher.com","tld":"com"},"ip":{"addr":"54.176.249.241","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:20.342Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.jupiterlauncher.com","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 27 Mar 2025 00:00:00 GMT","end":"Sun, 26 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"78:3E:C8:3F:AD:CE:4F:26:CD:49:D9:25:D3:64:2D:39:1A:D2:FF:6D","sha256":"53:36:8C:AA:0F:5C:C3:29:7E:35:90:ED:FC:AD:F1:22:AA:1E:5C:55:0E:85:39:E3:40:29:D1:86:A5:44:3E:8E"}}},"request":{"raw":"OPTIONS /api/v1/fleet.platform.game.TinyLinkProxy/Long2Short?channel_id=3\u0026game_id=29080\u0026sdk_version=2.0\u0026seq=\u0026source=1\u0026ts=1763271141 HTTP/1.1\r\nHost: www.jupiterlauncher.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://www.nikke-eu.com/\r\nOrigin: https://www.nikke-eu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 16 Nov 2025 05:32:21 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: openresty/1.19.9.1\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: POST, GET, OPTIONS\r\naccess-control-allow-headers: X-PINGOTHER, Content-Type, trpc-caller\r\naccess-control-allow-origin: https://www.nikke-eu.com\r\naccess-control-max-age: 1000\r\nx-content-type-options: nosniff\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.19.9.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":63,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"d5a1064ed8ae8bb099a13750f1c0f1ac","sha1":"328cafb63893adc1524cd263a079a42751a59134","sha256":"796d97453d8506cc9c0522c7989803617f0ef2ee3bd9fe8f20faeeaa103df279","sha512":"83d00b6cef087a354472a6396f33f3d790de24340eaec4d57f482d77b2c23b8269aeffd2101f484610f530b428665a6585f8e726a37d45350e73e70dccf60f24","ssdeep":"","tlshash":"43a0024058ea0e372b168611710a718668ead2d8497d3111441c5290431095c1f45708","first_seen":"2025-05-19T09:35:00.160912Z","last_seen":"2026-03-24T15:11:49.136064Z","times_seen":67,"resource_available":false,"data":null}},"time_used":1738,"timings":{"blocked":793,"dns":140,"connect":152,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.popin.cc/popin_discovery5-min.js","fqdn":"api.popin.cc","domain":"popin.cc","tld":"cc"},"ip":{"addr":"119.63.193.220","port":443,"asn":38627,"as":"Baidu, Inc.","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:20.767Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.popin.cc","organization":"popIn Inc."},"issuer":{"commonName":"DigiCert Secure Site Pro G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 25 Sep 2025 00:00:00 GMT","end":"Mon, 26 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5B:66:38:53:B4:EB:8A:03:D2:53:C1:B8:40:BD:83:76:E3:03:91:6E","sha256":"98:FB:02:24:15:CB:C2:2D:9F:D5:47:A7:0B:8D:E9:89:7C:FA:F3:93:C9:E6:03:F7:12:F1:A9:C3:A0:B0:48:66"}}},"request":{"raw":"GET /popin_discovery5-min.js HTTP/1.1\r\nHost: api.popin.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nCookie: dv0qai26lg6v2y6kl7yyc36brextdhvlkauebxm5=f8e6g75xr3i; dv0qai26lg6v2y6kl7yyc36brextdcrccz011kp7=ob8zdcm5a3f; dv0qai26lg6v2y6kl7yyc36brextd55y7alon8dt=zczz1i7bbk\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 16 Nov 2025 05:32:20 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nx-amz-replication-status: COMPLETED\r\nLast-Modified: Wed, 02 Apr 2025 02:55:31 GMT\r\nETag: W/\"bffc5b4a0392434c9b0f06f62ef9cf93\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: TAopT4madhGnrDcYkYWTEL2vLMrXqrD8\r\nExpires: Sun, 16 Nov 2025 06:32:20 GMT\r\nCache-Control: max-age=3600\r\nCross-Origin-Resource-Policy: cross-origin\r\nTiming-Allow-Origin: *\r\nX-Cache-Status: HIT from 10.252.55.25\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":159764,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65212), with no line terminators","md5":"bffc5b4a0392434c9b0f06f62ef9cf93","sha1":"e652e4351683c58b59d781b527a2400070228067","sha256":"61d96a4c9eaa6ac781177f0e542cd1f6671ddeadec20a998b3129ca09bc4879b","sha512":"9e7e21cd8943186458da605cb30ca8942e60a8201f56cd520c0a653cb1b2098bf2e2d4b7e5923bc067a7def964a9ff7e0b0fdddea79cc28bf7b3f620ab2c8754","ssdeep":"1536:138umkZYuii+TxwZ1pXmplts7j4YZ8zDsGrsRxYU/neeZGk/oP8V4ac+BI0BZ4JE:MyqOVZ8zDEY6ZGI4azyO4UYxjzKX","tlshash":"d1f3f9fff24d192e819e45285c2f5f35737a35c89906c50af929d8e16be8e053026bbc","first_seen":"2025-04-24T04:39:34.093857Z","last_seen":"2026-04-04T04:32:38.985059Z","times_seen":131,"resource_available":true,"data":null}},"time_used":991,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":497,"receive":494,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sg-nikke.playerinfinite.com/act/wand/ce1e8cdf-18b1-4159-a647-ddede11885ae.webp","fqdn":"sg-nikke.playerinfinite.com","domain":"playerinfinite.com","tld":"com"},"ip":{"addr":"101.33.11.223","port":443,"asn":139341,"as":"ACE","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:21.402Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.playerinfinite.com","organization":"PROXIMA BETA PTE. LIMITED"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 16 Jun 2025 00:00:00 GMT","end":"Mon, 15 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:E7:1F:F5:AE:3C:B7:87:C6:B4:16:8A:44:C2:36:33:62:2C:8F:B3","sha256":"2A:E9:FF:31:20:68:39:73:71:6D:3D:92:50:E4:5A:6C:84:DB:96:95:1E:AC:F4:0E:CB:8C:93:CF:43:86:F5:FE"}}},"request":{"raw":"GET /act/wand/ce1e8cdf-18b1-4159-a647-ddede11885ae.webp HTTP/1.1\r\nHost: sg-nikke.playerinfinite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 11 Sep 2024 09:23:51 GMT\r\nEtag: \"efa5180192bff53a1e998c329bd112f4\"\r\nContent-Type: image/webp\r\nContent-Length: 44\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 1814597094394372095\r\nConnection: keep-alive\r\nServer: lego_ovs_video\r\nDate: Sun, 16 Nov 2025 05:32:21 GMT\r\nX-Cache-Lookup: Cache Hit\r\nCache-Control: max-age=604800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":44,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1x16, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"efa5180192bff53a1e998c329bd112f4","sha1":"6a8f3cf935101e022708ce7c6f90a22039433e5f","sha256":"24191478ecaaa411a49875a7aa9f74b2110ecab03e86d13e4596f3ca9f988157","sha512":"ef2bcc50dfd1e213c0d74d4a0e8e2fe5254672800824c028181259ca2c1dae420f76723128a9070f12e6d2b6949cff571b53dc5623b6f3f3e8694063b3ddc6b6","ssdeep":"","tlshash":"32900201a310a560c418583d147d03520159a0904001919114c54caa04114483a0514a","first_seen":"2024-12-27T16:14:47.812008Z","last_seen":"2026-03-05T07:34:47.163669Z","times_seen":45,"resource_available":false,"data":null}},"time_used":403,"timings":{"blocked":182,"dns":118,"connect":20,"send":0,"wait":33,"receive":0,"ssl":42},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sg-nikke.playerinfinite.com/act/wand/4f85e23a-e75c-4603-8126-5e89ae70be66.webp","fqdn":"sg-nikke.playerinfinite.com","domain":"playerinfinite.com","tld":"com"},"ip":{"addr":"101.33.11.223","port":443,"asn":139341,"as":"ACE","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:21.405Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.playerinfinite.com","organization":"PROXIMA BETA PTE. LIMITED"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 16 Jun 2025 00:00:00 GMT","end":"Mon, 15 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:E7:1F:F5:AE:3C:B7:87:C6:B4:16:8A:44:C2:36:33:62:2C:8F:B3","sha256":"2A:E9:FF:31:20:68:39:73:71:6D:3D:92:50:E4:5A:6C:84:DB:96:95:1E:AC:F4:0E:CB:8C:93:CF:43:86:F5:FE"}}},"request":{"raw":"GET /act/wand/4f85e23a-e75c-4603-8126-5e89ae70be66.webp HTTP/1.1\r\nHost: sg-nikke.playerinfinite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 11 Sep 2024 08:38:06 GMT\r\nEtag: \"cbc5046000fbee7ac528f81381f12b75\"\r\nContent-Type: image/webp\r\nContent-Length: 624\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 1246802184342662153\r\nConnection: keep-alive\r\nServer: lego_ovs_video\r\nDate: Sun, 16 Nov 2025 05:32:21 GMT\r\nX-Cache-Lookup: Cache Hit\r\nCache-Control: max-age=604800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":624,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"cbc5046000fbee7ac528f81381f12b75","sha1":"77cb1baa8f023c3273e4a761fd8064dae6da575a","sha256":"8a3ea499391b1c20928624c44de4bd1e0d597bb14af39ad7b658744dae12827d","sha512":"2aa57bee891b795051fe603e610fe7c48bf3c488160963c20eb887bfa5f733a1b69439523ef6396f204a3bd13848bbae463efa8c4f6b61ddeb3aee6c0f971e94","ssdeep":"","tlshash":"8df0023ea058481da8611d07a53bb557a0558d281d3dfe4c08226c8b06b248195a26a5","first_seen":"2024-12-27T16:14:47.806135Z","last_seen":"2026-03-05T07:34:47.182705Z","times_seen":45,"resource_available":false,"data":null}},"time_used":424,"timings":{"blocked":179,"dns":115,"connect":20,"send":0,"wait":60,"receive":0,"ssl":44},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/assets/images/schedule.png?123","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.crichd.vip/web007","date":"2025-11-16T05:32:11.563Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crichd.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:56:14 GMT","end":"Thu, 05 Feb 2026 05:53:57 GMT"},"fingerprint":{"sha1":"40:25:3E:9A:40:8E:95:C7:E1:D7:E0:E5:03:BD:16:64:DB:44:2E:46","sha256":"35:43:E1:EF:96:B6:B2:9D:09:40:04:F9:0B:26:FE:53:B4:89:D6:E1:4D:6E:4F:3C:5E:59:6B:8F:07:CA:23:1D"}}},"request":{"raw":"GET /assets/images/schedule.png?123 HTTP/1.1\r\nHost: m.crichd.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.crichd.vip/web007\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 05:32:11 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 13 Feb 2017 20:33:42 GMT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CKTiNEuHZvLVSg%2FfNywnsqMigXmDOeeNQTOE%2FyaS%2F%2FaWdSuXvOboMDDoBYjCZqd2emonThI8P2sp1LMYwWTJ5LA64unLqdCElQ8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: \"58a21826-177d\"\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 1968\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: 99f49b3bf8cd56c7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6013,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 114 x 21, 8-bit/color RGBA, non-interlaced","md5":"319890f0ff4cd65335c7b4b50cdceff7","sha1":"8364bfa7218154bd2b5cd59a6011f9fe2766d960","sha256":"0f59a2bc24c292574a9e2466cc371e96d7528a312ef129c09a53fd86ba4fbaa1","sha512":"6b08787797580755ce63794bfc333f37abbbab2aba91c3e420322803036df85bbed2e810b0523714795a2cbd7378bb248a63960d3620e278e5f1867fe7e9c3f3","ssdeep":"96:nSDZ/I09Da01l+gmkyTt6Hk8nTbzvC6vVkN5ymJHpVot7Qh52xy1S6JeiId9:nSDS0tKg9E05TnPvVY5fiJQrU4I9","tlshash":"afc19e3ea270945eb4cf394148dd828391a315a8cbea35341692bccb52a5d879b761b3","first_seen":"2023-05-26T18:24:13Z","last_seen":"2026-02-08T14:16:08.264387Z","times_seen":27,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/gid.js","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"172.64.146.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.crichd.vip/web007","date":"2025-11-16T05:32:11.974Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"my.rtmark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 26 Oct 2025 15:37:01 GMT","end":"Sat, 24 Jan 2026 16:36:49 GMT"},"fingerprint":{"sha1":"84:49:FF:DC:BD:D8:BA:3D:2F:25:0B:EF:CA:E4:6D:73:79:8C:F9:7D","sha256":"AF:21:94:4D:14:07:CF:FC:E5:3C:3C:F4:AC:47:9E:83:98:6A:62:87:FB:8C:27:43:25:FB:97:CC:47:15:99:4A"}}},"request":{"raw":"GET /gid.js HTTP/1.1\r\nHost: my.rtmark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.crichd.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.crichd.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 16 Nov 2025 05:32:12 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: https://m.crichd.vip\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token\r\naccess-control-expose-headers: Authorization\r\naccess-control-allow-credentials: true\r\nset-cookie: ID=08028361f72b4f92ec2c9a7e627fbf14; expires=Mon, 16 Nov 2026 05:32:12 GMT; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncf-ray: 99f49b3eead8b50b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":65,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"6f036e6037429fd65da04f4ccf7e328c","sha1":"10c40c1e1ea90b0f5218f1ed95a0d90badb5df14","sha256":"ad58ee55597173a2d77e3e5b3fe16c2516c642eec165b7b3783e6bd81d5d5954","sha512":"6e2591d842ece5bb99c9aebc55ef2156b7b20dd35878b388e0632a83c9572d08f3c3c8745cde3d7d53978d09a56312ef040191f9593f5f2fc14cb6b9d9561351","ssdeep":"","tlshash":"72a022ccc82822e200000e380c8bcf8288808080208202c802c0802a0883c0c828030c","first_seen":"2025-11-16T05:32:51.417222Z","last_seen":"2025-11-16T05:32:51.417222Z","times_seen":1,"resource_available":false,"data":null}},"time_used":78,"timings":{"blocked":20,"dns":1,"connect":1,"send":0,"wait":37,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"wss","addr":"s36.chatango.com:8081/","fqdn":"s36.chatango.com","domain":"chatango.com","tld":"com"},"ip":{"addr":"208.93.230.151","port":8081,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://st.chatango.com/h5/gz/r1102251136/id.html","date":"2025-11-16T05:32:13.482Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.chatango.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 15 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:69:E1:D0:F3:D1:74:D0:DA:D5:22:F8:D3:1E:06:08:AD:10:C4:11","sha256":"09:28:F7:57:15:FC:10:13:9B:36:F1:1C:C5:1D:EE:8C:45:0E:F5:7B:37:E3:7C:84:D3:8B:89:EE:9E:19:0E:20"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: s36.chatango.com:8081\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://st.chatango.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: cUTQg0ry4mIYCiQrFd9cvA==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nUpgrade: websocket\r\nConnection: Upgrade\r\nSec-WebSocket-Accept: juIlnYRnkpu7/YuDFt1UjDKtlLo=\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T06:46:00.057853Z","times_seen":13320224,"resource_available":true,"data":null}},"time_used":708,"timings":{"blocked":0,"dns":1,"connect":168,"send":0,"wait":163,"receive":0,"ssl":374},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.nikke-eu.com/act/wand/pc-download/assets/aegis.min.2701904f.js","fqdn":"www.nikke-eu.com","domain":"nikke-eu.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:18.885Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"nikke-eu.com","organization":"PROXIMA BETA PTE. LIMITED"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 17 Feb 2025 00:00:00 GMT","end":"Wed, 18 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4E:FB:88:CA:40:A1:31:87:4F:97:97:6A:22:B0:FF:2E:E1:05:F8:34","sha256":"28:C3:99:73:D6:D0:D3:D2:B1:57:C9:C7:66:61:2B:DF:2A:BE:F0:2F:14:6A:2E:77:E8:42:65:3C:DA:8A:EE:C0"}}},"request":{"raw":"GET /act/wand/pc-download/assets/aegis.min.2701904f.js HTTP/1.1\r\nHost: www.nikke-eu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/act/wand/pc-download/assets/index.d154e7f6.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 31 Oct 2025 11:19:02 GMT\r\nContent-Encoding: gzip\r\nEtag: \"9cf02f40b7fed4734dfd47709f517fb7\"\r\nContent-Type: application/javascript\r\nDate: Fri, 31 Oct 2025 11:19:54 GMT\r\nServer: tencent-cos\r\nx-cos-hash-crc64ecma: 12295172368811250608\r\nx-cos-request-id: NjkwNDliNWFfMjE4ZjdjMWVfM2IwM2RfMWQyNWUwNDE=\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-trace-id: OGVmYzZiMmQzYjA2OWNhODk0NTRkMTBiOWVmMDAxODc0OWRkZjk0ZDM1NmI1M2E2MTRlY2MzZDhmNmI5MWI1OWE4OGMxZjNjY2JiNTBmMTVmMWY1MzAzYzkyZGQ2ZWM4MzZkMTZiZDQxYTg4MzRiMzIwYzRkYTRjMWFkNDM3YjQ=\r\nx-cosindex-replication-status: Complete\r\nContent-Length: 22281\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 1997391384202702106\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":67993,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (20558)","md5":"9cf02f40b7fed4734dfd47709f517fb7","sha1":"b517fb08ff35b1811f5c6e4401989d034c45d8e7","sha256":"f00ddae5ab5e7dc0ed19f372ad09e7716ac1aeab1d2c940bbf0a4d4dd9a786c3","sha512":"1c66663b33f95a11c8e227cdb97b2c983bd14a4df338ecdbc1f80ccde61209e18bc7209492c2d18c7c3e78b1d4d9a8eb7300a728c4dfe57c8af4102d86807e5c","ssdeep":"768:dHBoO3oD0EeBDmgFe2HV3dzw29VFBuRiHV0y39J4xfS6NCUx9FZ3FTFafXu5GB:dGOtBK4gOjViHPnFTEes","tlshash":"6e63198df399347212a7a970802f110b723bbaa5580c9474b66ddbf52fb4a0e0167f7d","first_seen":"2025-11-05T17:06:59.816552Z","last_seen":"2025-11-18T23:33:55.827587Z","times_seen":37,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":21,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sg-nikke.playerinfinite.com/act/wand/a8bd8c29-6075-4617-874a-f4a340003018.webp","fqdn":"sg-nikke.playerinfinite.com","domain":"playerinfinite.com","tld":"com"},"ip":{"addr":"101.33.11.223","port":443,"asn":139341,"as":"ACE","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:21.404Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.playerinfinite.com","organization":"PROXIMA BETA PTE. LIMITED"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 16 Jun 2025 00:00:00 GMT","end":"Mon, 15 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:E7:1F:F5:AE:3C:B7:87:C6:B4:16:8A:44:C2:36:33:62:2C:8F:B3","sha256":"2A:E9:FF:31:20:68:39:73:71:6D:3D:92:50:E4:5A:6C:84:DB:96:95:1E:AC:F4:0E:CB:8C:93:CF:43:86:F5:FE"}}},"request":{"raw":"GET /act/wand/a8bd8c29-6075-4617-874a-f4a340003018.webp HTTP/1.1\r\nHost: sg-nikke.playerinfinite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 11 Sep 2024 09:24:09 GMT\r\nEtag: \"efa5180192bff53a1e998c329bd112f4\"\r\nContent-Type: image/webp\r\nContent-Length: 44\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 10500094574778643739\r\nConnection: keep-alive\r\nServer: lego_ovs_video\r\nDate: Sun, 16 Nov 2025 05:32:21 GMT\r\nX-Cache-Lookup: Cache Hit\r\nCache-Control: max-age=604800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":44,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1x16, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"efa5180192bff53a1e998c329bd112f4","sha1":"6a8f3cf935101e022708ce7c6f90a22039433e5f","sha256":"24191478ecaaa411a49875a7aa9f74b2110ecab03e86d13e4596f3ca9f988157","sha512":"ef2bcc50dfd1e213c0d74d4a0e8e2fe5254672800824c028181259ca2c1dae420f76723128a9070f12e6d2b6949cff571b53dc5623b6f3f3e8694063b3ddc6b6","ssdeep":"","tlshash":"32900201a310a560c418583d147d03520159a0904001919114c54caa04114483a0514a","first_seen":"2024-12-27T16:14:47.812008Z","last_seen":"2026-03-05T07:34:47.163669Z","times_seen":45,"resource_available":false,"data":null}},"time_used":393,"timings":{"blocked":183,"dns":116,"connect":21,"send":0,"wait":21,"receive":0,"ssl":41},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bat.bing.net/action/0?ti=187030255\u0026Ver=2\u0026mid=c38b50e3-4550-47fb-9f78-3598ab3ffd45\u0026bo=2\u0026pi=918639831\u0026lg=en-US\u0026sw=1280\u0026sh=1024\u0026sc=24\u0026tl=Immersive%20SF%20RPG%20Shooter%20with%20adorable%20Nikkes\u0026kw=nikke,GODDESS%20OF%20VICTORY%3A%20NIKKE,nikki,love%20nikki,shining%20nikki,vlad%20and%20nikki%20games,shiftup,nikki%20dress%20up,NIKKE%20PC,NIKKE%20PC%20Download,NIKKE%20PC%20Version,N%20I%20K%20K%20E,nikki%20dress%20up,GODDESSOFVICTORYNIKKE,%E8%83%9C%E5%88%A9%E5%A5%B3%E7%A5%9E,%E5%8B%9D%E5%88%A9%E3%81%AE%E5%A5%B3%E7%A5%9Enikke,%E5%8B%9D%E5%88%A9%E3%81%AE%E5%A5%B3%E7%A5%9E%3ANIKKE,%E3%83%8B%E3%82%B1%20%E6%9C%80%E5%BC%B7,%E3%83%A1%E3%82%AC%E3%83%8B%E3%82%B1,%E5%8B%9D%E5%88%A9%E3%81%AE%E5%A5%B3%E7%A5%9E,nikke%20pc%20%E3%83%AA%E3%82%BB%E3%83%9E%E3%83%A9,nikke%20pc%20%E9%80%A3%E6%90%BA,%E3%83%8B%E3%82%B1,%E3%81%AB%E3%81%A3%E3%81%91,%E3%83%8B%E3%83%83%E3%82%B1,%E3%81%AB%E3%81%91%20pc\u0026p=https%3A%2F%2Fwww.nikke-eu.com%2Fact%2Fwand%2Fpc-download%2Findex.html%3Fcampaign%3Dpwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU%26campaignid%3DEU%26ad_group%3D3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3%26spend%3D8.0%26clickid%3D23297e6b208c4f40b67b6623522aa70a%26action_type%3Dclick%26uanetwork%3Dpwngames%26lang_type%3Den\u0026r=\u0026lt=1261\u0026evt=pageLoad\u0026ifm=1\u0026sv=2\u0026asc=D\u0026cdb=AQEZ\u0026rn=194366","fqdn":"bat.bing.net","domain":"bing.net","tld":"net"},"ip":{"addr":"150.171.28.10","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:22.308Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bat.bing.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 08","organization":"Microsoft Corporation"},"validity":{"start":"Tue, 21 Oct 2025 02:00:33 GMT","end":"Sun, 19 Apr 2026 02:00:33 GMT"},"fingerprint":{"sha1":"62:7A:BC:C4:E3:80:17:91:83:49:E3:83:45:24:DB:AE:BF:0B:EB:1F","sha256":"49:47:A8:23:DF:CE:A3:73:C0:ED:8D:5E:33:E9:AB:A1:79:C3:B9:92:74:C0:63:B4:37:11:CF:FB:2E:39:9D:CF"}}},"request":{"raw":"GET /action/0?ti=187030255\u0026Ver=2\u0026mid=c38b50e3-4550-47fb-9f78-3598ab3ffd45\u0026bo=2\u0026pi=918639831\u0026lg=en-US\u0026sw=1280\u0026sh=1024\u0026sc=24\u0026tl=Immersive%20SF%20RPG%20Shooter%20with%20adorable%20Nikkes\u0026kw=nikke,GODDESS%20OF%20VICTORY%3A%20NIKKE,nikki,love%20nikki,shining%20nikki,vlad%20and%20nikki%20games,shiftup,nikki%20dress%20up,NIKKE%20PC,NIKKE%20PC%20Download,NIKKE%20PC%20Version,N%20I%20K%20K%20E,nikki%20dress%20up,GODDESSOFVICTORYNIKKE,%E8%83%9C%E5%88%A9%E5%A5%B3%E7%A5%9E,%E5%8B%9D%E5%88%A9%E3%81%AE%E5%A5%B3%E7%A5%9Enikke,%E5%8B%9D%E5%88%A9%E3%81%AE%E5%A5%B3%E7%A5%9E%3ANIKKE,%E3%83%8B%E3%82%B1%20%E6%9C%80%E5%BC%B7,%E3%83%A1%E3%82%AC%E3%83%8B%E3%82%B1,%E5%8B%9D%E5%88%A9%E3%81%AE%E5%A5%B3%E7%A5%9E,nikke%20pc%20%E3%83%AA%E3%82%BB%E3%83%9E%E3%83%A9,nikke%20pc%20%E9%80%A3%E6%90%BA,%E3%83%8B%E3%82%B1,%E3%81%AB%E3%81%A3%E3%81%91,%E3%83%8B%E3%83%83%E3%82%B1,%E3%81%AB%E3%81%91%20pc\u0026p=https%3A%2F%2Fwww.nikke-eu.com%2Fact%2Fwand%2Fpc-download%2Findex.html%3Fcampaign%3Dpwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU%26campaignid%3DEU%26ad_group%3D3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3%26spend%3D8.0%26clickid%3D23297e6b208c4f40b67b6623522aa70a%26action_type%3Dclick%26uanetwork%3Dpwngames%26lang_type%3Den\u0026r=\u0026lt=1261\u0026evt=pageLoad\u0026ifm=1\u0026sv=2\u0026asc=D\u0026cdb=AQEZ\u0026rn=194366 HTTP/1.1\r\nHost: bat.bing.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\ncache-control: no-cache, must-revalidate\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\naccess-control-allow-origin: *\r\nx-cache: CONFIG_NOCACHE\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\nx-msedge-ref: Ref A: F5BE50EDEE954BD5B266B1A6A1893E5C Ref B: OSL231050215060 Ref C: 2025-11-16T05:32:22Z\r\ndate: Sun, 16 Nov 2025 05:32:22 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T06:46:00.057853Z","times_seen":13320224,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/assets/uploads/channels/19.png","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.crichd.vip/web007","date":"2025-11-16T05:32:11.567Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crichd.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:56:14 GMT","end":"Thu, 05 Feb 2026 05:53:57 GMT"},"fingerprint":{"sha1":"40:25:3E:9A:40:8E:95:C7:E1:D7:E0:E5:03:BD:16:64:DB:44:2E:46","sha256":"35:43:E1:EF:96:B6:B2:9D:09:40:04:F9:0B:26:FE:53:B4:89:D6:E1:4D:6E:4F:3C:5E:59:6B:8F:07:CA:23:1D"}}},"request":{"raw":"GET /assets/uploads/channels/19.png HTTP/1.1\r\nHost: m.crichd.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.crichd.vip/web007\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 05:32:11 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 28 Oct 2021 20:48:06 GMT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FAIM2WYhQEUM0hU4cdUBzWIswL%2Br3KoRqcE0wPg7cr%2BB5wzTUtBhSjITrhTl8IQ38gtFkmVbo9I4Y0vE8%2BPu0l5mMD0CXdcgvy4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: \"617b0c86-18860\"\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 1961\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: 99f49b3bf8cf56c7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":100448,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 646 x 281, 8-bit/color RGBA, non-interlaced","md5":"c8f4c4535990e2db18abcebead0780b7","sha1":"b3ae2959eff589996df721672c787fed7ce22671","sha256":"677d4b6c4df8e07b4982afda7717adc7f20f9520684725d4eef894c90981be7b","sha512":"51708ef81a52fd2fbaa8dff8926426af95bece494f61679408186bdf6efea897a91d77e269c8f704f6083476fd027986b1038ad5560cbcc766c8d1b2e2c142a8","ssdeep":"1536:p/OPRZXZCAAWtcYevaS9jPbWQuMtnYfzR7a/zEKklLTAnthf+jB44Q8:J8C95tjPbPuiYpTnL0bf+F4X8","tlshash":"d0a3125c96a2bf0dfbc7d23898afa72490a2c2d9543223bcfe1a5504d4cd5d0e5eee41","first_seen":"2023-05-26T18:24:13Z","last_seen":"2026-02-08T14:16:08.302532Z","times_seen":28,"resource_available":false,"data":null}},"time_used":64,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":56,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"track.iegcom.com/report","fqdn":"track.iegcom.com","domain":"iegcom.com","tld":"com"},"ip":{"addr":"34.49.88.155","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:20.183Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"track.iegcom.com","organization":""},"issuer":{"commonName":"DNSPod DV TLS RSA CA 2025","organization":"DNSPod, Inc."},"validity":{"start":"Tue, 28 Oct 2025 00:00:00 GMT","end":"Tue, 27 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:2A:71:4B:75:E9:66:F5:FD:05:E7:53:B7:1A:20:FF:DD:F4:A0:56","sha256":"81:74:2D:04:92:3C:B4:23:12:7C:91:86:68:90:62:25:5B:DB:75:03:F6:41:BF:00:BF:57:60:9C:93:DB:6E:E6"}}},"request":{"raw":"POST /report HTTP/1.1\r\nHost: track.iegcom.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 1525\r\nOrigin: https://www.nikke-eu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 201 Created\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\ncontent-type: application/json; charset=utf-8\r\netag: W/\"19-pSuUqvA1T8UMUbHJkpqfXlk/bjI\"\r\nx-cloud-trace-context: 65f183189edd94909f54a2982959a733\r\ndate: Sun, 16 Nov 2025 05:32:20 GMT\r\nserver: Google Frontend\r\ncontent-length: 25\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"201","status_text":"Created","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":25,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"66f41088bf6267ad8ea40e3533e2f275","sha1":"a52b94aaf0354fc50c51b1c9929a9f5e593f6e32","sha256":"cf29e1b2087058ccb7d034620fc45bb35671afa6509fbd6459f315ddf6b82343","sha512":"bf3b0c147804c73fdb49592ed285c3b650ee3d0581e2893524182322f56608845765dd44928b84b051b7fddf5d243388c9f1f82508e6f2f8fad3213ad5eca933","ssdeep":"","tlshash":"6d7000330008088322003c0c00030b0a208008a0aa000ba0c02c080c8a0c088a382000","first_seen":"2023-05-06T09:48:28Z","last_seen":"2026-04-01T23:27:14.185594Z","times_seen":132,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":28,"dns":0,"connect":0,"send":0,"wait":67,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/web007","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-16T05:32:11.165Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crichd.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:56:14 GMT","end":"Thu, 05 Feb 2026 05:53:57 GMT"},"fingerprint":{"sha1":"40:25:3E:9A:40:8E:95:C7:E1:D7:E0:E5:03:BD:16:64:DB:44:2E:46","sha256":"35:43:E1:EF:96:B6:B2:9D:09:40:04:F9:0B:26:FE:53:B4:89:D6:E1:4D:6E:4F:3C:5E:59:6B:8F:07:CA:23:1D"}}},"request":{"raw":"GET /web007 HTTP/1.1\r\nHost: m.crichd.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 16 Nov 2025 05:32:11 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=E1g2A8XYGllSF0Zbj%2BUgZAEt8cn%2BOdLlzx1JcylIZ8NloSpmx04xQUdLEUVCuns2ftN1l4ajmCF%2BobhEWmJh6hLOf5075%2FNELwMtHw%3D%3D\"}]}\r\nvary: Accept-Encoding\r\nx-powered-by: PHP/8.1.29\r\naccess-control-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 99f49b39bd4835a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Chatango","description":"Chatango is a website used for connecting to a large selection of users.","website":"https://chatango.com","common_platform_enumeration":"","icon":"Chatango.png","categories":["Widgets"]},{"name":"PHP:8.1.29","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":23895,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (1244), with CRLF, LF line terminators","md5":"ea608282f5237c07b2aaf6bfa77a1958","sha1":"ab7bb962d65996375b5e709ced5723a55df47b7c","sha256":"82d8c61884fa113bae0879efb0de960cf4ce2f06699822f5a713cafa236c7c5f","sha512":"8a2783f7996975cac66e68263a6e2674863c62373b06126c6c53b3efe8f3dabc184ce44374d19e395ae921e735cb49d7a7b892e1d50e0ac375e8556b1ffd6429","ssdeep":"384:bUhCRU5vB+2m8eKdYEn5WKSn5VkBqPJZ/L/4/2/s/Zr/k/N/r/4F/0/a/S/Zk/uS:bSv6iyEhyEj7pQ4nPX","tlshash":"e0b274b352cc4c77414220c7a1217b9c649f9f77d3648469f9bf8f9ae380c94a92396b","first_seen":"2025-11-16T05:32:51.420202Z","last_seen":"2025-11-16T05:32:51.420202Z","times_seen":1,"resource_available":false,"data":null}},"time_used":129,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":129,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Lato:300,400,700,900\u0026subset=latin,latin-ext","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.crichd.vip/web007","date":"2025-11-16T05:32:11.531Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:34:58 GMT","end":"Mon, 19 Jan 2026 08:34:57 GMT"},"fingerprint":{"sha1":"56:14:7E:EF:FA:D2:CF:DD:3B:30:9C:AE:7A:C9:AD:9E:A7:87:3D:E9","sha256":"72:DD:0F:82:4D:8A:09:2D:BB:5B:E6:1B:6F:09:F8:1E:BD:BD:D3:3E:B8:A4:8C:B9:49:13:4D:DC:D7:EF:EA:77"}}},"request":{"raw":"GET /css?family=Lato:300,400,700,900\u0026subset=latin,latin-ext HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.crichd.vip/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 16 Nov 2025 05:32:11 GMT\r\ndate: Sun, 16 Nov 2025 05:32:11 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3120,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"18517f5588e7718106a9324c50e27827","sha1":"e937175b833b7dca4e6a183518bbc41a1c415c3a","sha256":"febf977cb236ff76151d402d7a830d5673bfebc8b0cb27be0a73492b0b5bebcd","sha512":"144857c19d306e8b17ca12ad41e0ff760ffd8ac5337d475754f1ce9dac14d33ab234f89212be1a20f6f5538fde6fe2316715e5bc97f9d56227391b1942af9c78","ssdeep":"","tlshash":"fa51be92096fb908db830cc212c97d32ef0f625064499935aeff14d8bca7d699372b0d","first_seen":"2025-09-17T10:10:53.658643Z","last_seen":"2026-04-04T01:06:40.973021Z","times_seen":1363,"resource_available":false,"data":null}},"time_used":405,"timings":{"blocked":176,"dns":1,"connect":21,"send":0,"wait":32,"receive":0,"ssl":172},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/assets/js/jquery.min.js","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.crichd.vip/web007","date":"2025-11-16T05:32:11.546Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crichd.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:56:14 GMT","end":"Thu, 05 Feb 2026 05:53:57 GMT"},"fingerprint":{"sha1":"40:25:3E:9A:40:8E:95:C7:E1:D7:E0:E5:03:BD:16:64:DB:44:2E:46","sha256":"35:43:E1:EF:96:B6:B2:9D:09:40:04:F9:0B:26:FE:53:B4:89:D6:E1:4D:6E:4F:3C:5E:59:6B:8F:07:CA:23:1D"}}},"request":{"raw":"GET /assets/js/jquery.min.js HTTP/1.1\r\nHost: m.crichd.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.crichd.vip/web007\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 05:32:11 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 13 Feb 2017 20:34:06 GMT\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GYDOOukQS9mSHKCT6YRvQYdkJay0Z0hRG9Rv8k6h7SnC6%2BrxsGOld3n%2FrttWzsntj%2Bvcg737bso%2BzotTvpALuxRGrGLMm%2FSZKBU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: \"58a2183e-176da\"\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 1969\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: 99f49b3be8c456c7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":95962,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32038), with CRLF line terminators","md5":"13c0a5055cca7b2463b2f73701960b9e","sha1":"e6082a7b52db82604ac446d2e6a32cb5af263781","sha256":"20e11ce61890c08c0529911822233c9023ebc367df6c1050dec105e2b9628104","sha512":"2fa08436b5f748776d265944595a59581c6b06eb6eb239626de3338e0819b45852ead29d4997dc1f86dfbfb1b5d39dbd4dc9e44e6e38ba9f6006628710546ef9","ssdeep":"1536:zP10iSi65U/dXXeyhzeBuG+HYE0WEeLzFoNqLTW8+S5VRZIVI6xSb8Ch2ZbQnRmL:q+41VqLTW8xRrqSb8dGH77da98HrC","tlshash":"c793d8d9b7d67162977730b850bf510bb13a98eab80c4ca0f0a4d8e47d74a89507bf2d","first_seen":"2023-03-07T01:07:14Z","last_seen":"2026-04-04T05:01:15.775527Z","times_seen":3413,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"p2yn.com/5/7309015/?oo=1\u0026js_build=iclick-v1.1618.0\u0026userId=08028361f72b4f92ec2c9a7e627fbf14\u0026dmn=naupsithizeekee.com\u0026tt=2\u0026ix=0","fqdn":"p2yn.com","domain":"p2yn.com","tld":"com"},"ip":{"addr":"139.45.195.12","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.crichd.vip/web007","date":"2025-11-16T05:32:12.732Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"p2yn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Sep 2025 05:27:55 GMT","end":"Sun, 28 Dec 2025 05:27:54 GMT"},"fingerprint":{"sha1":"3A:5A:0E:B8:A9:06:87:BA:DC:58:BC:E1:AE:2A:E3:CB:58:5D:59:7D","sha256":"27:5C:19:3A:05:81:0F:0E:62:D4:C2:B2:7E:E1:93:86:B8:9F:2C:9D:90:0B:A5:AE:52:48:27:FE:CA:75:F4:5E"}}},"request":{"raw":"POST /5/7309015/?oo=1\u0026js_build=iclick-v1.1618.0\u0026userId=08028361f72b4f92ec2c9a7e627fbf14\u0026dmn=naupsithizeekee.com\u0026tt=2\u0026ix=0 HTTP/1.1\r\nHost: p2yn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 2579\r\nOrigin: https://m.crichd.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.crichd.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx\r\ndate: Sun, 16 Nov 2025 05:32:12 GMT\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: https://m.crichd.vip\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\npragma: no-cache, no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T06:46:00.057853Z","times_seen":13320224,"resource_available":true,"data":null}},"time_used":209,"timings":{"blocked":89,"dns":1,"connect":26,"send":0,"wait":30,"receive":0,"ssl":59},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"p2yn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"p2yn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"p2yn.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.playgamer.co/2a049d16-2c4c-4d49-8fdd-13d0e05aecf3?zoneid=9283842\u0026bannerid=24730329\u0026geo=NO\u0026random=1687996271\u0026SUBID=1013795229915426905\u0026campaignid=10065352\u0026lan={lan}\u0026adformat=interstitial\u0026category={category}\u0026ntk=19\u0026cost=0.002441","fqdn":"www.playgamer.co","domain":"playgamer.co","tld":"co"},"ip":{"addr":"3.167.2.50","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://st.chatango.com/h5/gz/r1102251136/id.html","date":"2025-11-16T05:32:17.018Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.playgamer.co","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 07 Jul 2025 00:00:00 GMT","end":"Wed, 05 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6F:A9:93:0B:50:35:15:A7:60:3D:C6:B9:EC:2E:82:C3:5E:74:2B:C1","sha256":"74:C6:2C:7A:1B:84:5D:6F:B0:06:CF:D1:47:70:8D:D3:EF:6A:5D:6D:7C:00:01:8B:EF:3C:ED:57:8B:CA:8D:14"}}},"request":{"raw":"GET /2a049d16-2c4c-4d49-8fdd-13d0e05aecf3?zoneid=9283842\u0026bannerid=24730329\u0026geo=NO\u0026random=1687996271\u0026SUBID=1013795229915426905\u0026campaignid=10065352\u0026lan={lan}\u0026adformat=interstitial\u0026category={category}\u0026ntk=19\u0026cost=0.002441 HTTP/1.1\r\nHost: www.playgamer.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-length: 0\r\nlocation: https://to.trakzon.com/6HKDB22/LDCNFCD/?source_id=VL_9ef13e90-e086-4315-bad2-a5f910ca5e1a\u0026sub1=2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026sub2=wjlp48ia5eg2ol6e3dgfo02l\u0026sub3=\r\ndate: Sun, 16 Nov 2025 05:32:17 GMT\r\nserver: nginx\r\ncache-control: no-store, no-cache, pre-check=0, post-check=0\r\npragma: no-cache\r\nexpires: Thu, 01 Jan 1970 00:00:00 GMT\r\nset-cookie: 2a049d16-2c4c-4d49-8fdd-13d0e05aecf3-v4=PCL0Vnlt1g140nht6yI_gR4u5w_6v3lXR3Fd69EvgBM; Max-Age=86400; Expires=Mon, 17 Nov 2025 05:32:17 GMT; Domain=www.playgamer.co; Path=/; Secure; HttpOnly; SameSite=None\ncc-v4=ciF8iY24wzzY%2FM6a2RS9Th%2BdozA9V3dN7BekiXyMpJ7LtSTXc0TpDGDc7TcnNdVEc54oCHJeoforE5F9GliDDswnRA2JKhiEUd7H15mVkEEPzhFzI1dcemTZyF2pyTebx7wFlOfgNpUC5Xza2JcJ4w%3D%3D; Max-Age=31536000; Expires=Mon, 16 Nov 2026 05:32:17 GMT; Domain=www.playgamer.co; Path=/; Secure; HttpOnly; SameSite=None\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 57d04bb9ff0f23ac1c33e083d49e973e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-amz-cf-id: W19rrVokD0MiNag_gv0mZ9xHwaEVwDmaNooj3ddU0GExtaBZDvIpwg==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":1856,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T06:46:00.057853Z","times_seen":13320224,"resource_available":true,"data":null}},"time_used":337,"timings":{"blocked":156,"dns":107,"connect":1,"send":0,"wait":25,"receive":0,"ssl":45},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"asset.popin.cc/js/pixel.js","fqdn":"asset.popin.cc","domain":"popin.cc","tld":"cc"},"ip":{"addr":"34.117.195.210","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:19.303Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.popin.cc","organization":"popIn Inc."},"issuer":{"commonName":"DigiCert Secure Site Pro G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 25 Sep 2025 00:00:00 GMT","end":"Mon, 26 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5B:66:38:53:B4:EB:8A:03:D2:53:C1:B8:40:BD:83:76:E3:03:91:6E","sha256":"98:FB:02:24:15:CB:C2:2D:9F:D5:47:A7:0B:8D:E9:89:7C:FA:F3:93:C9:E6:03:F7:12:F1:A9:C3:A0:B0:48:66"}}},"request":{"raw":"GET /js/pixel.js HTTP/1.1\r\nHost: asset.popin.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AOCedOGKnE_NGDkGvp_CNCvq9I_SnIOnBvgdgIbYJUTOF3DpiUWBiNYrcTSpNo85wkd4Dyxym33qAkKHvsH0Jg\r\nx-goog-generation: 1755072137556528\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 106519\r\ncontent-language: en\r\nx-goog-hash: crc32c=Xa/0yQ==, md5=tEnVFZHDt8NH+xrW8Tu1YA==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\nserver: UploadServer\r\nvia: 1.1 google\r\ncontent-encoding: br\r\ncontent-length: 33987\r\ndate: Sun, 16 Nov 2025 05:19:18 GMT\r\nage: 782\r\nlast-modified: Wed, 13 Aug 2025 08:02:17 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\ncache-control: public,max-age=3600\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]}],"data":{"size":106519,"size_decoded":0,"mime_type":"text/javascript","magic":"Unicode text, UTF-8 text, with very long lines (65532), with no line terminators","md5":"b449d51591c3b7c347fb1ad6f13bb560","sha1":"534c07e06ffaa6b9449621d7678c352f7acbd3a5","sha256":"d1a09ffb2200db959fff955a99895b70eb8fe299236b492a3f2e49415be66028","sha512":"9e0e1ac6b5c2e4f62b9e221a163ca1c47d9af61d0c9db513aeb9de90ed5e1399f38524fe0d8a2367177eb9ae9a1ad752e265db6c17ec84f52b4162286431a45c","ssdeep":"1536:rvE4AHciD3Vid+nmdOHurUFt870wpKKmbnzFLVGtLyHXAcEUB3cB2Cvg:aV30xdEwvmbnzFLAEHXdIjvg","tlshash":"1aa318c0af40f16893512033172f6036d80e4ec955e9999cfa2af948ffe8f8465f59b5","first_seen":"2025-08-15T21:32:22.881191Z","last_seen":"2026-03-07T20:52:20.917557Z","times_seen":85,"resource_available":true,"data":null}},"time_used":1668,"timings":{"blocked":805,"dns":3,"connect":26,"send":0,"wait":27,"receive":28,"ssl":775},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rumt-sg.com/collect/whitelist?id=dWmboSvoOJ09Wa7ZwW\u0026uin=\u0026version=1.37.4\u0026aid=6bfd39ea-7aa2-409a-9923-32f587048567\u0026env=production\u0026platform=3\u0026netType=100\u0026vp=0%20*%200\u0026sr=1280%20*%201024\u0026sessionId=session-1763271139022\u0026from=https%3A%2F%2Fwww.nikke-eu.com%2Fact%2Fwand%2Fpc-download%2Findex.html%3Fcampaign%3Dpwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU%26campaignid%3DEU%26ad_group%3D3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3%26spend%3D8.0%26clickid%3D23297e6b208c4f40b67b6623522aa70a%26action_type%3Dclick%26uanetwork%3Dpwngames\u0026referer=","fqdn":"rumt-sg.com","domain":"rumt-sg.com","tld":"com"},"ip":{"addr":"43.156.86.55","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:19.527Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rumt-sg.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Fri, 03 Jan 2025 00:00:00 GMT","end":"Tue, 03 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B3:A2:75:8F:A9:60:48:97:57:63:D7:37:E1:55:58:7E:91:C7:B2:AA","sha256":"99:16:99:A9:EF:66:CA:0E:C4:8A:94:C3:5B:1C:F4:58:C1:D9:54:FE:E8:60:E2:8A:C7:CD:9F:C9:0D:7E:98:23"}}},"request":{"raw":"GET /collect/whitelist?id=dWmboSvoOJ09Wa7ZwW\u0026uin=\u0026version=1.37.4\u0026aid=6bfd39ea-7aa2-409a-9923-32f587048567\u0026env=production\u0026platform=3\u0026netType=100\u0026vp=0%20*%200\u0026sr=1280%20*%201024\u0026sessionId=session-1763271139022\u0026from=https%3A%2F%2Fwww.nikke-eu.com%2Fact%2Fwand%2Fpc-download%2Findex.html%3Fcampaign%3Dpwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU%26campaignid%3DEU%26ad_group%3D3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3%26spend%3D8.0%26clickid%3D23297e6b208c4f40b67b6623522aa70a%26action_type%3Dclick%26uanetwork%3Dpwngames\u0026referer= HTTP/1.1\r\nHost: rumt-sg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.nikke-eu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 16 Nov 2025 05:32:20 GMT\r\ncontent-type: application/json\r\ncontent-length: 60\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":60,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"4dab5a820e6d1cc35d40a4612803bb82","sha1":"37819dabd23f008b76bba7f106f659b0872b1b91","sha256":"4ef03c85dfd440310cc86aae2164d5c020b68432b4a79e555a34686d85958d86","sha512":"b1cc575c30bf7f981e385b5be1eb8783ffe5059e956f344dcd0e15377a9bca03d4d3e86929a5246ee40818984162c1ab2ca11be1114ed3c3c59a32a1f1ad9dd8","ssdeep":"","tlshash":"f1a00291969c4bc50352162bc10649c9e318e8449d19310c4b794d69ba86494328cb10","first_seen":"2023-04-10T08:30:33Z","last_seen":"2026-03-08T00:32:38.793632Z","times_seen":699,"resource_available":false,"data":null}},"time_used":1775,"timings":{"blocked":799,"dns":2,"connect":257,"send":0,"wait":178,"receive":0,"ssl":517},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sg-nikke.playerinfinite.com/act/wand/f38f3922-107b-4e62-879a-a2225b9bae71.png","fqdn":"sg-nikke.playerinfinite.com","domain":"playerinfinite.com","tld":"com"},"ip":{"addr":"101.33.11.223","port":443,"asn":139341,"as":"ACE","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:20.392Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.playerinfinite.com","organization":"PROXIMA BETA PTE. LIMITED"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 16 Jun 2025 00:00:00 GMT","end":"Mon, 15 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:E7:1F:F5:AE:3C:B7:87:C6:B4:16:8A:44:C2:36:33:62:2C:8F:B3","sha256":"2A:E9:FF:31:20:68:39:73:71:6D:3D:92:50:E4:5A:6C:84:DB:96:95:1E:AC:F4:0E:CB:8C:93:CF:43:86:F5:FE"}}},"request":{"raw":"GET /act/wand/f38f3922-107b-4e62-879a-a2225b9bae71.png HTTP/1.1\r\nHost: sg-nikke.playerinfinite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 28 Feb 2024 03:05:13 GMT\r\nEtag: \"eba2ca35725d8a4a487e285ad48a9918\"\r\nContent-Type: image/png\r\nContent-Length: 523\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 11076472370297409328\r\nConnection: keep-alive\r\nServer: lego_ovs_video\r\nDate: Sun, 16 Nov 2025 05:32:21 GMT\r\nX-Cache-Lookup: Cache Hit\r\nCache-Control: max-age=604800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":523,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 210, 8-bit gray+alpha, non-interlaced","md5":"eba2ca35725d8a4a487e285ad48a9918","sha1":"c6727a90ed2c64095a5d8207363e5288b85fcc9e","sha256":"ab4a191230106ac2c70c9d1a2181337393a075deb98c48fad2ff50309543d67c","sha512":"6635412cda61a4c1fe03882ebb4f3e24edd65e6e0d9b3913d72ae63c1f6c8c42007f8f9efdee821874ecf594f2a0595f6036bce889d554770b2d6f8e0b4ed59a","ssdeep":"","tlshash":"9cf0f4821e5444f6c08e16d1fc2b234098f6a5f70505f86194b0ca8a94246fef78fb68","first_seen":"2023-10-28T22:17:33Z","last_seen":"2026-03-05T07:34:47.215688Z","times_seen":53,"resource_available":false,"data":null}},"time_used":2401,"timings":{"blocked":1188,"dns":1123,"connect":20,"send":0,"wait":24,"receive":0,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"to.trakzon.com/6HKDB22/LDCNFCD/?source_id=VL_9ef13e90-e086-4315-bad2-a5f910ca5e1a\u0026sub1=2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026sub2=wjlp48ia5eg2ol6e3dgfo02l\u0026sub3=","fqdn":"to.trakzon.com","domain":"trakzon.com","tld":"com"},"ip":{"addr":"172.67.221.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://st.chatango.com/h5/gz/r1102251136/id.html","date":"2025-11-16T05:32:17.206Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trakzon.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 06 Nov 2025 02:42:21 GMT","end":"Wed, 04 Feb 2026 03:38:55 GMT"},"fingerprint":{"sha1":"C0:E4:6C:91:C6:EE:72:68:52:68:7E:8A:34:FC:20:96:AA:DF:E9:C2","sha256":"C2:42:23:53:7A:F3:20:12:A3:20:9A:DB:82:8D:D8:97:96:1E:4D:A8:44:B7:57:C2:36:BE:B4:3E:3D:FC:16:BB"}}},"request":{"raw":"GET /6HKDB22/LDCNFCD/?source_id=VL_9ef13e90-e086-4315-bad2-a5f910ca5e1a\u0026sub1=2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026sub2=wjlp48ia5eg2ol6e3dgfo02l\u0026sub3= HTTP/1.1\r\nHost: to.trakzon.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 16 Nov 2025 05:32:17 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: no-store, max-age=0\r\nreferrer-policy: no-referrer\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mF%2BnnWUTeMBGh%2FCEGUtYlhoxfCrM3d9PNsfP%2BCGKY6BV70QjCqgliEhqAmyXfh9%2BvCrpUpGd%2BanY4UsUGsjxY3ocT5lTKWAmJRyt%2BA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 99f49b5fab36b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1856,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (335)","md5":"03d59a51f23340cff246f1d9743d9a77","sha1":"06a144c1fdee3f0f9357d9597bc2086a896329cd","sha256":"7aca986e166a0a75c9848eb42c96b67267c34e5db5a472fe9a0cf1ca08d5e1ad","sha512":"e924a98ddfed1793f8dd3166e8b17b584e51281853d356bec4553771e3082b968a437a6ff42a00f4d17222a54c7037ad87e5726ed4a1e64a55f48c9fb513c2e0","ssdeep":"","tlshash":"9c3122aa989a0023d5a12668261775b5b13347c72cd844daf04583ef1fbbb73815b3bf","first_seen":"2025-11-16T05:32:51.426185Z","last_seen":"2025-11-16T05:32:51.426185Z","times_seen":1,"resource_available":false,"data":null}},"time_used":200,"timings":{"blocked":24,"dns":3,"connect":1,"send":0,"wait":152,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rumt-sg.com/collect?id=dWmboSvoOJ09Wa7ZwW\u0026uin=\u0026version=1.37.4\u0026aid=6bfd39ea-7aa2-409a-9923-32f587048567\u0026env=production\u0026platform=3\u0026netType=100\u0026vp=0%20*%200\u0026sr=1280%20*%201024\u0026sessionId=session-1763271139022\u0026from=https%3A%2F%2Fwww.nikke-eu.com%2Fact%2Fwand%2Fpc-download%2Findex.html%3Fcampaign%3Dpwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU%26campaignid%3DEU%26ad_group%3D3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3%26spend%3D8.0%26clickid%3D23297e6b208c4f40b67b6623522aa70a%26action_type%3Dclick%26uanetwork%3Dpwngames%26lang_type%3Den\u0026referer=","fqdn":"rumt-sg.com","domain":"rumt-sg.com","tld":"com"},"ip":{"addr":"43.156.86.55","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:20.429Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rumt-sg.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Fri, 03 Jan 2025 00:00:00 GMT","end":"Tue, 03 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B3:A2:75:8F:A9:60:48:97:57:63:D7:37:E1:55:58:7E:91:C7:B2:AA","sha256":"99:16:99:A9:EF:66:CA:0E:C4:8A:94:C3:5B:1C:F4:58:C1:D9:54:FE:E8:60:E2:8A:C7:CD:9F:C9:0D:7E:98:23"}}},"request":{"raw":"OPTIONS /collect?id=dWmboSvoOJ09Wa7ZwW\u0026uin=\u0026version=1.37.4\u0026aid=6bfd39ea-7aa2-409a-9923-32f587048567\u0026env=production\u0026platform=3\u0026netType=100\u0026vp=0%20*%200\u0026sr=1280%20*%201024\u0026sessionId=session-1763271139022\u0026from=https%3A%2F%2Fwww.nikke-eu.com%2Fact%2Fwand%2Fpc-download%2Findex.html%3Fcampaign%3Dpwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU%26campaignid%3DEU%26ad_group%3D3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3%26spend%3D8.0%26clickid%3D23297e6b208c4f40b67b6623522aa70a%26action_type%3Dclick%26uanetwork%3Dpwngames%26lang_type%3Den\u0026referer= HTTP/1.1\r\nHost: rumt-sg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://www.nikke-eu.com/\r\nOrigin: https://www.nikke-eu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 16 Nov 2025 05:32:20 GMT\r\ncontent-length: 0\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: GET, HEAD, PUT, POST, DELETE, PATCH\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T06:46:00.057853Z","times_seen":13320224,"resource_available":true,"data":null}},"time_used":178,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bat.bing.net/action/0?ti=187030255\u0026Ver=2\u0026mid=c38b50e3-4550-47fb-9f78-3598ab3ffd45\u0026bo=2\u0026pi=918639831\u0026lg=en-US\u0026sw=1280\u0026sh=1024\u0026sc=24\u0026tl=Immersive%20SF%20RPG%20Shooter%20with%20adorable%20Nikkes\u0026kw=nikke,GODDESS%20OF%20VICTORY%3A%20NIKKE,nikki,love%20nikki,shining%20nikki,vlad%20and%20nikki%20games,shiftup,nikki%20dress%20up,NIKKE%20PC,NIKKE%20PC%20Download,NIKKE%20PC%20Version,N%20I%20K%20K%20E,nikki%20dress%20up,GODDESSOFVICTORYNIKKE,%E8%83%9C%E5%88%A9%E5%A5%B3%E7%A5%9E,%E5%8B%9D%E5%88%A9%E3%81%AE%E5%A5%B3%E7%A5%9Enikke,%E5%8B%9D%E5%88%A9%E3%81%AE%E5%A5%B3%E7%A5%9E%3ANIKKE,%E3%83%8B%E3%82%B1%20%E6%9C%80%E5%BC%B7,%E3%83%A1%E3%82%AC%E3%83%8B%E3%82%B1,%E5%8B%9D%E5%88%A9%E3%81%AE%E5%A5%B3%E7%A5%9E,nikke%20pc%20%E3%83%AA%E3%82%BB%E3%83%9E%E3%83%A9,nikke%20pc%20%E9%80%A3%E6%90%BA,%E3%83%8B%E3%82%B1,%E3%81%AB%E3%81%A3%E3%81%91,%E3%83%8B%E3%83%83%E3%82%B1,%E3%81%AB%E3%81%91%20pc\u0026p=https%3A%2F%2Fwww.nikke-eu.com%2Fact%2Fwand%2Fpc-download%2Findex.html%3Fcampaign%3Dpwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU%26campaignid%3DEU%26ad_group%3D3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3%26spend%3D8.0%26clickid%3D23297e6b208c4f40b67b6623522aa70a%26action_type%3Dclick%26uanetwork%3Dpwngames%26lang_type%3Den\u0026r=\u0026lt=1261\u0026evt=pageLoad\u0026ifm=1\u0026sv=2\u0026asc=D\u0026cdb=AQEZ\u0026rn=194366","fqdn":"bat.bing.net","domain":"bing.net","tld":"net"},"ip":{"addr":"150.171.28.10","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:22.258Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bat.bing.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 08","organization":"Microsoft Corporation"},"validity":{"start":"Tue, 21 Oct 2025 02:00:33 GMT","end":"Sun, 19 Apr 2026 02:00:33 GMT"},"fingerprint":{"sha1":"62:7A:BC:C4:E3:80:17:91:83:49:E3:83:45:24:DB:AE:BF:0B:EB:1F","sha256":"49:47:A8:23:DF:CE:A3:73:C0:ED:8D:5E:33:E9:AB:A1:79:C3:B9:92:74:C0:63:B4:37:11:CF:FB:2E:39:9D:CF"}}},"request":{"raw":"GET /action/0?ti=187030255\u0026Ver=2\u0026mid=c38b50e3-4550-47fb-9f78-3598ab3ffd45\u0026bo=2\u0026pi=918639831\u0026lg=en-US\u0026sw=1280\u0026sh=1024\u0026sc=24\u0026tl=Immersive%20SF%20RPG%20Shooter%20with%20adorable%20Nikkes\u0026kw=nikke,GODDESS%20OF%20VICTORY%3A%20NIKKE,nikki,love%20nikki,shining%20nikki,vlad%20and%20nikki%20games,shiftup,nikki%20dress%20up,NIKKE%20PC,NIKKE%20PC%20Download,NIKKE%20PC%20Version,N%20I%20K%20K%20E,nikki%20dress%20up,GODDESSOFVICTORYNIKKE,%E8%83%9C%E5%88%A9%E5%A5%B3%E7%A5%9E,%E5%8B%9D%E5%88%A9%E3%81%AE%E5%A5%B3%E7%A5%9Enikke,%E5%8B%9D%E5%88%A9%E3%81%AE%E5%A5%B3%E7%A5%9E%3ANIKKE,%E3%83%8B%E3%82%B1%20%E6%9C%80%E5%BC%B7,%E3%83%A1%E3%82%AC%E3%83%8B%E3%82%B1,%E5%8B%9D%E5%88%A9%E3%81%AE%E5%A5%B3%E7%A5%9E,nikke%20pc%20%E3%83%AA%E3%82%BB%E3%83%9E%E3%83%A9,nikke%20pc%20%E9%80%A3%E6%90%BA,%E3%83%8B%E3%82%B1,%E3%81%AB%E3%81%A3%E3%81%91,%E3%83%8B%E3%83%83%E3%82%B1,%E3%81%AB%E3%81%91%20pc\u0026p=https%3A%2F%2Fwww.nikke-eu.com%2Fact%2Fwand%2Fpc-download%2Findex.html%3Fcampaign%3Dpwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU%26campaignid%3DEU%26ad_group%3D3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3%26spend%3D8.0%26clickid%3D23297e6b208c4f40b67b6623522aa70a%26action_type%3Dclick%26uanetwork%3Dpwngames%26lang_type%3Den\u0026r=\u0026lt=1261\u0026evt=pageLoad\u0026ifm=1\u0026sv=2\u0026asc=D\u0026cdb=AQEZ\u0026rn=194366 HTTP/1.1\r\nHost: bat.bing.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\ncache-control: no-cache, must-revalidate\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\naccess-control-allow-origin: *\r\nx-cache: CONFIG_NOCACHE\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\nx-msedge-ref: Ref A: 73F2BCD96F03422A960644AA1B4527F9 Ref B: OSL231050215060 Ref C: 2025-11-16T05:32:22Z\r\ndate: Sun, 16 Nov 2025 05:32:22 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T06:46:00.057853Z","times_seen":13320224,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"track.iegcom.com/v2/websdk/report","fqdn":"track.iegcom.com","domain":"iegcom.com","tld":"com"},"ip":{"addr":"34.49.88.155","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:23.001Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"track.iegcom.com","organization":""},"issuer":{"commonName":"DNSPod DV TLS RSA CA 2025","organization":"DNSPod, Inc."},"validity":{"start":"Tue, 28 Oct 2025 00:00:00 GMT","end":"Tue, 27 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:2A:71:4B:75:E9:66:F5:FD:05:E7:53:B7:1A:20:FF:DD:F4:A0:56","sha256":"81:74:2D:04:92:3C:B4:23:12:7C:91:86:68:90:62:25:5B:DB:75:03:F6:41:BF:00:BF:57:60:9C:93:DB:6E:E6"}}},"request":{"raw":"POST /v2/websdk/report HTTP/1.1\r\nHost: track.iegcom.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 1411\r\nOrigin: https://www.nikke-eu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 201 Created\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\ncontent-type: application/json; charset=utf-8\r\netag: W/\"19-pSuUqvA1T8UMUbHJkpqfXlk/bjI\"\r\nx-cloud-trace-context: 4d886742d730d4db9f54a2982959ad05\r\ndate: Sun, 16 Nov 2025 05:32:23 GMT\r\nserver: Google Frontend\r\ncontent-length: 25\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"201","status_text":"Created","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]}],"data":{"size":25,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"66f41088bf6267ad8ea40e3533e2f275","sha1":"a52b94aaf0354fc50c51b1c9929a9f5e593f6e32","sha256":"cf29e1b2087058ccb7d034620fc45bb35671afa6509fbd6459f315ddf6b82343","sha512":"bf3b0c147804c73fdb49592ed285c3b650ee3d0581e2893524182322f56608845765dd44928b84b051b7fddf5d243388c9f1f82508e6f2f8fad3213ad5eca933","ssdeep":"","tlshash":"6d7000330008088322003c0c00030b0a208008a0aa000ba0c02c080c8a0c088a382000","first_seen":"2023-05-06T09:48:28Z","last_seen":"2026-04-01T23:27:14.185594Z","times_seen":132,"resource_available":false,"data":null}},"time_used":66,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":65,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"boopoaglauph.net/impression/bdqr6MPkXJbwyS4yzbWiTuurcvnNu5gkh-R_vGLiYuFLVpHArVzQk4CU8CLK8ZQ19L9-TCbslHDZM-Vg13NaxDk6UKHQN0FW19lN-6y-uMRndj9cHo6XA0zgWvz-WwFy0nTmGeqin71l-PO3clU9BpBVnBQYBBGB1LsoobfzMHIEk3p4ipT2TO_yvfWRr7Wy34EZDzE3wcY_EboIroHkfEtySgb5KILeGeqRPDhnkAKUmRw-d2J1nzYGfw7xhsknxuHe1Kp94HsvQCmYsLyRYrR2TgdL1d77Yn4gbgG1Im0RvlKtqx08tOzB9WwP7ronD4Lp78dQvizAzZbLAEIHBlPSZ3uOn26DU9JzsTLNrCp20_5NK_jkAxXg9wKTEo_CKHPEDYor6xK7yx1vT-FMPsJbTmrXI-Y_uwYPXzoCZJaLU41Q0QRP2_16_hVA25jc1ce_LVnNulumaD0fFKhjFKVNGqizJfvgtbn7PavQFVYCyaEHPHjIuysJBeSNh8iFsdSwzabiABjIEd3XWkA7WcqypeoDu7Q_shD6hLOEbVRb7CwsW7t6UluXojnrH2hNs9x--qkPPdWAf6_K7zq3AzpKk4hHu3jT06ZEmytCOc8YmBro31KfOZa-rlpNSShvV7mgul8tIa3Olzktonk99NtNsgjWSwoFcut2sjyjUpaNWSmRJ9tfZBl8bW_JZ6V2or30HY_wv2Kkl9tbTcXWDtUIpyZrl8Adw-zjUUOGF0Xou-5EHF91NgCFtpKCJuFlTWeRuooCtB-wDsBnBbfvgEyJBC4S5qsGnu4M1RFS4_g=?_z=9283842\u0026sw_version=v1.758.0-s\u0026dmn=gizokraijaw.net\u0026fs=0\u0026cf=0\u0026sw=1280\u0026sh=1024\u0026sah=1024\u0026wx=0\u0026wy=0\u0026ww=1280\u0026wh=1024\u0026cw=271\u0026wiw=271\u0026wih=500\u0026wfc=3\u0026pl=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr1102251136%2Fid.html\u0026drf=https%3A%2F%2Fm.crichd.vip%2F\u0026np=1\u0026pt=0\u0026nb=1\u0026ng=0\u0026ix=1\u0026nw=1\u0026tb=false\u0026navlng=en-US\u0026bto=0\u0026btz=UTC\u0026jsp=1","fqdn":"boopoaglauph.net","domain":"boopoaglauph.net","tld":"net"},"ip":{"addr":"139.45.197.245","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://st.chatango.com/h5/gz/r1102251136/id.html","date":"2025-11-16T05:32:23.005Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"boopoaglauph.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 05:15:43 GMT","end":"Tue, 06 Jan 2026 05:15:42 GMT"},"fingerprint":{"sha1":"24:89:62:DF:C4:F0:79:46:2C:3A:8F:46:18:AB:42:BA:0F:D1:CE:EF","sha256":"63:66:51:4C:3B:6E:AF:90:62:78:E9:83:18:5A:5B:7D:F8:DB:EA:64:A3:DA:8E:0D:D2:46:89:27:83:4A:0A:3F"}}},"request":{"raw":"GET /impression/bdqr6MPkXJbwyS4yzbWiTuurcvnNu5gkh-R_vGLiYuFLVpHArVzQk4CU8CLK8ZQ19L9-TCbslHDZM-Vg13NaxDk6UKHQN0FW19lN-6y-uMRndj9cHo6XA0zgWvz-WwFy0nTmGeqin71l-PO3clU9BpBVnBQYBBGB1LsoobfzMHIEk3p4ipT2TO_yvfWRr7Wy34EZDzE3wcY_EboIroHkfEtySgb5KILeGeqRPDhnkAKUmRw-d2J1nzYGfw7xhsknxuHe1Kp94HsvQCmYsLyRYrR2TgdL1d77Yn4gbgG1Im0RvlKtqx08tOzB9WwP7ronD4Lp78dQvizAzZbLAEIHBlPSZ3uOn26DU9JzsTLNrCp20_5NK_jkAxXg9wKTEo_CKHPEDYor6xK7yx1vT-FMPsJbTmrXI-Y_uwYPXzoCZJaLU41Q0QRP2_16_hVA25jc1ce_LVnNulumaD0fFKhjFKVNGqizJfvgtbn7PavQFVYCyaEHPHjIuysJBeSNh8iFsdSwzabiABjIEd3XWkA7WcqypeoDu7Q_shD6hLOEbVRb7CwsW7t6UluXojnrH2hNs9x--qkPPdWAf6_K7zq3AzpKk4hHu3jT06ZEmytCOc8YmBro31KfOZa-rlpNSShvV7mgul8tIa3Olzktonk99NtNsgjWSwoFcut2sjyjUpaNWSmRJ9tfZBl8bW_JZ6V2or30HY_wv2Kkl9tbTcXWDtUIpyZrl8Adw-zjUUOGF0Xou-5EHF91NgCFtpKCJuFlTWeRuooCtB-wDsBnBbfvgEyJBC4S5qsGnu4M1RFS4_g=?_z=9283842\u0026sw_version=v1.758.0-s\u0026dmn=gizokraijaw.net\u0026fs=0\u0026cf=0\u0026sw=1280\u0026sh=1024\u0026sah=1024\u0026wx=0\u0026wy=0\u0026ww=1280\u0026wh=1024\u0026cw=271\u0026wiw=271\u0026wih=500\u0026wfc=3\u0026pl=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr1102251136%2Fid.html\u0026drf=https%3A%2F%2Fm.crichd.vip%2F\u0026np=1\u0026pt=0\u0026nb=1\u0026ng=0\u0026ix=1\u0026nw=1\u0026tb=false\u0026navlng=en-US\u0026bto=0\u0026btz=UTC\u0026jsp=1 HTTP/1.1\r\nHost: boopoaglauph.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://st.chatango.com/\r\nCookie: OAID=08028361f72b4f92ec2c9a7e627fbf14\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 16 Nov 2025 05:32:23 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\nx-trace-id: 93a2bc31fc721db3981930a817c7f21d\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\ncache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0\r\npragma: no-cache\r\nvary: Origin\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Link\r\naccess-control-allow-credentials: true\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *, *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"b4491705564909da7f9eaf749dbbfbb1","sha1":"279315d507855c6a4351e1e2c2f39dd9cd2fccd8","sha256":"4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49","sha512":"b8d82d64ec656c63570b82215564929adad167e61643fd72283b94f3e448ef8ab0ad42202f3537a0da89960bbdc69498608fc6ec89502c6c338b6226c8bf5e14","ssdeep":"","tlshash":"c5900403d140d041c351c0300d0cc740174471304514030f70fc175dfc353510c13000","first_seen":"2023-04-05T09:54:56Z","last_seen":"2026-04-04T06:36:29.343204Z","times_seen":96356,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"boopoaglauph.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"boopoaglauph.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"boopoaglauph.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"boopoaglauph.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"boopoaglauph.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sg-nikke.playerinfinite.com/act/wand/f8f4a023-7a05-4df3-9def-ae84e394eb67.png","fqdn":"sg-nikke.playerinfinite.com","domain":"playerinfinite.com","tld":"com"},"ip":{"addr":"101.33.11.223","port":443,"asn":139341,"as":"ACE","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:23.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.playerinfinite.com","organization":"PROXIMA BETA PTE. LIMITED"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 16 Jun 2025 00:00:00 GMT","end":"Mon, 15 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:E7:1F:F5:AE:3C:B7:87:C6:B4:16:8A:44:C2:36:33:62:2C:8F:B3","sha256":"2A:E9:FF:31:20:68:39:73:71:6D:3D:92:50:E4:5A:6C:84:DB:96:95:1E:AC:F4:0E:CB:8C:93:CF:43:86:F5:FE"}}},"request":{"raw":"GET /act/wand/f8f4a023-7a05-4df3-9def-ae84e394eb67.png HTTP/1.1\r\nHost: sg-nikke.playerinfinite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 31 Oct 2025 01:45:31 GMT\r\nEtag: \"730762fe881cee97213476b08e87d3d8\"\r\nContent-Type: image/png\r\nContent-Length: 358276\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 13310929901754164233\r\nConnection: keep-alive\r\nServer: lego_ovs_video\r\nDate: Sun, 16 Nov 2025 05:32:23 GMT\r\nX-Cache-Lookup: Cache Hit\r\nCache-Control: max-age=604800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":358276,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 428, 8-bit/color RGBA, non-interlaced","md5":"730762fe881cee97213476b08e87d3d8","sha1":"8b2c8cf20a01e40a0b27e52b38694c0c2f94d1d0","sha256":"47fb7261ac1f456b3e233ea42dc11dcb2b54cd97eb8c183a0b7988ac4d24116b","sha512":"4a5894537a8ab06c5fd5905ef8424fb4554409f84b26f4c5cb27fc2bd314b173317aa2f3491fae7e76e2aec0c4a24883d7c11bc0d6a83f1c3e20c1e220e17a2a","ssdeep":"6144:5a0Ss+n1KnYYjzAO/R9/yd6swgGsSsuRZ/4AjnYFHlwtrwTqwHdipV37tjUA:osokntEOOdDhesEZ/4A+HlCrIinxjV","tlshash":"0b74230c1d73dab67d3e81fdd9138c89b252a4a28161a7db3b7664f75e4707cec22908","first_seen":"2025-11-06T11:00:44.102941Z","last_seen":"2026-03-05T07:34:47.185647Z","times_seen":19,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":64,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"st.chatango.com/js/gz/emb.js","fqdn":"st.chatango.com","domain":"chatango.com","tld":"com"},"ip":{"addr":"208.93.230.18","port":443,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.crichd.vip/web007","date":"2025-11-16T05:32:11.623Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.chatango.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 15 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:69:E1:D0:F3:D1:74:D0:DA:D5:22:F8:D3:1E:06:08:AD:10:C4:11","sha256":"09:28:F7:57:15:FC:10:13:9B:36:F1:1C:C5:1D:EE:8C:45:0E:F5:7B:37:E3:7C:84:D3:8B:89:EE:9E:19:0E:20"}}},"request":{"raw":"GET /js/gz/emb.js HTTP/1.1\r\nHost: st.chatango.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.crichd.vip/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 16 Nov 2025 05:32:12 GMT\r\nContent-Type: application/x-javascript\r\nContent-Length: 23804\r\nLast-Modified: Sun, 02 Nov 2025 19:40:21 GMT\r\nConnection: keep-alive\r\nETag: \"6907b3a5-5cfc\"\r\nExpires: Sun, 16 Nov 2025 05:32:12 GMT\r\nCache-Control: max-age=0\r\nContent-Encoding: gzip\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":69564,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (1651)","md5":"fee9addea87711fceee5973909215344","sha1":"348c54a5fbc12cb06b370a73389584bcb325001c","sha256":"f1f57a758068cc7cd50b8bdd62af8f556ca5068946486a6668229b16aafb2e4a","sha512":"247d10156851563a1031c3d9bbc85e2d1c838219abc68c86505bebbc122af3b6360ba92d62b658f20e77f659dbc265058a42777de320f05dbe869c1addd30743","ssdeep":"1536:HZ/fvf0QYlkQd39ZQ2xcGpXyYfkHoQ0MMgB6GLwl9Vevk:9f0QYJRkHoQP6IK9Vevk","tlshash":"896309c9734274a68262e0f6402f054b7236b469f54889bcb19cdce52c789a9237ff7c","first_seen":"2025-11-03T23:42:14.906052Z","last_seen":"2025-12-12T20:57:07.419474Z","times_seen":94,"resource_available":true,"data":null}},"time_used":1299,"timings":{"blocked":444,"dns":13,"connect":165,"send":0,"wait":331,"receive":1,"ssl":342},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/gid.js","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"172.64.146.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://st.chatango.com/h5/gz/r1102251136/id.html","date":"2025-11-16T05:32:15.094Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"my.rtmark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 26 Oct 2025 15:37:01 GMT","end":"Sat, 24 Jan 2026 16:36:49 GMT"},"fingerprint":{"sha1":"84:49:FF:DC:BD:D8:BA:3D:2F:25:0B:EF:CA:E4:6D:73:79:8C:F9:7D","sha256":"AF:21:94:4D:14:07:CF:FC:E5:3C:3C:F4:AC:47:9E:83:98:6A:62:87:FB:8C:27:43:25:FB:97:CC:47:15:99:4A"}}},"request":{"raw":"GET /gid.js HTTP/1.1\r\nHost: my.rtmark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://st.chatango.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://st.chatango.com/\r\nCookie: ID=08028361f72b4f92ec2c9a7e627fbf14\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 16 Nov 2025 05:32:15 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: https://st.chatango.com\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token\r\naccess-control-expose-headers: Authorization\r\naccess-control-allow-credentials: true\r\nset-cookie: ID=08028361f72b4f92ec2c9a7e627fbf14; expires=Mon, 16 Nov 2026 05:32:15 GMT; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 99f49b524bdd56ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":65,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"6f036e6037429fd65da04f4ccf7e328c","sha1":"10c40c1e1ea90b0f5218f1ed95a0d90badb5df14","sha256":"ad58ee55597173a2d77e3e5b3fe16c2516c642eec165b7b3783e6bd81d5d5954","sha512":"6e2591d842ece5bb99c9aebc55ef2156b7b20dd35878b388e0632a83c9572d08f3c3c8745cde3d7d53978d09a56312ef040191f9593f5f2fc14cb6b9d9561351","ssdeep":"","tlshash":"72a022ccc82822e200000e380c8bcf8288808080208202c802c0802a0883c0c828030c","first_seen":"2025-11-16T05:32:51.417222Z","last_seen":"2025-11-16T05:32:51.417222Z","times_seen":1,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn-apac.onetrust.com/scripttemplates/otSDKStub.js","fqdn":"cdn-apac.onetrust.com","domain":"onetrust.com","tld":"com"},"ip":{"addr":"104.18.32.137","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:18.295Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"onetrust.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 01:43:25 GMT","end":"Wed, 11 Feb 2026 02:43:23 GMT"},"fingerprint":{"sha1":"EB:6B:52:98:E5:B0:CA:A9:F4:63:C7:8E:59:8E:6D:FC:AA:B9:90:B7","sha256":"05:40:C5:36:2E:62:5C:4A:3F:E1:1A:F7:DA:C5:5B:0F:02:8B:BE:79:C2:92:21:8C:52:78:FB:BE:03:EA:D1:AD"}}},"request":{"raw":"GET /scripttemplates/otSDKStub.js HTTP/1.1\r\nHost: cdn-apac.onetrust.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 16 Nov 2025 05:32:18 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 8536\r\ncf-ray: 99f49b667ffb35a6-OSL\r\ncontent-encoding: gzip\r\ncontent-md5: FE/QoMGX2Qbxo12XXBteqQ==\r\nlast-modified: Wed, 12 Nov 2025 08:04:32 GMT\r\netag: 0x8DE21C21D20459F\r\nx-ms-request-id: 6957e5b8-201e-0033-3723-54c6a1000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,ETag,Last-Modified,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\ncf-cache-status: HIT\r\nage: 2276\r\nexpires: Mon, 17 Nov 2025 05:32:18 GMT\r\ncache-control: public, max-age=86400\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":25886,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (25885)","md5":"84f6e6caf8438cccfc8a6fed617978a9","sha1":"97ec3239425f1200928256874345cb675f0d1bd7","sha256":"dc5e1bbd4d466bb38aa8a748de5ca00dc549930b9fafa6c9b4e7a225228c42cb","sha512":"b138ce6d8109d34eff9d11ad219771b31c560273f8614d47656aeea82fe40bd3737107b3bfd000d5be8dd2d829c15e72e7a8abbb6c6c156fda1ac76801c2d67f","ssdeep":"384:8Tg8XNbpLx6jhA5SNYbGr1Uci0FPvfC5mC1X2czKpQinGHKJxEV88y:agKFLxUhA5SNGsUci0tDCZVgyy","tlshash":"05c2f8ddb140fe3446d3a19c5a3be25a723b746d34869064b8a4ece0247cc4f6533bb6","first_seen":"2025-10-28T13:11:42.392384Z","last_seen":"2026-04-02T09:36:26.885655Z","times_seen":12467,"resource_available":true,"data":null}},"time_used":75,"timings":{"blocked":25,"dns":3,"connect":3,"send":0,"wait":18,"receive":1,"ssl":22},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn-apac.onetrust.com/scripttemplates/202409.2.0/assets/v2/otPcPanel.json","fqdn":"cdn-apac.onetrust.com","domain":"onetrust.com","tld":"com"},"ip":{"addr":"104.18.32.137","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:19.062Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"onetrust.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 01:43:25 GMT","end":"Wed, 11 Feb 2026 02:43:23 GMT"},"fingerprint":{"sha1":"EB:6B:52:98:E5:B0:CA:A9:F4:63:C7:8E:59:8E:6D:FC:AA:B9:90:B7","sha256":"05:40:C5:36:2E:62:5C:4A:3F:E1:1A:F7:DA:C5:5B:0F:02:8B:BE:79:C2:92:21:8C:52:78:FB:BE:03:EA:D1:AD"}}},"request":{"raw":"GET /scripttemplates/202409.2.0/assets/v2/otPcPanel.json HTTP/1.1\r\nHost: cdn-apac.onetrust.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.nikke-eu.com/\r\nOrigin: https://www.nikke-eu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 16 Nov 2025 05:32:19 GMT\r\ncontent-type: application/json\r\ncontent-length: 12880\r\ncf-ray: 99f49b6b1c8d35a6-OSL\r\ncontent-encoding: gzip\r\ncontent-md5: Y8Bbi+DH/WIotZR0SQUGpA==\r\nlast-modified: Thu, 28 Nov 2024 09:48:50 GMT\r\netag: 0x8DD0F91DCB4BF02\r\nx-ms-request-id: 8bc16695-301e-004d-1194-4956e6000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,ETag,Last-Modified,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\ncf-cache-status: HIT\r\nage: 37579\r\nexpires: Mon, 17 Nov 2025 05:32:19 GMT\r\ncache-control: public, max-age=86400\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":65866,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"a5b6babd0bf1bf71f2417f629bed5548","sha1":"afb2012e5edc5410db215c5f1af1c37e94033672","sha256":"61721c8ccac413f9c55dede65a99c739ff8bf68c423fdbb918bd80d9bc4c9fa3","sha512":"e4c5a4085f92b8c727e7a5b84443e29d103e9cc17bf6691e078f306323fde991d69b11b5895896ebb97e97295d07f8d0a979b01c4d8a323887dd78766713779b","ssdeep":"384:snusEe3aRKXiSkrmLKFL/Rvqt7svi41wlQ8p1gwXt8jkZggCxrHl2Orv5ZKibTec:sute3JXiFrmz7sEp1RaKyHlNA9Z4F","tlshash":"5653e89b7aa0130afed3cb19eb926de87124c81fbc335deef1424678868d3e18d55509","first_seen":"2024-10-22T07:24:08.375723Z","last_seen":"2026-04-02T21:53:31.191848Z","times_seen":455,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bat.bing.com/bat.js","fqdn":"bat.bing.com","domain":"bing.com","tld":"com"},"ip":{"addr":"150.171.27.10","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:21.191Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.bing.com","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 04","organization":"Microsoft Corporation"},"validity":{"start":"Tue, 09 Sep 2025 10:31:56 GMT","end":"Sun, 08 Mar 2026 10:31:56 GMT"},"fingerprint":{"sha1":"50:8E:E5:0E:CF:A8:D3:35:02:44:1B:62:B8:0C:E5:6C:F2:92:A0:4A","sha256":"AE:24:3D:66:8E:C9:C7:F7:4A:0D:CD:1A:D2:1C:66:76:B4:EF:E3:0C:39:72:89:34:B3:62:09:3A:F8:86:BF:77"}}},"request":{"raw":"GET /bat.js HTTP/1.1\r\nHost: bat.bing.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: private,max-age=1800\r\ncontent-length: 15076\r\ncontent-type: application/javascript\r\ncontent-encoding: gzip\r\nlast-modified: Mon, 10 Nov 2025 06:22:15 GMT\r\naccept-ranges: bytes\r\netag: \"8045595ba52dc1:0\"\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-cache: CONFIG_NOCACHE\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\nx-msedge-ref: Ref A: 188438E9B2C24E9081BFB55672B6E505 Ref B: OSL231050213034 Ref C: 2025-11-16T05:32:21Z\r\ndate: Sun, 16 Nov 2025 05:32:20 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":53955,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (53952), with CRLF line terminators","md5":"859fe5e4db9e938c0a967b43c678b80d","sha1":"d22c30b0c9a1dcabfed056470e309baad68804e7","sha256":"59d26c74a8a4d20005cb0a2ea23f9db944af214390b409e69734ada61cfbef79","sha512":"035dc73f195d7750556c1448e726d2f2f880ee97142c8869f825423b589b3a59ec9f4f051ddc4e8d617553be131bf82d8a41fe46bd78571714b99ce834cb5468","ssdeep":"768:YcMOThic7/DNIh+Qm3mT1OoLQBDjf6yPGV/Oj7hu23:TMOTkc7h/3ULMjf6yPGhur","tlshash":"b3330a4333509a7645f9419c786a2903a336570e30be70ac7a8cf8e6945de4b7237b7a","first_seen":"2025-11-10T21:29:14.74734Z","last_seen":"2026-03-29T03:29:44.520952Z","times_seen":13625,"resource_available":true,"data":null}},"time_used":83,"timings":{"blocked":24,"dns":3,"connect":7,"send":0,"wait":30,"receive":1,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/assets/bootstrap/css/bootstrap.min.css","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.crichd.vip/web007","date":"2025-11-16T05:32:11.534Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crichd.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:56:14 GMT","end":"Thu, 05 Feb 2026 05:53:57 GMT"},"fingerprint":{"sha1":"40:25:3E:9A:40:8E:95:C7:E1:D7:E0:E5:03:BD:16:64:DB:44:2E:46","sha256":"35:43:E1:EF:96:B6:B2:9D:09:40:04:F9:0B:26:FE:53:B4:89:D6:E1:4D:6E:4F:3C:5E:59:6B:8F:07:CA:23:1D"}}},"request":{"raw":"GET /assets/bootstrap/css/bootstrap.min.css HTTP/1.1\r\nHost: m.crichd.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.crichd.vip/web007\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 05:32:11 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 13 Feb 2017 20:35:18 GMT\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nQGuUHKqhmvxn3zhl7zfMfKKkNHXrvWwDTUPfGtkhWJQZvfOqcsPgcleau7hcI2KmlhG6rOHmmb35jUwPv0Nfve2NQSE147feAY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: \"58a21886-1ca3d\"\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 1969\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: 99f49b3be8c256c7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":117309,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65367), with CRLF line terminators","md5":"bb884d3b6b6b09481c5dc25fb4fac7e5","sha1":"12028adaae10f0c43445362df5481aeec8bb1153","sha256":"e7a19173e444dc0f49ae56520f7bf6ae876e5dc3bb1230022e00dd184697c9d6","sha512":"5116c04887ad075eced73b5679b81137cc494de1c93fbafcf31396369b8eaa42df70183d75d60d5527d20461ad5042413c3c82e491c7af1d57e4433fd8dc6cb7","ssdeep":"768:fyzGxw/jyBQWlJxtQDINHHlgmqITm8qAdwFKbv2ctBDI35UPyu8psYvS1Ft:Lw/GLiINHHlgmC8p5b5ZPUpE","tlshash":"a2b3d8a0f11031ea7333c55a72d0ed872219a153e66b4eb7f22f25d84f856ca1673f1a","first_seen":"2023-04-12T02:22:14Z","last_seen":"2026-04-04T04:02:16.237261Z","times_seen":484,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/assets/uploads/channels/49.png","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.crichd.vip/web007","date":"2025-11-16T05:32:11.612Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crichd.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:56:14 GMT","end":"Thu, 05 Feb 2026 05:53:57 GMT"},"fingerprint":{"sha1":"40:25:3E:9A:40:8E:95:C7:E1:D7:E0:E5:03:BD:16:64:DB:44:2E:46","sha256":"35:43:E1:EF:96:B6:B2:9D:09:40:04:F9:0B:26:FE:53:B4:89:D6:E1:4D:6E:4F:3C:5E:59:6B:8F:07:CA:23:1D"}}},"request":{"raw":"GET /assets/uploads/channels/49.png HTTP/1.1\r\nHost: m.crichd.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.crichd.vip/web007\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 05:32:11 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 02 Sep 2022 22:31:37 GMT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yGvT2o2N82smqh0TtlSmp1q%2BJe%2F1mrho%2FkTtCaXJEN3HplqJTKcWU7Yie1QMIvMM%2FPYMcOvR5ZIR4EcTYUNxCW%2F1kzDnd21whWc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: \"63128449-1a982\"\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 1961\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: 99f49b3c18db56c7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":108930,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 771 x 229, 8-bit/color RGBA, non-interlaced","md5":"64bbd556041dec0895772158f1976cac","sha1":"fcd3254807b33494fd1b60643d6ee5e862f59c74","sha256":"61d2cceb79d16fd7e2be1520665e45b1dafe023c3bb88f211420941a9e9fa49a","sha512":"08f5ed5122a6da3feba454b8e00dc398227dd5ba08951b486bbd878a708f994ffa04eff2ba49e5070cff101141b547157bc01465693c30c98d9a862ac908dfe7","ssdeep":"3072:7cX2ZF/u/SYLDJ657iDVYwdkTIRSlMjH0zui15YMl0ucQ2V:Nm/SYLswhh0lMDgYC0ucQ2V","tlshash":"02b312c31770cec0674c45ed22a13337b8e02fd026f55945766ee468aeb49dc29ec27a","first_seen":"2023-05-26T18:24:13Z","last_seen":"2026-02-08T14:16:08.311011Z","times_seen":27,"resource_available":false,"data":null}},"time_used":53,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":42,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.nikke-eu.com/act/wand/pc-download/video_8.16.1.min.js","fqdn":"www.nikke-eu.com","domain":"nikke-eu.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:18.310Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"nikke-eu.com","organization":"PROXIMA BETA PTE. LIMITED"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 17 Feb 2025 00:00:00 GMT","end":"Wed, 18 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4E:FB:88:CA:40:A1:31:87:4F:97:97:6A:22:B0:FF:2E:E1:05:F8:34","sha256":"28:C3:99:73:D6:D0:D3:D2:B1:57:C9:C7:66:61:2B:DF:2A:BE:F0:2F:14:6A:2E:77:E8:42:65:3C:DA:8A:EE:C0"}}},"request":{"raw":"GET /act/wand/pc-download/video_8.16.1.min.js HTTP/1.1\r\nHost: www.nikke-eu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Thu, 24 Jul 2025 09:53:35 GMT\r\nContent-Encoding: gzip\r\nEtag: \"5ab3865a9cf8ba31d05bcaa59edb57d6\"\r\nContent-Type: application/javascript\r\nDate: Thu, 24 Jul 2025 09:57:47 GMT\r\nServer: tencent-cos\r\nx-cos-hash-crc64ecma: 13808262753611890552\r\nx-cos-request-id: Njg4MjAzOWJfODg3NWI3MDlfNzgxYV9lYWY3NzBk\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cosindex-replication-status: Complete\r\nContent-Length: 193768\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 1056458631911371640\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":668416,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65149)","md5":"5ab3865a9cf8ba31d05bcaa59edb57d6","sha1":"65d1dab234a6cb5614f3f86791bcb7edb839b8c5","sha256":"93f04f9cb3bce9d8642650551e819fd7c35914f708e3a97ffcd99c8d6a8e705f","sha512":"1c851a08a3dadde34b4a85a3516417b92a1a3862628f7c811142183b767c1e9dec82fcc51d0695b8d26f8bc0ec0895efaf053569ae2ef12389669fb88cf273e4","ssdeep":"6144:c4uP6/mKDzyiejU4NNHSlcc4kKMZQOYGamboZkdBkGVe+vYgYkpoM1IYOaP3pM6V:c4uP8mOqU46cEdq+vYgYkRrOw43cH","tlshash":"ece47cd43294613702da9097946f030273399dad6808c06df92dfeda2eece45b17bbb5","first_seen":"2024-12-27T16:14:47.763982Z","last_seen":"2025-11-18T23:33:55.829914Z","times_seen":52,"resource_available":true,"data":null}},"time_used":223,"timings":{"blocked":70,"dns":2,"connect":27,"send":0,"wait":23,"receive":50,"ssl":47},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn-apac.onetrust.com/logos/static/powered_by_logo.svg","fqdn":"cdn-apac.onetrust.com","domain":"onetrust.com","tld":"com"},"ip":{"addr":"104.18.32.137","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:19.201Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"onetrust.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 01:43:25 GMT","end":"Wed, 11 Feb 2026 02:43:23 GMT"},"fingerprint":{"sha1":"EB:6B:52:98:E5:B0:CA:A9:F4:63:C7:8E:59:8E:6D:FC:AA:B9:90:B7","sha256":"05:40:C5:36:2E:62:5C:4A:3F:E1:1A:F7:DA:C5:5B:0F:02:8B:BE:79:C2:92:21:8C:52:78:FB:BE:03:EA:D1:AD"}}},"request":{"raw":"GET /logos/static/powered_by_logo.svg HTTP/1.1\r\nHost: cdn-apac.onetrust.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 16 Nov 2025 05:32:19 GMT\r\ncontent-type: image/svg+xml\r\ncontent-encoding: gzip\r\ncontent-md5: Y+c301RBZNK39PvKQWrIBw==\r\nlast-modified: Wed, 12 Nov 2025 08:04:59 GMT\r\nx-ms-request-id: 63360de2-c01e-0059-331e-541e89000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,ETag,Last-Modified,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\nage: 84448\r\nexpires: Mon, 17 Nov 2025 05:32:19 GMT\r\ncache-control: public, max-age=86400\r\ncf-cache-status: HIT\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\ncf-ray: 99f49b6bed6135a6-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5194,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"63e737d3544164d2b7f4fbca416ac807","sha1":"030370aa38715e4c41589633f69d0bfe8255d46c","sha256":"5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d","sha512":"31ee1bb536c0e50f5568a415ea3308367bfcfd11d2a6f7dff1c8e3a982f7be790c240a603cd4c6e187672824b8e5d07646049a28c6a88a7b001eb9a0142f312b","ssdeep":"96:mD6VAMcWnVRSNUrN3Sky4gNeLSYiJ7iFsAkl2+heNm7iprXbep5DkoG23b+WYYY:p9bSNURZyNNnRJqsAehheImprmDkozYV","tlshash":"93b1a9f5aa45d29c391e8984ce37a964551fb4eb7bfe83d06192d332e40ede0f900c18","first_seen":"2023-05-04T19:47:29Z","last_seen":"2026-04-04T06:23:56.838526Z","times_seen":116944,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.redditstatic.com/ads/pixel.js","fqdn":"www.redditstatic.com","domain":"redditstatic.com","tld":"com"},"ip":{"addr":"151.101.65.140","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:19.269Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.redditstatic.com","organization":"REDDIT, INC."},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 09 Jul 2025 00:00:00 GMT","end":"Sun, 04 Jan 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3B:D8:24:7F:57:02:C9:7F:8E:87:E4:D0:11:D8:3A:A1:6C:0D:6A:E6","sha256":"51:24:10:B4:78:D3:03:5C:85:CA:5D:3F:BC:D8:8B:D0:F1:A3:9E:EF:B8:BC:B2:0D:88:CC:81:16:26:13:BC:63"}}},"request":{"raw":"GET /ads/pixel.js HTTP/1.1\r\nHost: www.redditstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 14 Nov 2025 16:33:12 GMT\r\netag: \"a5df9b0a6b9a5bc6f960254ec64fe62c\"\r\nx-amz-server-side-encryption: AES256\r\ncache-control: public, max-age=60\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Sun, 16 Nov 2025 05:32:19 GMT\r\nvary: Accept-Encoding,Origin\r\nserver: snooserv\r\nreport-to: {\"group\": \"w3-reporting-nel\", \"max_age\": 14400, \"include_subdomains\": true,  \"endpoints\": [{ \"url\": \"https://w3-reporting-nel.reddit.com/reports\" }]}, {\"group\": \"w3-reporting\", \"max_age\": 14400, \"include_subdomains\": true, \"endpoints\": [{ \"url\": \"https://w3-reporting.reddit.com/reports\" }]}, {\"group\": \"w3-reporting-csp\", \"max_age\": 14400, \"include_subdomains\": true, \"endpoints\": [{ \"url\": \"https://w3-reporting-csp.reddit.com/reports\" }]}\r\nnel: {\"report_to\": \"w3-reporting-nel\", \"max_age\": 14400, \"include_subdomains\": false, \"success_fraction\": 0.02, \"failure_fraction\": 0.02}\r\nalt-svc: h3=\":443\";ma=2592000;persist=1,h3-29=\":443\";ma=2592000;persist=1,h3-27=\":443\";ma=2592000;persist=1\r\ncontent-length: 19902\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":79251,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"13be839c716096cc9b551f3c8a185fac","sha1":"11ae748b51a8373da868019479d148e6b6f7fe3f","sha256":"94c22d711829463bbbff809b4b9499000084e5832dab4f5157063b45fb241d6c","sha512":"9209ae2c0e3d394037f0503942cbbb055ca177bd8a7016ef835a963547f507f1fcf9eb80c65d8d5e6e799ed9dc91ebced94c2f47fa7a9499b9f350ff72484a95","ssdeep":"1536:Pxy04nSyc6B/Ey+1W7nhy3Y5Ehx523D03DG3lxi:JkZX7n6Y5EuO8Di","tlshash":"6373d5c972c2f066839771b1902f110bf23e6e56a8dc9150e219f4f5bcb494e9277fa8","first_seen":"2025-11-14T16:37:41.644702Z","last_seen":"2026-03-28T01:15:14.261305Z","times_seen":18840,"resource_available":true,"data":null}},"time_used":149,"timings":{"blocked":66,"dns":26,"connect":13,"send":0,"wait":14,"receive":3,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.nikke-eu.com/act/wand/pc-download/assets/intlAreaCode.029a0b98.js","fqdn":"www.nikke-eu.com","domain":"nikke-eu.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:20.059Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"nikke-eu.com","organization":"PROXIMA BETA PTE. LIMITED"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 17 Feb 2025 00:00:00 GMT","end":"Wed, 18 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4E:FB:88:CA:40:A1:31:87:4F:97:97:6A:22:B0:FF:2E:E1:05:F8:34","sha256":"28:C3:99:73:D6:D0:D3:D2:B1:57:C9:C7:66:61:2B:DF:2A:BE:F0:2F:14:6A:2E:77:E8:42:65:3C:DA:8A:EE:C0"}}},"request":{"raw":"GET /act/wand/pc-download/assets/intlAreaCode.029a0b98.js HTTP/1.1\r\nHost: www.nikke-eu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/act/wand/pc-download/assets/index.d154e7f6.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 09 May 2025 03:33:26 GMT\r\nContent-Encoding: gzip\r\nEtag: \"b61fa11f06efc436b6b273aed2200fbc\"\r\nContent-Type: application/javascript\r\nDate: Sun, 18 May 2025 00:29:36 GMT\r\nServer: tencent-cos\r\nx-cos-hash-crc64ecma: 9658141088896093867\r\nx-cos-meta-md5: b61fa11f06efc436b6b273aed2200fbc\r\nx-cos-request-id: NjgyOTI5ZjBfZmRlZjc4MGJfMmU2MTVfNTMwNjY5Yw==\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cosindex-replication-status: Complete\r\nContent-Length: 2349\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 17860774896740009892\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4532,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (4531)","md5":"b61fa11f06efc436b6b273aed2200fbc","sha1":"6ac00ec31904dc2bf098e27a18b2c20bac64781e","sha256":"39686d9193ea74207cb4208788fd9e1bc0d1efd5f3a81280d44f9ad558eeeb62","sha512":"a2451184e82f54dacdbe8c1ca40784b745ef30b5d513a8267fadd0cbee8fbdff7a39cbe7d04427cff2ba54ef4d506acc75f71d58cd13ab07246bcc95bc7bdecb","ssdeep":"96:hCxtMsEvjBLuUWa2WQ/YTLovzHXZ1PL+6VC0KUv:IxtM9vjBLDWa2Wubjfz++8Uv","tlshash":"4691740ddf3d20bb5d76daf9bcc69ef4b425400865696c5388de82bd0b20a7e6131a3d","first_seen":"2024-05-01T09:38:52Z","last_seen":"2026-03-05T07:34:47.200289Z","times_seen":51,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.nikke-eu.com/act/wand/pc-download/assets/index.14836b81.js","fqdn":"www.nikke-eu.com","domain":"nikke-eu.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:20.332Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"nikke-eu.com","organization":"PROXIMA BETA PTE. LIMITED"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 17 Feb 2025 00:00:00 GMT","end":"Wed, 18 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4E:FB:88:CA:40:A1:31:87:4F:97:97:6A:22:B0:FF:2E:E1:05:F8:34","sha256":"28:C3:99:73:D6:D0:D3:D2:B1:57:C9:C7:66:61:2B:DF:2A:BE:F0:2F:14:6A:2E:77:E8:42:65:3C:DA:8A:EE:C0"}}},"request":{"raw":"GET /act/wand/pc-download/assets/index.14836b81.js HTTP/1.1\r\nHost: www.nikke-eu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/act/wand/pc-download/assets/index.d154e7f6.js\r\nCookie: dv0qai26lg6v2y6kl7yyc36brextd7fh7oqka1bs=pjqjfznqkhh; dv0qai26lg6v2y6kl7yyc36brextdwnac34rge5n=vp9qox301xg; dv0qai26lg6v2y6kl7yyc36brextdzxres5brlto=uoq8vm6ryrb; dv0qai26lg6v2y6kl7yyc36brextd4knc9bn9qzp=6yemacqwvsw; dv0qai26lg6v2y6kl7yyc36brextdzwbdd07dgme=i9fpn5b0i18; dv0qai26lg6v2y6kl7yyc36brextdq4v4mq8bh2i=fza95rh2pkr; dv0qai26lg6v2y6kl7yyc36brextd1g0m9ov5ws4=cmx1qbmdd6a; _mg_ckp=eyJja1RrZERGIjoiIn0=; dv0qai26lg6v2y6kl7yyc36brextdp88m8vgsd2a=nqtsmbvpya; dv0qai26lg6v2y6kl7yyc36brextdq3raj5vuunp=jvqymuu1p7; dv0qai26lg6v2y6kl7yyc36brextd51w0i1h33tk=llhg26u9s89; dv0qai26lg6v2y6kl7yyc36brextdbbotnzlo1qg=dzlpcebqbo\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 31 Oct 2025 11:19:03 GMT\r\nContent-Encoding: gzip\r\nEtag: \"85a1b41f071122e522c77e3bc61cdf1d\"\r\nContent-Type: application/javascript\r\nDate: Fri, 31 Oct 2025 11:22:40 GMT\r\nServer: tencent-cos\r\nx-cos-hash-crc64ecma: 18071213927793360565\r\nx-cos-request-id: NjkwNDljMDBfOGMxNTc5MWVfMzRjYjNfMWQ2ZWRiMDI=\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-trace-id: OGVmYzZiMmQzYjA2OWNhODk0NTRkMTBiOWVmMDAxODc0OWRkZjk0ZDM1NmI1M2E2MTRlY2MzZDhmNmI5MWI1OWE4OGMxZjNjY2JiNTBmMTVmMWY1MzAzYzkyZGQ2ZWM4MzZkMTZiZDQxYTg4MzRiMzIwYzRkYTRjMWFkNDM3YjQ=\r\nx-cosindex-replication-status: Complete\r\nContent-Length: 274298\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 17916478567643280378\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":494514,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"85a1b41f071122e522c77e3bc61cdf1d","sha1":"f71bd9c3cfe35ad899ea567b3958988999dde0fd","sha256":"7e638fa5b2e258250008388c25a21b3c9c2c8f2967164cd300e668c6d32a2bce","sha512":"9df77f95b3ef76ed7a9d5137440eb830288c4440e5529dc24b7d5104ae28a12b04535fbc438831207805c0f3c3385b81a179d369aea2d3fa3c0a7edd1678beeb","ssdeep":"12288:GsYk+vuR85ueVMmBd9Sx5y9CVX2jII9RiQZivyeuzTX8oX7MbnmyFW84e4rP+66J:GsYk+vu+Xpk5yMVX2jII9RhZm67HX7Mh","tlshash":"a2b48df73500f75a42ca7001403e391549e8dd6fb37a18eaa6e649965ff8ad38f2b701","first_seen":"2025-11-06T11:00:44.099193Z","last_seen":"2025-11-18T23:33:55.783713Z","times_seen":33,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"boopoaglauph.net/500/9283842?excludes=\u0026oaid=08028361f72b4f92ec2c9a7e627fbf14\u0026tgp=\u0026of=true\u0026sw_version=v1.758.0-s\u0026dmn=gizokraijaw.net\u0026fs=0\u0026cf=0\u0026sw=1280\u0026sh=1024\u0026sah=1024\u0026wx=0\u0026wy=0\u0026ww=1280\u0026wh=1024\u0026cw=271\u0026wiw=271\u0026wih=500\u0026wfc=3\u0026pl=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr1102251136%2Fid.html\u0026drf=https%3A%2F%2Fm.crichd.vip%2F\u0026np=1\u0026pt=0\u0026nb=1\u0026ng=0\u0026ix=1\u0026nw=1\u0026tb=false\u0026navlng=en-US\u0026bto=0\u0026btz=UTC\u0026jsp=1","fqdn":"boopoaglauph.net","domain":"boopoaglauph.net","tld":"net"},"ip":{"addr":"139.45.197.245","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://st.chatango.com/h5/gz/r1102251136/id.html","date":"2025-11-16T05:32:16.193Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"boopoaglauph.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 05:15:43 GMT","end":"Tue, 06 Jan 2026 05:15:42 GMT"},"fingerprint":{"sha1":"24:89:62:DF:C4:F0:79:46:2C:3A:8F:46:18:AB:42:BA:0F:D1:CE:EF","sha256":"63:66:51:4C:3B:6E:AF:90:62:78:E9:83:18:5A:5B:7D:F8:DB:EA:64:A3:DA:8E:0D:D2:46:89:27:83:4A:0A:3F"}}},"request":{"raw":"OPTIONS /500/9283842?excludes=\u0026oaid=08028361f72b4f92ec2c9a7e627fbf14\u0026tgp=\u0026of=true\u0026sw_version=v1.758.0-s\u0026dmn=gizokraijaw.net\u0026fs=0\u0026cf=0\u0026sw=1280\u0026sh=1024\u0026sah=1024\u0026wx=0\u0026wy=0\u0026ww=1280\u0026wh=1024\u0026cw=271\u0026wiw=271\u0026wih=500\u0026wfc=3\u0026pl=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr1102251136%2Fid.html\u0026drf=https%3A%2F%2Fm.crichd.vip%2F\u0026np=1\u0026pt=0\u0026nb=1\u0026ng=0\u0026ix=1\u0026nw=1\u0026tb=false\u0026navlng=en-US\u0026bto=0\u0026btz=UTC\u0026jsp=1 HTTP/1.1\r\nHost: boopoaglauph.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://st.chatango.com/\r\nOrigin: https://st.chatango.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 16 Nov 2025 05:32:16 GMT\r\ncontent-length: 0\r\nallow: GET, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://st.chatango.com\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 600\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T06:46:00.057853Z","times_seen":13320224,"resource_available":true,"data":null}},"time_used":198,"timings":{"blocked":86,"dns":0,"connect":26,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"boopoaglauph.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"boopoaglauph.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"boopoaglauph.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"boopoaglauph.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"boopoaglauph.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn-apac.onetrust.com/logos/static/ot_close.svg","fqdn":"cdn-apac.onetrust.com","domain":"onetrust.com","tld":"com"},"ip":{"addr":"104.18.32.137","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:19.146Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"onetrust.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 01:43:25 GMT","end":"Wed, 11 Feb 2026 02:43:23 GMT"},"fingerprint":{"sha1":"EB:6B:52:98:E5:B0:CA:A9:F4:63:C7:8E:59:8E:6D:FC:AA:B9:90:B7","sha256":"05:40:C5:36:2E:62:5C:4A:3F:E1:1A:F7:DA:C5:5B:0F:02:8B:BE:79:C2:92:21:8C:52:78:FB:BE:03:EA:D1:AD"}}},"request":{"raw":"GET /logos/static/ot_close.svg HTTP/1.1\r\nHost: cdn-apac.onetrust.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 16 Nov 2025 05:32:19 GMT\r\ncontent-type: image/svg+xml\r\ncontent-encoding: gzip\r\ncontent-md5: pcXWFGpuVeSg/jVnYCseRg==\r\nlast-modified: Wed, 12 Nov 2025 08:04:57 GMT\r\nx-ms-request-id: f803fac0-801e-0005-4c17-544bd1000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,ETag,Last-Modified,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\nage: 30385\r\nexpires: Mon, 17 Nov 2025 05:32:19 GMT\r\ncache-control: public, max-age=86400\r\ncf-cache-status: HIT\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\ncf-ray: 99f49b6b9d0d35a6-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":651,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a5c5d6146a6e55e4a0fe3567602b1e46","sha1":"c75ff1b713378aec779fb248e22daa513aca725b","sha256":"901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc","sha512":"d21d979974542243a4d70036f87bfc0549b6793b809ed09044946be2a25c47811a99e20fdb1f3044082a5509664101d4bca241a1ca7b09fe80084ceafa092368","ssdeep":"","tlshash":"a3f0f9ea9b7464f56a6987f8f7250d823477886868198764c83d171eb4c384c6d1ce06","first_seen":"2023-05-04T08:49:37Z","last_seen":"2026-04-04T06:11:13.876867Z","times_seen":30697,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sg-nikke.playerinfinite.com/act/wand/9e023b4f-34d5-49a0-8a30-29f2e050dd8c.webp","fqdn":"sg-nikke.playerinfinite.com","domain":"playerinfinite.com","tld":"com"},"ip":{"addr":"101.33.11.223","port":443,"asn":139341,"as":"ACE","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:23.165Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.playerinfinite.com","organization":"PROXIMA BETA PTE. LIMITED"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 16 Jun 2025 00:00:00 GMT","end":"Mon, 15 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:E7:1F:F5:AE:3C:B7:87:C6:B4:16:8A:44:C2:36:33:62:2C:8F:B3","sha256":"2A:E9:FF:31:20:68:39:73:71:6D:3D:92:50:E4:5A:6C:84:DB:96:95:1E:AC:F4:0E:CB:8C:93:CF:43:86:F5:FE"}}},"request":{"raw":"GET /act/wand/9e023b4f-34d5-49a0-8a30-29f2e050dd8c.webp HTTP/1.1\r\nHost: sg-nikke.playerinfinite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Thu, 30 Oct 2025 10:22:35 GMT\r\nEtag: \"7c3142ca193bca8c57e6230df643647d\"\r\nContent-Type: image/webp\r\nContent-Length: 351238\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 12820849795116881543\r\nConnection: keep-alive\r\nServer: lego_ovs_video\r\nDate: Sun, 16 Nov 2025 05:32:23 GMT\r\nX-Cache-Lookup: Cache Hit\r\nCache-Control: max-age=604800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":351238,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"7c3142ca193bca8c57e6230df643647d","sha1":"64df65bf2f848e1228668390e97ff6418db8a9bb","sha256":"b87c49ea91cf20d3874b6d7fe636d03e28d454b4b6cfc5407c765e8de731949f","sha512":"9ebcd6a61e933104fd9dca1c0480d6e99f65c9af630ea77693fad3fd5d755e1e4925f28cc123623ff9e68936cfd6b64223959b2c9533b586e4df9b77e6170850","ssdeep":"6144:q/WkWKOgc763uObPdMfh451rXrUWXlOmow8yUBYX6u0OATUgUgTvXhypmtXW4V5m:q+JX763uAFiePrX7QmogySrgUgTvRyII","tlshash":"2f7423fba14d26b1968e40a175257feccd0373ae230d85156783dbd2d03aa09ef4b897","first_seen":"2025-11-06T11:00:44.089424Z","last_seen":"2026-03-05T07:34:47.203977Z","times_seen":19,"resource_available":false,"data":null}},"time_used":109,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":45,"receive":64,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/assets/uploads/categories/17.webp","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.crichd.vip/web007","date":"2025-11-16T05:32:11.559Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crichd.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:56:14 GMT","end":"Thu, 05 Feb 2026 05:53:57 GMT"},"fingerprint":{"sha1":"40:25:3E:9A:40:8E:95:C7:E1:D7:E0:E5:03:BD:16:64:DB:44:2E:46","sha256":"35:43:E1:EF:96:B6:B2:9D:09:40:04:F9:0B:26:FE:53:B4:89:D6:E1:4D:6E:4F:3C:5E:59:6B:8F:07:CA:23:1D"}}},"request":{"raw":"GET /assets/uploads/categories/17.webp HTTP/1.1\r\nHost: m.crichd.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.crichd.vip/web007\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 05:32:11 GMT\r\ncontent-type: image/webp\r\npriority: u=4,i=?0\r\nlast-modified: Fri, 30 Aug 2024 13:18:46 GMT\r\ncontent-length: 15784\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"66d1c6b6-3da8\"\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nage: 1969\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7PeaZ0NilbmmQHiPwmsb0DpuejSnVDsWlvq9ispwOk5juMg5%2FOXu8HDYSmJP5Y2WtyKLgHLdOYpK%2BoZRZkAwvMUJ3lxmIWLV9qw%3D\"}]}\r\nvary: accept-encoding\r\ncf-ray: 99f49b3bf8cc56c7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15784,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x675, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"ec11cd383d99e97afbdca804be2f77b3","sha1":"c23014b8566317b41391da1f6cb2fe9b296b378d","sha256":"8edad8cdd0341b57833a2c3608c102550047c9f3095718504cbf7e4440e2b9a8","sha512":"d1a5f3743de3907c05aff8057b51a95ae12a4a10348a968e4008456ef010ad060a64b0ce4d07e746d9fc0afd7b24dce9950cd0fe76bb3f2d08996caf1f687c11","ssdeep":"384:LBfeD3VUZe81zPPXFIfkN8SRBqCVPjgfqFK7c6JcKm:LID3qIcqSRcCPsSgf65","tlshash":"a362cf05e3434762cabb16633a631bc36d474a68b07ce43f09275f6a4f8617e9d9287c","first_seen":"2025-07-17T18:00:00.063577Z","last_seen":"2026-02-08T14:16:08.328859Z","times_seen":8,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/assets/uploads/channels/55.png","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.crichd.vip/web007","date":"2025-11-16T05:32:11.601Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crichd.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:56:14 GMT","end":"Thu, 05 Feb 2026 05:53:57 GMT"},"fingerprint":{"sha1":"40:25:3E:9A:40:8E:95:C7:E1:D7:E0:E5:03:BD:16:64:DB:44:2E:46","sha256":"35:43:E1:EF:96:B6:B2:9D:09:40:04:F9:0B:26:FE:53:B4:89:D6:E1:4D:6E:4F:3C:5E:59:6B:8F:07:CA:23:1D"}}},"request":{"raw":"GET /assets/uploads/channels/55.png HTTP/1.1\r\nHost: m.crichd.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.crichd.vip/web007\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 05:32:11 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 02 Sep 2021 09:45:39 GMT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=75tG5DtwZLnHknBPnDmqBj2cYc2AA5lUgdW9DxW%2FvvoAlqp4cBuuR4Iy5kawrSLVO%2B6zCu7mwgc7IH8hEgO%2FUugxc49UH6tR8Bs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: \"61309d43-107b3\"\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 1961\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: 99f49b3c08d656c7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":67507,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 815 x 100, 8-bit/color RGBA, non-interlaced","md5":"69e258fc9d87ad5d9237599041025935","sha1":"6118fc8ddcca28ad452827c9a48592cc15590529","sha256":"7e4a8721c2ac7b75a9780ae23d3f4c118036d5ab2d2d0454e99fa813c5c4520b","sha512":"70488733cf3acad69b57392c1734abd05979c3ef1465e507cb3d220af55d96a4a402d9422b0f88b3fecdc6ff6e05b64704434ba07248b32baa992e91d84ed309","ssdeep":"1536:w4fV6YpfMQl3mMg716eWOK/o5kH3MeTswTp:bfZdsZew5kH8PwV","tlshash":"3363021914f543d59b04fb6eec37d8a1b94c2a071dcff20811af08dd9634beb5ab509a","first_seen":"2023-05-26T18:24:13Z","last_seen":"2026-02-08T14:16:08.29008Z","times_seen":31,"resource_available":false,"data":null}},"time_used":51,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn-apac.onetrust.com/logos/static/ot_guard_logo.svg","fqdn":"cdn-apac.onetrust.com","domain":"onetrust.com","tld":"com"},"ip":{"addr":"104.18.32.137","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:19.202Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"onetrust.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 01:43:25 GMT","end":"Wed, 11 Feb 2026 02:43:23 GMT"},"fingerprint":{"sha1":"EB:6B:52:98:E5:B0:CA:A9:F4:63:C7:8E:59:8E:6D:FC:AA:B9:90:B7","sha256":"05:40:C5:36:2E:62:5C:4A:3F:E1:1A:F7:DA:C5:5B:0F:02:8B:BE:79:C2:92:21:8C:52:78:FB:BE:03:EA:D1:AD"}}},"request":{"raw":"GET /logos/static/ot_guard_logo.svg HTTP/1.1\r\nHost: cdn-apac.onetrust.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.nikke-eu.com/\r\nOrigin: https://www.nikke-eu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 16 Nov 2025 05:32:19 GMT\r\ncontent-type: image/svg+xml\r\ncontent-encoding: gzip\r\ncontent-md5: tXyZydHjxQshFMbbBT1/8A==\r\nlast-modified: Wed, 12 Nov 2025 08:04:54 GMT\r\nx-ms-request-id: 6757e326-101e-0081-7ed2-5339d0000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,ETag,Last-Modified,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\ncf-cache-status: HIT\r\nage: 37578\r\nexpires: Mon, 17 Nov 2025 05:32:19 GMT\r\ncache-control: public, max-age=86400\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\ncf-ray: 99f49b6bed6335a6-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":497,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b57c99c9d1e3c50b2114c6db053d7ff0","sha1":"ada8abfed92ba8a545bbd9d299d74d5972cc4ae8","sha256":"691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19","sha512":"0dab6d06f386d922fb28f70f2590d4f9c361e7f4e5d5e581b98e59aac12b266cba596ffccd87203b4330673ee4ec1d459a1abdfc4b066d243a43b2bf7909f0ee","ssdeep":"","tlshash":"2ef0d4d91906a6adb6822e7cdd3c56e04c2c7ce274dc22c894cce094d4489bc9705855","first_seen":"2023-05-07T20:46:54Z","last_seen":"2026-04-04T06:23:56.748046Z","times_seen":115778,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sg-act.playerinfinite.com/api/proxy_direct/account/Account/GetUserCountryCodeWithIP","fqdn":"sg-act.playerinfinite.com","domain":"playerinfinite.com","tld":"com"},"ip":{"addr":"43.134.152.232","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:19.756Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.playerinfinite.com","organization":"PROXIMA BETA PTE. LIMITED"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 16 Jun 2025 00:00:00 GMT","end":"Mon, 15 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:E7:1F:F5:AE:3C:B7:87:C6:B4:16:8A:44:C2:36:33:62:2C:8F:B3","sha256":"2A:E9:FF:31:20:68:39:73:71:6D:3D:92:50:E4:5A:6C:84:DB:96:95:1E:AC:F4:0E:CB:8C:93:CF:43:86:F5:FE"}}},"request":{"raw":"POST /api/proxy_direct/account/Account/GetUserCountryCodeWithIP HTTP/1.1\r\nHost: sg-act.playerinfinite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nOrigin: https://www.nikke-eu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 16 Nov 2025 05:32:19 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 102\r\nstrict-transport-security: max-age=15724800; includeSubDomains\r\naccess-control-allow-origin: https://www.nikke-eu.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: PUT, GET, POST, OPTIONS\r\naccess-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie,X-Gameid,X-Language,X-Source,X-Ticket,X-Uid,X-Areaid\r\naccess-control-max-age: 1728000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":102,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"JSON text data","md5":"485cb36daddd442a7d7b28a42c8e18a5","sha1":"781bd40bb7172c267e5702da73fd3bb707439929","sha256":"e16ce6b62bc8e1f35f4b0abef75c8a53d557fee9d35bc4a4cb05890396196670","sha512":"0b71387eb0af69edc472e2751a4a2a2c78e49b15ef7e0431648bf55e9ff9246b59ad3f4de484edfd493761cc190fdfa21236697cec3cbe1f739b4b57d8d10cbd","ssdeep":"","tlshash":"22b01222142c24174ad2124c202d0759816cc541ad310508deec1e30430e3992914c3c","first_seen":"2025-11-16T05:32:51.445339Z","last_seen":"2025-11-16T05:32:51.445339Z","times_seen":1,"resource_available":false,"data":null}},"time_used":260,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":260,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.jupiterlauncher.com/api/v1/fleet.platform.game.TinyLinkProxy/Long2Short?channel_id=3\u0026game_id=29080\u0026sdk_version=2.0\u0026seq=\u0026source=1\u0026ts=1763271141","fqdn":"www.jupiterlauncher.com","domain":"jupiterlauncher.com","tld":"com"},"ip":{"addr":"54.176.249.241","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:21.368Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.jupiterlauncher.com","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 27 Mar 2025 00:00:00 GMT","end":"Sun, 26 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"78:3E:C8:3F:AD:CE:4F:26:CD:49:D9:25:D3:64:2D:39:1A:D2:FF:6D","sha256":"53:36:8C:AA:0F:5C:C3:29:7E:35:90:ED:FC:AD:F1:22:AA:1E:5C:55:0E:85:39:E3:40:29:D1:86:A5:44:3E:8E"}}},"request":{"raw":"POST /api/v1/fleet.platform.game.TinyLinkProxy/Long2Short?channel_id=3\u0026game_id=29080\u0026sdk_version=2.0\u0026seq=\u0026source=1\u0026ts=1763271141 HTTP/1.1\r\nHost: www.jupiterlauncher.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.nikke-eu.com/\r\nContent-Type: application/json\r\nContent-Length: 162\r\nOrigin: https://www.nikke-eu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 16 Nov 2025 05:32:21 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: openresty/1.19.9.1\r\nx-content-type-options: nosniff\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: POST, GET, OPTIONS\r\naccess-control-allow-headers: X-PINGOTHER, Content-Type, trpc-caller\r\naccess-control-allow-origin: https://www.nikke-eu.com\r\naccess-control-max-age: 1000\r\nx-trace-id: a3d1e7ff-64d7-4b15-ae5b-e5e596934a38\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.19.9.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":74,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"dde4075c80a7f684c445bfc0d63f6a44","sha1":"2caace33446a5931fbac69c5c40d3213989d1795","sha256":"eab8caa6ae599c409ff7a3e85ee0492c4cc9449789534c50220bd5b9a218530e","sha512":"8608c87cbd8251cc8daa4daf857d9a4fdc97af1aec0db1b7a2b606b00bdfc7c87af2f62eefa2465df70701facfa8222a447791503e72c2925072dc0534f64b54","ssdeep":"","tlshash":"31a002d628dd0e561747bd05750e354178ee50e8cff931819c2c526c879891cbf9932c","first_seen":"2025-11-06T11:00:44.039046Z","last_seen":"2025-11-18T23:33:55.749511Z","times_seen":16,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/assets/font-awesome/css/font-awesome.min.css","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.crichd.vip/web007","date":"2025-11-16T05:32:11.544Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crichd.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:56:14 GMT","end":"Thu, 05 Feb 2026 05:53:57 GMT"},"fingerprint":{"sha1":"40:25:3E:9A:40:8E:95:C7:E1:D7:E0:E5:03:BD:16:64:DB:44:2E:46","sha256":"35:43:E1:EF:96:B6:B2:9D:09:40:04:F9:0B:26:FE:53:B4:89:D6:E1:4D:6E:4F:3C:5E:59:6B:8F:07:CA:23:1D"}}},"request":{"raw":"GET /assets/font-awesome/css/font-awesome.min.css HTTP/1.1\r\nHost: m.crichd.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.crichd.vip/web007\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 05:32:11 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 31 Oct 2021 16:17:40 GMT\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CUxwM6nqJkYbWfjvcOipVN8on1jGY0bdg30Mn3hgSQB6nmRzDrYuLoWKqff63AvZ%2B%2FCXq%2BobU6ctRlKywQ4Z14u%2F5NmB9q131qY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: \"617ec1a4-7187\"\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 1969\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: 99f49b3be8c356c7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29063,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (28900)","md5":"4083f5d376eb849a458cc790b53ba080","sha1":"fb5b49426dee7f1508500e698d1b3c6b04c8fcce","sha256":"008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420","sha512":"e2e1991e96c3962371880bff43364da3fc9bd85b405feaa20dbef2a415a211d2505fc3ee829f0cea297949190df2342b0cb5ac877aeb3c349745fdc3c0560cea","ssdeep":"384:Uu5yWeTUKW+KlkJ5de2UYDyVfwYUas8l8yQ/8dwwdG:flr+Klk3Yi+fwYUf8l8yQ/eC","tlshash":"a4d250e8e54c01d66731c48bff81b36862b6f73dd5844d99f01f690c29d22a522c5fba","first_seen":"2023-04-05T09:56:39Z","last_seen":"2026-04-04T06:17:28.498651Z","times_seen":15971,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"st.chatango.com/cfg/nc/r.json?3724580020000387561883703","fqdn":"st.chatango.com","domain":"chatango.com","tld":"com"},"ip":{"addr":"208.93.230.18","port":443,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.crichd.vip/web007","date":"2025-11-16T05:32:12.468Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.chatango.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 15 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:69:E1:D0:F3:D1:74:D0:DA:D5:22:F8:D3:1E:06:08:AD:10:C4:11","sha256":"09:28:F7:57:15:FC:10:13:9B:36:F1:1C:C5:1D:EE:8C:45:0E:F5:7B:37:E3:7C:84:D3:8B:89:EE:9E:19:0E:20"}}},"request":{"raw":"GET /cfg/nc/r.json?3724580020000387561883703 HTTP/1.1\r\nHost: st.chatango.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://m.crichd.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.crichd.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 16 Nov 2025 05:32:13 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 20\r\nLast-Modified: Sun, 02 Nov 2025 19:40:21 GMT\r\nConnection: keep-alive\r\nETag: \"6907b3a5-14\"\r\nCache-Control: max-age=0, no-cache, no-store, must-revalidate\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JSON text data","md5":"1414baeaa25ef2dd6c0d8f8b7e9b6d3a","sha1":"63771f513adef8febb6fe44441d8d82d91a1af80","sha256":"33f7bf2a87c0f5aac17828a784a9632795366e6b52438da460703b18c4025e45","sha512":"b1dccf384751995b77ca811983b60a220a239f91924c88fcbb37f76489a8bbfd07e44f834af05ec8c9d8b66a36be83d296b74ae72083531872e5e8c5bdd85673","ssdeep":"","tlshash":"f17000a08a0828020a000080020220022000a20802a00c080000a800a8c03002a0f802","first_seen":"2025-11-03T23:42:14.828299Z","last_seen":"2025-12-12T20:01:09.443854Z","times_seen":95,"resource_available":false,"data":null}},"time_used":1153,"timings":{"blocked":495,"dns":1,"connect":160,"send":0,"wait":163,"receive":0,"ssl":331},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn-apac.onetrust.com/scripttemplates/202409.2.0/assets/otCommonStyles.css","fqdn":"cdn-apac.onetrust.com","domain":"onetrust.com","tld":"com"},"ip":{"addr":"104.18.32.137","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:19.064Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"onetrust.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 01:43:25 GMT","end":"Wed, 11 Feb 2026 02:43:23 GMT"},"fingerprint":{"sha1":"EB:6B:52:98:E5:B0:CA:A9:F4:63:C7:8E:59:8E:6D:FC:AA:B9:90:B7","sha256":"05:40:C5:36:2E:62:5C:4A:3F:E1:1A:F7:DA:C5:5B:0F:02:8B:BE:79:C2:92:21:8C:52:78:FB:BE:03:EA:D1:AD"}}},"request":{"raw":"GET /scripttemplates/202409.2.0/assets/otCommonStyles.css HTTP/1.1\r\nHost: cdn-apac.onetrust.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.nikke-eu.com/\r\nOrigin: https://www.nikke-eu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 16 Nov 2025 05:32:19 GMT\r\ncontent-type: text/css\r\ncontent-encoding: gzip\r\ncontent-md5: A9jekd5UoO8SyzJ6LiStug==\r\nlast-modified: Thu, 28 Nov 2024 09:49:15 GMT\r\nx-ms-request-id: a18424dd-e01e-0013-0a94-49bd06000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,ETag,Last-Modified,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\nage: 37578\r\nexpires: Mon, 17 Nov 2025 05:32:19 GMT\r\ncache-control: public, max-age=86400\r\ncf-cache-status: HIT\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\ncf-ray: 99f49b6b1c8f35a6-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":24745,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (24745), with no line terminators","md5":"03d8de91de54a0ef12cb327a2e24adba","sha1":"5d758dcc4afeaf7989e499e5842e2ba355c8c535","sha256":"e2afa04c9a3e080712c94d68b9c1d33587fddcbaeaba9dfcaf1d53d19f6a280a","sha512":"75aecaca92892f75129bc02d50293b1f144fa8a914305ddcc5f135c1ffcda0ec35c6ee6cce036081d91e865a49fedebd09ad8903bfd6bb4d8a741e5360c38f31","ssdeep":"384:WZ8ChhGoFpHDouLlCS7FGAVsq1nwGfg4xqsQMPNE:OlpuJ","tlshash":"f5b2459b38512b1ae7d7c719992139827d11aceffd739ceee005a3784adc3e24c1464a","first_seen":"2024-10-11T08:31:51.730256Z","last_seen":"2026-04-04T05:28:38.779663Z","times_seen":6379,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/assets/uploads/channels/51.png","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.crichd.vip/web007","date":"2025-11-16T05:32:11.572Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crichd.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:56:14 GMT","end":"Thu, 05 Feb 2026 05:53:57 GMT"},"fingerprint":{"sha1":"40:25:3E:9A:40:8E:95:C7:E1:D7:E0:E5:03:BD:16:64:DB:44:2E:46","sha256":"35:43:E1:EF:96:B6:B2:9D:09:40:04:F9:0B:26:FE:53:B4:89:D6:E1:4D:6E:4F:3C:5E:59:6B:8F:07:CA:23:1D"}}},"request":{"raw":"GET /assets/uploads/channels/51.png HTTP/1.1\r\nHost: m.crichd.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.crichd.vip/web007\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 05:32:11 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 28 Oct 2021 20:47:19 GMT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sFrJMRNBpS%2Fbm2CbkpTxwgxrH78ZMNq%2Bsjd4wZisNU2aSVpD7Lv3d9hYzE%2BxyM6iTTNRrzpJ%2BVFS4jrp%2FA%2Fcv4lKQxq1dLQaoZM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: \"617b0c57-1aba3\"\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 1961\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: 99f49b3bf8d056c7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":109475,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 633 x 243, 8-bit/color RGBA, non-interlaced","md5":"bd8c30860e92611eb33a6f35b14684ae","sha1":"994447ed24b1d2c33d59f90648cb8086157dc13d","sha256":"65e142c43c81edc83c30a065c92de5674f07be304c085db1a620b23e7febee31","sha512":"9c198c6a6c14b10b59014dd6c9c315e1e2082ec4cfb3f2786199724c038d1ad6478965526479218bd9b43e38673cd86f8fffb2149d77295d37c39d01ef2a56b3","ssdeep":"1536:Wqqy296k0LtbbTZUK6FV11B05gOsQVy0fC5mljOZ0EK54Ic02PRK/k6Ti+ujEsCK:W2wh+hbTaKoAdYajJS02PRK/3ISJDY","tlshash":"61b3123c279871ec1332c29bf55f253cce6e60fe1195c94ae26c5c4a06fda3231751a5","first_seen":"2024-08-19T20:24:35.690292Z","last_seen":"2026-02-08T14:16:08.286496Z","times_seen":9,"resource_available":false,"data":null}},"time_used":63,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":55,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/assets/images/custom-channels.png?123","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.crichd.vip/web007","date":"2025-11-16T05:32:11.608Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crichd.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:56:14 GMT","end":"Thu, 05 Feb 2026 05:53:57 GMT"},"fingerprint":{"sha1":"40:25:3E:9A:40:8E:95:C7:E1:D7:E0:E5:03:BD:16:64:DB:44:2E:46","sha256":"35:43:E1:EF:96:B6:B2:9D:09:40:04:F9:0B:26:FE:53:B4:89:D6:E1:4D:6E:4F:3C:5E:59:6B:8F:07:CA:23:1D"}}},"request":{"raw":"GET /assets/images/custom-channels.png?123 HTTP/1.1\r\nHost: m.crichd.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.crichd.vip/web007\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 05:32:11 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 13 Feb 2017 20:33:38 GMT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kuEq4BpyWUKlUsrR7tlNckT55O0P9aaIENETv%2FEM85oBYVJYgunnNGBz9Ppar2lA%2Fb0zm50x%2FGa8RAiYSgr27UrTd%2FmRX4%2BfYTg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: \"58a21822-15bf\"\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 1968\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: 99f49b3c08d756c7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5567,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 114 x 21, 8-bit/color RGBA, non-interlaced","md5":"b7e86d7f36b2f8c0a78099376a2381d3","sha1":"fbe4dd379abf9adc9ed7185c46d5bc2faa34ffda","sha256":"b47aa11227cba30f271eee4a41d33046b78243eb94da3d609594015bb839313f","sha512":"9f91e9c12f2eed438f16b511db5a9f9ab6360cebda1649d0a02e35c6165f054aea5cd357dccc458020d43953fc5d35139b573fd9b3503eea7566d425555612de","ssdeep":"96:nSDZ/I09Da01l+gmkyTt6Hk8nT5H20jWB2kcBE51M4yC:nSDS0tKg9E05T1A2kq+1dR","tlshash":"05b19eaf8ea4d8df5466b251096917e1772622bcce4b4b30704610ff4091d5b6b780e6","first_seen":"2023-05-26T18:24:13Z","last_seen":"2026-02-08T14:16:08.307256Z","times_seen":27,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/js/aclib.js","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.crichd.vip/web007","date":"2025-11-16T05:32:11.625Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crichd.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:56:14 GMT","end":"Thu, 05 Feb 2026 05:53:57 GMT"},"fingerprint":{"sha1":"40:25:3E:9A:40:8E:95:C7:E1:D7:E0:E5:03:BD:16:64:DB:44:2E:46","sha256":"35:43:E1:EF:96:B6:B2:9D:09:40:04:F9:0B:26:FE:53:B4:89:D6:E1:4D:6E:4F:3C:5E:59:6B:8F:07:CA:23:1D"}}},"request":{"raw":"GET /js/aclib.js HTTP/1.1\r\nHost: m.crichd.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.crichd.vip/web007\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 05:32:11 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 16 Nov 2025 05:00:01 GMT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=r8MdJLHFaNz9v5r%2BIy%2F7ZgV11xO7jpqCipta566dZEaPDnew7fAevVaA%2FaMoTmw6NjQf9S6rlffgxDHCBN2%2F9kGCQbA%2FnOVJWdA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: W/\"69195a51-394c6\"\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 1061\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: 99f49b3c18de56c7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":234694,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"92b840bef5ccce2b012b5d46b2d81aeb","sha1":"c01ff70ef1516143608cfdeb3ee0b28cdf3b4741","sha256":"3f55606686e62fc2837ca8d660031dfdca184162b530286391717a2f403c08e7","sha512":"b5047db8fab067f6d57a1e0450a9845826a0ef43f12237439a5f21d27afe3caabd3fdfd99726e1ff7dd91f9704dd0db9a34ad8888d52564159705868ef509d61","ssdeep":"6144:IO3Dj+1jn3BFVBC4jscT1bji/FUKOxsRUyhZnHVkj:IO3DjQj3BFVBC4dlji/FUKOSRhnmj","tlshash":"37345c153352773a7695809aac3a5330b335019a760ac02cb1ddcde372afdc97636bb8","first_seen":"2025-11-16T05:32:51.459991Z","last_seen":"2025-11-16T05:32:51.459991Z","times_seen":1,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn-apac.onetrust.com/consent/018dd03c-1e82-70b0-a52c-1aa6ee0a1b53/018dd03c-1e82-70b0-a52c-1aa6ee0a1b53.json","fqdn":"cdn-apac.onetrust.com","domain":"onetrust.com","tld":"com"},"ip":{"addr":"104.18.32.137","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:18.441Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"onetrust.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 01:43:25 GMT","end":"Wed, 11 Feb 2026 02:43:23 GMT"},"fingerprint":{"sha1":"EB:6B:52:98:E5:B0:CA:A9:F4:63:C7:8E:59:8E:6D:FC:AA:B9:90:B7","sha256":"05:40:C5:36:2E:62:5C:4A:3F:E1:1A:F7:DA:C5:5B:0F:02:8B:BE:79:C2:92:21:8C:52:78:FB:BE:03:EA:D1:AD"}}},"request":{"raw":"GET /consent/018dd03c-1e82-70b0-a52c-1aa6ee0a1b53/018dd03c-1e82-70b0-a52c-1aa6ee0a1b53.json HTTP/1.1\r\nHost: cdn-apac.onetrust.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.nikke-eu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 16 Nov 2025 05:32:18 GMT\r\ncontent-type: application/x-javascript\r\nserver: cloudflare\r\ncf-ray: 99f49b67288b35a6-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 38550\r\ncache-control: public, max-age=86400\r\ncontent-encoding: gzip\r\netag: 0x8DD3B8C2B9568DD\r\nlast-modified: Thu, 23 Jan 2025 08:58:56 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,ETag,Last-Modified,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding, X-OneTrust-IsBot\r\ncontent-md5: v6CR9+XoRkTy1/0D+kug6g==\r\nx-ms-blob-type: BlockBlob\r\nx-ms-lease-status: unlocked\r\nx-ms-request-id: e57a46fc-f01e-000f-73b1-f2ef66000000\r\nx-ms-version: 2009-09-19\r\nx-onetrust-isbot: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4149,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JSON text data","md5":"c033c368eade32dc4f478260f0e3e57c","sha1":"6ac0802aeeb355148c11ea61e42b177aed8b4dd1","sha256":"0c62cbb7af8e78a3c9a1eb54423491fa6919763eeeab9953379f466817b1797b","sha512":"1ba425756da9cdb5d7fa9ce61b23e8b7cf0e1ecbfb32c55c3050a4248d8823caa750d97940fa612ea42f56bf5f18382219ebaaa752f661715b6c70ea2291d76f","ssdeep":"96:npyIYY40wt+uhCdpUVKGa6Ayb1NjwGij+tujzjSZZ2aQ84:FaI+CdpZ6vpVwxZnKNB4","tlshash":"b381412a774c913dcb8a83c5d859fd0ccbee393616c57824c84f4c6806a7bb32896627","first_seen":"2025-11-05T17:06:59.793666Z","last_seen":"2025-11-18T23:33:55.768002Z","times_seen":37,"resource_available":false,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":46,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sg-act.playerinfinite.com/api/system/get_server_timestamp_and_update?t=1763271138435","fqdn":"sg-act.playerinfinite.com","domain":"playerinfinite.com","tld":"com"},"ip":{"addr":"43.134.152.232","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:18.446Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.playerinfinite.com","organization":"PROXIMA BETA PTE. LIMITED"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 16 Jun 2025 00:00:00 GMT","end":"Mon, 15 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:E7:1F:F5:AE:3C:B7:87:C6:B4:16:8A:44:C2:36:33:62:2C:8F:B3","sha256":"2A:E9:FF:31:20:68:39:73:71:6D:3D:92:50:E4:5A:6C:84:DB:96:95:1E:AC:F4:0E:CB:8C:93:CF:43:86:F5:FE"}}},"request":{"raw":"GET /api/system/get_server_timestamp_and_update?t=1763271138435 HTTP/1.1\r\nHost: sg-act.playerinfinite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 16 Nov 2025 05:32:19 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 306\r\nstrict-transport-security: max-age=15724800; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":306,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"94b87eee76912be08f6ea8dc75db8263","sha1":"0a376dbc82a3b68b278faadc3f816e207de57984","sha256":"c3ad293e64d79a3a9b1852c2ba4d62c1120e14fde3633cdbd862f4cb27c64c67","sha512":"e2e06985bc8a14e7b4b5ef12c910bac4603ae87df745fbe8ccea62988342b9feffb8f4232d60a4fba2674868d3e4107f4132db85d0df8d32bccf1612c1635fd3","ssdeep":"","tlshash":"5ee0c2a0ba6a58f6ec3301784b2633020b05b3670ec3682042035ac37bc3c57ca3f5a8","first_seen":"2025-11-16T05:32:51.463438Z","last_seen":"2025-11-16T05:32:51.463438Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1662,"timings":{"blocked":741,"dns":39,"connect":176,"send":0,"wait":180,"receive":0,"ssl":522},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn-apac.onetrust.com/scripttemplates/202409.2.0/otBannerSdk.js","fqdn":"cdn-apac.onetrust.com","domain":"onetrust.com","tld":"com"},"ip":{"addr":"104.18.32.137","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:18.668Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"onetrust.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 01:43:25 GMT","end":"Wed, 11 Feb 2026 02:43:23 GMT"},"fingerprint":{"sha1":"EB:6B:52:98:E5:B0:CA:A9:F4:63:C7:8E:59:8E:6D:FC:AA:B9:90:B7","sha256":"05:40:C5:36:2E:62:5C:4A:3F:E1:1A:F7:DA:C5:5B:0F:02:8B:BE:79:C2:92:21:8C:52:78:FB:BE:03:EA:D1:AD"}}},"request":{"raw":"GET /scripttemplates/202409.2.0/otBannerSdk.js HTTP/1.1\r\nHost: cdn-apac.onetrust.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 16 Nov 2025 05:32:18 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 114325\r\ncf-ray: 99f49b6899b835a6-OSL\r\ncontent-encoding: gzip\r\ncontent-md5: EYTvawVeoF2EX9oFJA4mjQ==\r\nlast-modified: Thu, 28 Nov 2024 09:49:01 GMT\r\netag: 0x8DD0F91E3813D9A\r\nx-ms-request-id: 41e5f156-601e-006f-281c-f193f9000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,ETag,Last-Modified,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\ncf-cache-status: HIT\r\nage: 42319\r\nexpires: Mon, 17 Nov 2025 05:32:18 GMT\r\ncache-control: public, max-age=86400\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":472088,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"69bd14c7ec0bb23da2dfa38cc1a940aa","sha1":"ea33f2da4a5d389fd07b4162b21b867f6cd3000b","sha256":"d20357455b511ce933ce8d435007781a67ad2c01453af9b88f79e57e14476add","sha512":"d8d49b051ba4fdcca1cc0b72c67dc0e4e88b242024f60f0282e314516d99429121f36bace74594a852fe0e64e0903c7f4119b9f6ebdd5da8e4021f488bef1ae4","ssdeep":"6144:qIfzrfx/KzE7q/s0jvzW2AHCfdIiubTxfPvqAo96V/7jeF:qufx/KzE7q/orTx4961Y","tlshash":"dfa4088d75a0753547e752b8c02b114aba3574adac95806cb40cc5f90ff9f821aa3fbb","first_seen":"2024-11-28T10:15:36.955915Z","last_seen":"2026-04-04T01:01:39.178912Z","times_seen":1470,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rumt-sg.com/collect?id=dWmboSvoOJ09Wa7ZwW\u0026uin=\u0026version=1.37.4\u0026aid=6bfd39ea-7aa2-409a-9923-32f587048567\u0026env=production\u0026platform=3\u0026netType=100\u0026vp=0%20*%200\u0026sr=1280%20*%201024\u0026sessionId=session-1763271139022\u0026from=https%3A%2F%2Fwww.nikke-eu.com%2Fact%2Fwand%2Fpc-download%2Findex.html%3Fcampaign%3Dpwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU%26campaignid%3DEU%26ad_group%3D3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3%26spend%3D8.0%26clickid%3D23297e6b208c4f40b67b6623522aa70a%26action_type%3Dclick%26uanetwork%3Dpwngames%26lang_type%3Den\u0026referer=","fqdn":"rumt-sg.com","domain":"rumt-sg.com","tld":"com"},"ip":{"addr":"43.156.86.55","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:20.610Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rumt-sg.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Fri, 03 Jan 2025 00:00:00 GMT","end":"Tue, 03 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B3:A2:75:8F:A9:60:48:97:57:63:D7:37:E1:55:58:7E:91:C7:B2:AA","sha256":"99:16:99:A9:EF:66:CA:0E:C4:8A:94:C3:5B:1C:F4:58:C1:D9:54:FE:E8:60:E2:8A:C7:CD:9F:C9:0D:7E:98:23"}}},"request":{"raw":"POST /collect?id=dWmboSvoOJ09Wa7ZwW\u0026uin=\u0026version=1.37.4\u0026aid=6bfd39ea-7aa2-409a-9923-32f587048567\u0026env=production\u0026platform=3\u0026netType=100\u0026vp=0%20*%200\u0026sr=1280%20*%201024\u0026sessionId=session-1763271139022\u0026from=https%3A%2F%2Fwww.nikke-eu.com%2Fact%2Fwand%2Fpc-download%2Findex.html%3Fcampaign%3Dpwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU%26campaignid%3DEU%26ad_group%3D3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3%26spend%3D8.0%26clickid%3D23297e6b208c4f40b67b6623522aa70a%26action_type%3Dclick%26uanetwork%3Dpwngames%26lang_type%3Den\u0026referer= HTTP/1.1\r\nHost: rumt-sg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 5465\r\nOrigin: https://www.nikke-eu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sun, 16 Nov 2025 05:32:20 GMT\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T06:46:00.057853Z","times_seen":13320224,"resource_available":true,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-16T05:32:10.876Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crichd.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:56:14 GMT","end":"Thu, 05 Feb 2026 05:53:57 GMT"},"fingerprint":{"sha1":"40:25:3E:9A:40:8E:95:C7:E1:D7:E0:E5:03:BD:16:64:DB:44:2E:46","sha256":"35:43:E1:EF:96:B6:B2:9D:09:40:04:F9:0B:26:FE:53:B4:89:D6:E1:4D:6E:4F:3C:5E:59:6B:8F:07:CA:23:1D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: m.crichd.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 307 Temporary Redirect\r\ndate: Sun, 16 Nov 2025 05:32:11 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nlocation: https://m.crichd.vip/web007\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=C%2B3f16rGXxZhVb6fTsINVsnow5ZfVDaZbdsBI%2B%2B4rTVkYowVGDFN%2BrvqgCWZVgP3xyK41UkuXYxg5Qi12Lb%2FFwK3M2wBQAORQg5EWw%3D%3D\"}]}\r\nx-powered-by: PHP/8.1.29\r\naccess-control-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\ncf-ray: 99f49b382bdd35a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:8.1.29","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":23895,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T06:46:00.057853Z","times_seen":13320224,"resource_available":true,"data":null}},"time_used":317,"timings":{"blocked":34,"dns":17,"connect":1,"send":0,"wait":249,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/assets/css/event.css","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.crichd.vip/web007","date":"2025-11-16T05:32:11.553Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crichd.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:56:14 GMT","end":"Thu, 05 Feb 2026 05:53:57 GMT"},"fingerprint":{"sha1":"40:25:3E:9A:40:8E:95:C7:E1:D7:E0:E5:03:BD:16:64:DB:44:2E:46","sha256":"35:43:E1:EF:96:B6:B2:9D:09:40:04:F9:0B:26:FE:53:B4:89:D6:E1:4D:6E:4F:3C:5E:59:6B:8F:07:CA:23:1D"}}},"request":{"raw":"GET /assets/css/event.css HTTP/1.1\r\nHost: m.crichd.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.crichd.vip/web007\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 05:32:11 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 11 Nov 2021 12:26:17 GMT\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Eit2JkOr0qtGHdoL%2Fm1mguXTl5ITBdrOFvgU%2FHMblNG4CWmWoumFfpm%2BEcVcR7G0c6Gc389bOBzdrLfa1LYQrQPcrye6Fz%2BjPh4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: \"618d0be9-291\"\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 1969\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: 99f49b3bf8c856c7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":657,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, ASCII text, with CRLF line terminators","md5":"99641bfb94d4b2031529cbb49d9e6cf0","sha1":"2944326ed372b0fa10c280aa72acd5f648adbb7c","sha256":"592bcb92c64f91c865b4ee56c600b564c064cf1331203bdd1e98b80b6143b793","sha512":"60664bb9d83453da7f63e7391cc388af3edbbee0010e2c37a34f122df90d7fe83c606fe22240eb4320756a977821d92a5eb52dbaf0855d39c6456e32c20cca86","ssdeep":"","tlshash":"a6019e6aedca318b6627e694f3306996df500026dd6f472d76d03534d2c44ac3631618","first_seen":"2024-08-20T04:07:07.202685Z","last_seen":"2026-02-08T14:16:08.283429Z","times_seen":12,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/assets/js/clock.js","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.crichd.vip/web007","date":"2025-11-16T05:32:11.552Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crichd.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:56:14 GMT","end":"Thu, 05 Feb 2026 05:53:57 GMT"},"fingerprint":{"sha1":"40:25:3E:9A:40:8E:95:C7:E1:D7:E0:E5:03:BD:16:64:DB:44:2E:46","sha256":"35:43:E1:EF:96:B6:B2:9D:09:40:04:F9:0B:26:FE:53:B4:89:D6:E1:4D:6E:4F:3C:5E:59:6B:8F:07:CA:23:1D"}}},"request":{"raw":"GET /assets/js/clock.js HTTP/1.1\r\nHost: m.crichd.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.crichd.vip/web007\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 05:32:11 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 13 Feb 2017 20:34:05 GMT\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pgf%2BLCWkcYLCUCby8L8axTnyI9rQcW2ps3gtmuU41Y6C37X00uMRfUc9Bl1GonhSAWZYkhF3sWSZBi626Hl3V2OoTzSWAEASeGo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: \"58a2183d-1916\"\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 1969\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: 99f49b3bf8c756c7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6422,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (325)","md5":"a78bb2d6cd3f653180a52a62e086dcc6","sha1":"8d998956e9cd9168dae06299c3efbe15464f011a","sha256":"3bea064b69ae87a61aa864667e7f31c9076a94c266b187ad2cd6be54f8327d41","sha512":"47b200c557b2a45eefb58665f6914f893b390d7ab11ed1575e026a4318077056d4ae613538378d117378bec2fa35adf8e8b8ecefcd62f216248ba470a6320118","ssdeep":"192:kqrEwm2MsCynBDClJUh1cVCV6yCrJKfRZiPT8i2uQVnwz+ZZ/:l4KglJUh1czrEay","tlshash":"71d1012855f221285f773269af3e425c36b4ebb7295cd8143c4e9a906f0083256f7bf9","first_seen":"2023-03-10T13:57:31Z","last_seen":"2026-03-28T10:20:45.470192Z","times_seen":42,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fleraprt.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f\u0026ruid=f9d6a553-2a79-4b39-8e07-c06f494f1822","fqdn":"fleraprt.com","domain":"fleraprt.com","tld":"com"},"ip":{"addr":"139.45.195.252","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://st.chatango.com/h5/gz/r1102251136/id.html","date":"2025-11-16T05:32:16.091Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fleraprt.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 11 Dec 2024 00:00:00 GMT","end":"Sun, 11 Jan 2026 23:59:59 GMT"},"fingerprint":{"sha1":"23:5D:23:03:7B:8D:47:5A:E9:9C:E7:E0:5C:7E:E6:4F:A2:DC:B6:D0","sha256":"9E:F7:13:45:55:C0:E9:09:A9:42:CC:D1:27:57:55:66:A1:63:5C:CB:EA:38:76:AA:6D:AB:5A:02:42:09:5D:46"}}},"request":{"raw":"POST /async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f\u0026ruid=f9d6a553-2a79-4b39-8e07-c06f494f1822 HTTP/1.1\r\nHost: fleraprt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 451\r\nOrigin: https://st.chatango.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://st.chatango.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.25.5\r\nDate: Sun, 16 Nov 2025 05:32:16 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: https://st.chatango.com\r\nAccess-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE\r\nAccess-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match\r\nAccess-Control-Allow-Credentials: true\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T06:46:00.057853Z","times_seen":13320224,"resource_available":true,"data":null}},"time_used":180,"timings":{"blocked":77,"dns":1,"connect":26,"send":0,"wait":26,"receive":0,"ssl":46},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.popin.cc/test/popin_send_cookie_set_fail.js?20201223","fqdn":"api.popin.cc","domain":"popin.cc","tld":"cc"},"ip":{"addr":"119.63.193.220","port":443,"asn":38627,"as":"Baidu, Inc.","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:21.847Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.popin.cc","organization":"popIn Inc."},"issuer":{"commonName":"DigiCert Secure Site Pro G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 25 Sep 2025 00:00:00 GMT","end":"Mon, 26 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5B:66:38:53:B4:EB:8A:03:D2:53:C1:B8:40:BD:83:76:E3:03:91:6E","sha256":"98:FB:02:24:15:CB:C2:2D:9F:D5:47:A7:0B:8D:E9:89:7C:FA:F3:93:C9:E6:03:F7:12:F1:A9:C3:A0:B0:48:66"}}},"request":{"raw":"GET /test/popin_send_cookie_set_fail.js?20201223 HTTP/1.1\r\nHost: api.popin.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nCookie: __mguid_=118684527f16936d27twfn00mi1a40fk\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 16 Nov 2025 05:32:22 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nLast-Modified: Mon, 11 Oct 2021 03:29:29 GMT\r\nETag: W/\"27aab2e5fb58e044704790074416e410\"\r\nx-amz-version-id: NVPBtcLlaQ0R5YVGUD48RBS0d2V00MrK\r\nExpires: Sun, 16 Nov 2025 06:32:22 GMT\r\nCache-Control: max-age=3600\r\nCross-Origin-Resource-Policy: cross-origin\r\nTiming-Allow-Origin: *\r\nX-Cache-Status: HIT from 10.252.55.25\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14179,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1877)","md5":"27aab2e5fb58e044704790074416e410","sha1":"f0cc679ecda85a5ba90d7a55b77d63e3c87a4361","sha256":"5cd346875d100956f33b228c65b2eea3e958621a4d906b95c612c0c0c617a2d7","sha512":"4b63cdf29b8f32926e0b5c227865ff49ef494a12f2fd7c276e698bbf62d1376b99d51aa32aa5c446de0abf3d3094fc276f5f7f67c1372bba4a4719680d2a7d22","ssdeep":"192:qN+5GUoxcdhKVdi4YvIxwjtZt2DedNAbfIMqddMs4Y3Up79+Yg5bSRCMyY01Ayi4:qN+5RoxcmVdi4YvIxwjtZkcSyB","tlshash":"a552535c38eb60a85957306a0bef521032215517694cee107e1ce3d07fa9e3e56fabf8","first_seen":"2023-03-07T23:33:47Z","last_seen":"2026-04-04T04:32:38.949724Z","times_seen":274,"resource_available":true,"data":null}},"time_used":1467,"timings":{"blocked":713,"dns":0,"connect":0,"send":0,"wait":248,"receive":0,"ssl":506},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sg-nikke.playerinfinite.com/act/wand/f8f4a023-7a05-4df3-9def-ae84e394eb67.webp","fqdn":"sg-nikke.playerinfinite.com","domain":"playerinfinite.com","tld":"com"},"ip":{"addr":"101.33.11.223","port":443,"asn":139341,"as":"ACE","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:23.163Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.playerinfinite.com","organization":"PROXIMA BETA PTE. LIMITED"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 16 Jun 2025 00:00:00 GMT","end":"Mon, 15 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:E7:1F:F5:AE:3C:B7:87:C6:B4:16:8A:44:C2:36:33:62:2C:8F:B3","sha256":"2A:E9:FF:31:20:68:39:73:71:6D:3D:92:50:E4:5A:6C:84:DB:96:95:1E:AC:F4:0E:CB:8C:93:CF:43:86:F5:FE"}}},"request":{"raw":"GET /act/wand/f8f4a023-7a05-4df3-9def-ae84e394eb67.webp HTTP/1.1\r\nHost: sg-nikke.playerinfinite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 31 Oct 2025 01:45:31 GMT\r\nEtag: \"23f02b84a434370719920c98740fe4a1\"\r\nContent-Type: image/webp\r\nContent-Length: 138586\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 4736953376040117673\r\nConnection: keep-alive\r\nServer: lego_ovs_video\r\nDate: Sun, 16 Nov 2025 05:32:23 GMT\r\nX-Cache-Lookup: Cache Hit\r\nCache-Control: max-age=604800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":138586,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"23f02b84a434370719920c98740fe4a1","sha1":"ce7dd8336653cdba0e5f2910dbd3ca24584e0a1a","sha256":"e8130f56c00d6edb957a4e8cf36f868d26d68a1085cc981bbaa78dcbad45ce95","sha512":"804e96de940c4e90407f92902b662691c6d4de813a6922b44bb8e6544d3cbed4489a5b941a7df518c956541c0144ae6ce22ddb773955d850e858942e8bebdf93","ssdeep":"3072:7x4QIlufNV8GZhZJz/m4luXR5/B1D9x7ENCKj3Ql/Q:71NVV8GHs11D9GN3j3QxQ","tlshash":"67d312b509ff0ad2c77a91fbcc982c65b968c3e1147e7a51871b4b850f82a6f50724b3","first_seen":"2025-11-06T11:00:44.104128Z","last_seen":"2026-03-05T07:34:47.211125Z","times_seen":19,"resource_available":false,"data":null}},"time_used":63,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":41,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bvtpk.com/tag.min.js","fqdn":"bvtpk.com","domain":"bvtpk.com","tld":"com"},"ip":{"addr":"104.21.5.190","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://st.chatango.com/h5/gz/r1102251136/id.html","date":"2025-11-16T05:32:14.981Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bvtpk.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 20:07:09 GMT","end":"Thu, 05 Feb 2026 21:05:30 GMT"},"fingerprint":{"sha1":"D2:20:C9:EE:4B:2D:3A:82:43:E2:14:9E:C3:25:30:01:9F:8F:BB:C3","sha256":"D2:57:0B:6C:75:32:2D:6D:C0:F7:1B:32:FC:56:BA:06:7F:64:4B:FC:95:E2:29:A1:4F:59:5C:DD:D3:8D:37:7B"}}},"request":{"raw":"GET /tag.min.js HTTP/1.1\r\nHost: bvtpk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://st.chatango.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 16 Nov 2025 05:32:14 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-trace-id: a30d8f2db3f6ceb06e9badeb7a10cff9\r\ncache-control: public, max-age=600, s-maxage=1800\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 1747\r\ncf-cache-status: HIT\r\nlast-modified: Sun, 16 Nov 2025 05:03:07 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2B%2BO4MTbTYbSdUfGzFXpzLMxuDDlpdMUPkSWI6v754VmIZ0QLeB3ltvycZRYXwJUYQYnAKVreV6SUhhiDHpc1ijdT8CmK4Zk%3D\"}]}\r\ncf-ray: 99f49b51bab756bb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":110117,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"8d409bb8252946da915249ad352db9f6","sha1":"0c0f558a0a0cf38af00c0eaf7fe5bc3144d62df6","sha256":"ff07cde64d33de8f91499307fd7aabad820a752eadc98d60d07485d09d554ff1","sha512":"b762bd08a1392d17ad4b80388f8a66bb0fdfd05e14cffd85503022b42c846788f84dc0e695c2759e9f76805003623ca32a30b85c84e343f0c9f6362f717bd3d5","ssdeep":"3072:e2+gQaEJ1XvWwmUNYj0S0BE33B1HxB+E8v:3+DdXvWwmUiYS0C3x1HGZ","tlshash":"48b319da22666459126f402405abec0d75ae8c81048dcd78e0e5fc762d78f26e3f7be9","first_seen":"2025-11-14T11:39:37.377497Z","last_seen":"2025-11-17T08:56:43.657932Z","times_seen":63,"resource_available":true,"data":null}},"time_used":48,"timings":{"blocked":20,"dns":1,"connect":1,"send":0,"wait":6,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.nikke-eu.com/act/wand/pc-download/data/merged/data_1761909514536_0.json","fqdn":"www.nikke-eu.com","domain":"nikke-eu.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:20.179Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"nikke-eu.com","organization":"PROXIMA BETA PTE. LIMITED"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 17 Feb 2025 00:00:00 GMT","end":"Wed, 18 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4E:FB:88:CA:40:A1:31:87:4F:97:97:6A:22:B0:FF:2E:E1:05:F8:34","sha256":"28:C3:99:73:D6:D0:D3:D2:B1:57:C9:C7:66:61:2B:DF:2A:BE:F0:2F:14:6A:2E:77:E8:42:65:3C:DA:8A:EE:C0"}}},"request":{"raw":"GET /act/wand/pc-download/data/merged/data_1761909514536_0.json HTTP/1.1\r\nHost: www.nikke-eu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 31 Oct 2025 11:19:03 GMT\r\nContent-Encoding: gzip\r\nEtag: \"47c4e6b48720e87c8c9dd4f99b2d4bc5\"\r\nContent-Type: application/json\r\nDate: Fri, 31 Oct 2025 11:22:38 GMT\r\nServer: tencent-cos\r\nx-cos-hash-crc64ecma: 18143998328883630314\r\nx-cos-request-id: NjkwNDliZmVfZjE4YzdjMWVfMWE2YjdfMWQ5NTY4OTI=\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cosindex-replication-status: Complete\r\nContent-Length: 21812\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 13298771036842582301\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":123523,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"0845d64d6088adc08f52c7313460e4f9","sha1":"aa543853446c52dfc800258e9c84f34867a84a38","sha256":"a9c70577c213a21350390510b98c7660e8c23b4ca8ac6d086a8baa6c4788020e","sha512":"ad3dbf857d5905426e89a56af1bef051854d9e40c5c1a1b3e1c07d9ae0fcd5d66b1be8c9c1b6fdc221a3da05638cbbeedef3e9bd2d1eb6eb90b2ae34bfd484a2","ssdeep":"3072:m9o6v7NQBjL/QvfY73FTitOYAcl7g1SJ9QdXlhgMBFH:e7NQBjSgFTFYp7W7d1hgMT","tlshash":"bbc3c717113ade3d92ce57cbd04f5e8738ee10a6f2cd2624ea1edf1861ca7ac2311695","first_seen":"2025-11-06T11:00:44.088306Z","last_seen":"2025-11-18T23:33:55.838081Z","times_seen":16,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trace.popin.cc/ju/cs/eplist?acid=\u0026gdpr_consent=\u0026gdpr=0\u0026dm=https%253A%252F%252Fwww.nikke-eu.com\u0026mcb=mmgg_1763271140752_915","fqdn":"trace.popin.cc","domain":"popin.cc","tld":"cc"},"ip":{"addr":"35.213.89.133","port":443,"asn":15169,"as":"GOOGLE","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:20.763Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trace.popin.cc","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Sat, 08 Nov 2025 17:04:06 GMT","end":"Fri, 06 Feb 2026 17:59:01 GMT"},"fingerprint":{"sha1":"29:A2:44:E3:CA:AA:A0:77:AC:D3:9D:7A:6C:B4:F8:89:E9:9F:78:6E","sha256":"47:2F:04:5B:90:7C:9E:1D:ED:CD:76:6F:44:30:B4:7D:A1:8C:C6:FB:4F:F9:AA:96:50:7B:E6:9E:B1:68:5E:B2"}}},"request":{"raw":"GET /ju/cs/eplist?acid=\u0026gdpr_consent=\u0026gdpr=0\u0026dm=https%253A%252F%252Fwww.nikke-eu.com\u0026mcb=mmgg_1763271140752_915 HTTP/1.1\r\nHost: trace.popin.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nCookie: dv0qai26lg6v2y6kl7yyc36brextdhvlkauebxm5=f8e6g75xr3i; dv0qai26lg6v2y6kl7yyc36brextdcrccz011kp7=ob8zdcm5a3f; dv0qai26lg6v2y6kl7yyc36brextd55y7alon8dt=zczz1i7bbk\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: https%3A%2F%2Fwww.nikke-eu.com\r\ncontent-length: 44\r\ncontent-type: application/javascript; charset=utf-8\r\nset-cookie: __mguid_=118684527f16936d27twfn00mi1a40fk; Path=/; Domain=popin.cc; Max-Age=31536000; Secure; SameSite=None\r\ndate: Sun, 16 Nov 2025 05:32:21 GMT\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":44,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"d398483ad61dc7f0d9d3b6a8aac0797e","sha1":"2b875c3af4dbb5d96afb6646ff64afd009593548","sha256":"edb320a5dd4c7f0a623e9b0ec7b9e5d4d0efd92df7bb19203255a5cb8eee0404","sha512":"510d0f41190cc75f069aa288ea39e0e88cd6fe240b05f9822566291fba5dadadac42b439cec26a18a155308936ef65d85cf960e11648f4dda3f8ba27ce1cc8cb","ssdeep":"","tlshash":"21900220194995190485806b62111950bb15a0591315711500a8684581c412e1c18451","first_seen":"2025-11-16T05:32:51.473828Z","last_seen":"2025-11-16T05:32:51.473828Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1542,"timings":{"blocked":740,"dns":0,"connect":0,"send":0,"wait":306,"receive":1,"ssl":495},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.popin.cc/iframe/piuid.html?ac=piuid\u0026t=15009898","fqdn":"api.popin.cc","domain":"popin.cc","tld":"cc"},"ip":{"addr":"119.63.193.220","port":443,"asn":38627,"as":"Baidu, Inc.","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:21.803Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.popin.cc","organization":"popIn Inc."},"issuer":{"commonName":"DigiCert Secure Site Pro G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 25 Sep 2025 00:00:00 GMT","end":"Mon, 26 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5B:66:38:53:B4:EB:8A:03:D2:53:C1:B8:40:BD:83:76:E3:03:91:6E","sha256":"98:FB:02:24:15:CB:C2:2D:9F:D5:47:A7:0B:8D:E9:89:7C:FA:F3:93:C9:E6:03:F7:12:F1:A9:C3:A0:B0:48:66"}}},"request":{"raw":"GET /iframe/piuid.html?ac=piuid\u0026t=15009898 HTTP/1.1\r\nHost: api.popin.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nCookie: __mguid_=118684526ee4717e2kxrj000mi1a40cm\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 16 Nov 2025 05:32:22 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nLast-Modified: Wed, 29 May 2024 06:54:13 GMT\r\nETag: W/\"c17f066359f593f794b149275f009550\"\r\nx-amz-server-side-encryption: AES256\r\nExpires: Sun, 16 Nov 2025 06:32:22 GMT\r\nCache-Control: max-age=3600\r\nCross-Origin-Resource-Policy: cross-origin\r\nTiming-Allow-Origin: *\r\nX-Cache-Status: HIT from 10.252.55.25\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6586,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (1601)","md5":"c17f066359f593f794b149275f009550","sha1":"27a13bed7886ef1b2b9466e25f5d5c189688a612","sha256":"08cf6f98acab1c3287d1e3934b505e1a8bad881d04ba85f74a29e85de9c419c8","sha512":"449fc769c18104cdd8cd9263ddacbe7501e8f301ec39310b9fd8333df37a9082f87674ab7ccce24b59a5c31eb1fb49258ed53ea0cacad146b3f409e88f55dc7a","ssdeep":"192:DO3772UeD/DOVxZUI34tE1uDHrAFxSoF/fe+:DOLilO714tEQwTSm","tlshash":"29d1115c39f7648a4497607847afe3126131c643478cc848fd5de3206f9c90a59ebfe6","first_seen":"2024-07-08T10:52:02Z","last_seen":"2026-03-29T15:21:16.400754Z","times_seen":81,"resource_available":false,"data":null}},"time_used":1948,"timings":{"blocked":860,"dns":1,"connect":272,"send":0,"wait":269,"receive":0,"ssl":543},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sg-nikke.playerinfinite.com/act/wand/10677524-4132-49b7-8aeb-e5d124eba8d6.webp","fqdn":"sg-nikke.playerinfinite.com","domain":"playerinfinite.com","tld":"com"},"ip":{"addr":"101.33.11.223","port":443,"asn":139341,"as":"ACE","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:23.159Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.playerinfinite.com","organization":"PROXIMA BETA PTE. LIMITED"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 16 Jun 2025 00:00:00 GMT","end":"Mon, 15 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:E7:1F:F5:AE:3C:B7:87:C6:B4:16:8A:44:C2:36:33:62:2C:8F:B3","sha256":"2A:E9:FF:31:20:68:39:73:71:6D:3D:92:50:E4:5A:6C:84:DB:96:95:1E:AC:F4:0E:CB:8C:93:CF:43:86:F5:FE"}}},"request":{"raw":"GET /act/wand/10677524-4132-49b7-8aeb-e5d124eba8d6.webp HTTP/1.1\r\nHost: sg-nikke.playerinfinite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 31 Oct 2025 01:42:52 GMT\r\nEtag: \"4d71507c018b030c6b4f0fb02993c812\"\r\nContent-Type: image/webp\r\nContent-Length: 6458\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 5971185619149202483\r\nConnection: keep-alive\r\nServer: lego_ovs_video\r\nDate: Sun, 16 Nov 2025 05:32:23 GMT\r\nX-Cache-Lookup: Cache Hit\r\nCache-Control: max-age=604800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6458,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"4d71507c018b030c6b4f0fb02993c812","sha1":"9a7930d150aa14233eaaf15f7370e546a4004877","sha256":"4fa30c25c5b8cd8e8186dd058fefb6cb0f03510584a951cd37a80d35e9b89d9d","sha512":"d29eb22c76b891b096a4714e9d0dcd7473f333d56286b95f84f5580fea9ac2250ef8e06a6434a5508271bab13bca7a2323b224c3dd650a9c554600e9668e6a39","ssdeep":"96:udPVYudwhuxBL+ZfTfI3TulZTDqQ+7F3GcqQSib2DEZmlCCflRxS/Lwv97o:uX/w8TL+ZfTfOthcUyDoyCCfBhlo","tlshash":"dbd19e8769a6e288f72f8aa325207d09532f841c119e8989306fb953d71d3d05177b60","first_seen":"2025-11-06T11:00:44.100564Z","last_seen":"2026-03-05T07:34:47.162877Z","times_seen":19,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"naupsithizeekee.com/tag.min.js","fqdn":"naupsithizeekee.com","domain":"naupsithizeekee.com","tld":"com"},"ip":{"addr":"172.67.181.252","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.crichd.vip/web007","date":"2025-11-16T05:32:11.856Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"naupsithizeekee.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 1","organization":"CLOUDFLARE, INC."},"validity":{"start":"Tue, 23 Sep 2025 02:12:42 GMT","end":"Mon, 22 Dec 2025 02:00:03 GMT"},"fingerprint":{"sha1":"51:FF:94:A1:97:54:16:7A:C0:23:E4:97:B2:A4:C5:C1:F4:23:53:A8","sha256":"7E:27:7E:09:DB:B2:34:E2:82:46:6F:C6:B4:47:05:67:5A:F9:3C:E4:0C:91:C4:B3:4D:D3:4B:A8:88:C3:89:28"}}},"request":{"raw":"GET /tag.min.js HTTP/1.1\r\nHost: naupsithizeekee.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.crichd.vip/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 16 Nov 2025 05:32:11 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-trace-id: be05ab317e52ced33cfc6a086788854b\r\ncache-control: public, max-age=14400, s-maxage=1800\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *, *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: gzip\r\nage: 1729\r\ncf-cache-status: HIT\r\nlast-modified: Sun, 16 Nov 2025 05:03:22 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Hb91PN0fQEg3MkyFYdjJymGx8ra0d6Cz6Uy3xSrVnsskFw0iJKhOGYw4SG8k79d1%2BDmaubmYtIizSnOs1Ci3IUEjZfomCBoDmyHkW8%2FZvnErBsI%3D\"}]}\r\ncf-ray: 99f49b3e3a3fc272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":110117,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"8d409bb8252946da915249ad352db9f6","sha1":"0c0f558a0a0cf38af00c0eaf7fe5bc3144d62df6","sha256":"ff07cde64d33de8f91499307fd7aabad820a752eadc98d60d07485d09d554ff1","sha512":"b762bd08a1392d17ad4b80388f8a66bb0fdfd05e14cffd85503022b42c846788f84dc0e695c2759e9f76805003623ca32a30b85c84e343f0c9f6362f717bd3d5","ssdeep":"3072:e2+gQaEJ1XvWwmUNYj0S0BE33B1HxB+E8v:3+DdXvWwmUiYS0C3x1HGZ","tlshash":"48b319da22666459126f402405abec0d75ae8c81048dcd78e0e5fc762d78f26e3f7be9","first_seen":"2025-11-14T11:39:37.377497Z","last_seen":"2025-11-17T08:56:43.657932Z","times_seen":63,"resource_available":true,"data":null}},"time_used":58,"timings":{"blocked":24,"dns":8,"connect":1,"send":0,"wait":8,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"naupsithizeekee.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"st.chatango.com/js/gz/r1102251136/RklModule.js","fqdn":"st.chatango.com","domain":"chatango.com","tld":"com"},"ip":{"addr":"208.93.230.18","port":443,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://st.chatango.com/h5/gz/r1102251136/id.html","date":"2025-11-16T05:32:14.798Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.chatango.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 15 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:69:E1:D0:F3:D1:74:D0:DA:D5:22:F8:D3:1E:06:08:AD:10:C4:11","sha256":"09:28:F7:57:15:FC:10:13:9B:36:F1:1C:C5:1D:EE:8C:45:0E:F5:7B:37:E3:7C:84:D3:8B:89:EE:9E:19:0E:20"}}},"request":{"raw":"GET /js/gz/r1102251136/RklModule.js HTTP/1.1\r\nHost: st.chatango.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://st.chatango.com/h5/gz/r1102251136/id.html\r\nCookie: session_id=5651987607810559\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 16 Nov 2025 05:32:14 GMT\r\nContent-Type: application/x-javascript\r\nContent-Length: 945\r\nLast-Modified: Sun, 02 Nov 2025 19:40:21 GMT\r\nConnection: keep-alive\r\nETag: \"6907b3a5-3b1\"\r\nExpires: Mon, 16 Nov 2026 05:32:14 GMT\r\nCache-Control: max-age=31536000\r\nContent-Encoding: gzip\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2535,"size_decoded":0,"mime_type":"application/x-javascript","magic":"ASCII text, with very long lines (542)","md5":"0a7710b415fd244428c024f9ccc79208","sha1":"d55efe015300c476336b65134b465a4d23401125","sha256":"d714a24fa093cc13d9dbc517838f164ab87d25e344769975dea50bc1f7688ad3","sha512":"23eb4d2892824eb703c28f14cadda1daff9ac4786333ecf16a4422789e53061b56a261729178361b7f44bb2ba4ffef9e5b00dbbd0baa393ae425a2b35259fa5a","ssdeep":"","tlshash":"3a51ac3f1674213ae85824c7ec75eacc6ea0306ae79388a8e58dddddf21cd911972431","first_seen":"2025-10-03T18:05:07.079546Z","last_seen":"2025-12-06T18:55:12.086224Z","times_seen":118,"resource_available":true,"data":null}},"time_used":166,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":166,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f\u0026ruid=f9d6a553-2a79-4b39-8e07-c06f494f1822","fqdn":"fleraprt.com","domain":"fleraprt.com","tld":"com"},"ip":{"addr":"139.45.195.252","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://st.chatango.com/h5/gz/r1102251136/id.html","date":"2025-11-16T05:32:16.082Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fleraprt.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 11 Dec 2024 00:00:00 GMT","end":"Sun, 11 Jan 2026 23:59:59 GMT"},"fingerprint":{"sha1":"23:5D:23:03:7B:8D:47:5A:E9:9C:E7:E0:5C:7E:E6:4F:A2:DC:B6:D0","sha256":"9E:F7:13:45:55:C0:E9:09:A9:42:CC:D1:27:57:55:66:A1:63:5C:CB:EA:38:76:AA:6D:AB:5A:02:42:09:5D:46"}}},"request":{"raw":"POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f\u0026ruid=f9d6a553-2a79-4b39-8e07-c06f494f1822 HTTP/1.1\r\nHost: fleraprt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1442\r\nOrigin: https://st.chatango.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://st.chatango.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.25.5\r\nDate: Sun, 16 Nov 2025 05:32:16 GMT\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 12\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: https://st.chatango.com\r\nAccess-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE\r\nAccess-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match\r\nAccess-Control-Allow-Credentials: true\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"adb4650bfc9d2a73d4dd69583b0ceb14","sha1":"1ce399d6e936232aaf2192cd7903a279c5015f22","sha256":"21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed","sha512":"3fbce22572bbed1aada0f7c6706f16a97e7c0ea132dfee1a7eb80f5e68da1cc63c891a5bc3ea8e87f0c97be3002212a0efbb2af9553acb45e0d447a685cd805b","ssdeep":"","tlshash":"436000000c3000000cc00c0000c00030ff300f00000f00c0000c00f003030c0c00c000","first_seen":"2023-04-05T07:30:31Z","last_seen":"2026-04-04T05:52:39.374236Z","times_seen":55974,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":101,"dns":10,"connect":26,"send":0,"wait":27,"receive":0,"ssl":63},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn-apac.onetrust.com/consent/018dd03c-1e82-70b0-a52c-1aa6ee0a1b53/OtAutoBlock.js","fqdn":"cdn-apac.onetrust.com","domain":"onetrust.com","tld":"com"},"ip":{"addr":"104.18.32.137","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:18.293Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"onetrust.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 01:43:25 GMT","end":"Wed, 11 Feb 2026 02:43:23 GMT"},"fingerprint":{"sha1":"EB:6B:52:98:E5:B0:CA:A9:F4:63:C7:8E:59:8E:6D:FC:AA:B9:90:B7","sha256":"05:40:C5:36:2E:62:5C:4A:3F:E1:1A:F7:DA:C5:5B:0F:02:8B:BE:79:C2:92:21:8C:52:78:FB:BE:03:EA:D1:AD"}}},"request":{"raw":"GET /consent/018dd03c-1e82-70b0-a52c-1aa6ee0a1b53/OtAutoBlock.js HTTP/1.1\r\nHost: cdn-apac.onetrust.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 16 Nov 2025 05:32:18 GMT\r\ncontent-type: application/x-javascript\r\nserver: cloudflare\r\ncf-ray: 99f49b666ff535a6-OSL\r\ncf-cache-status: HIT\r\naccess-control-allow-origin: *\r\nage: 33483\r\ncache-control: public, max-age=86400\r\ncontent-encoding: gzip\r\netag: 0x8DD3B8C2C13AE5C\r\nlast-modified: Thu, 23 Jan 2025 08:58:57 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: accept-encoding\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,ETag,Last-Modified,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding, X-OneTrust-IsBot\r\ncontent-md5: VnwksBPMY19xiSuYuAvKYQ==\r\nx-ms-blob-type: BlockBlob\r\nx-ms-lease-status: unlocked\r\nx-ms-request-id: a6b8e862-f01e-001f-7df7-482a0e000000\r\nx-ms-version: 2009-09-19\r\nx-onetrust-isbot: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4928,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (815)","md5":"d67c658f544ac29a65ceb27e782ce740","sha1":"909b2c0f0fae11bfbf13396617826e7beff3037a","sha256":"dc4be5536bd2ce7609cc980745a63ee1eb53317fdd29bae7e6f548846199ed8c","sha512":"6bd1592b3ee22ec829a59fda85df6a5e337d42444a41daaec6058e1a9138efcb9b3435a0b96bf3891fb1fc74c324226ac2dfcbf9d7003db78d8d440d279c1330","ssdeep":"96:1GInbH6vTKvmYDDaLVQ5rM6gPHDf//KQgG+vylylqftDg1ju1jai:kIn7+TKVDUQ1EHDf/jw6clqftDg1uGi","tlshash":"84a176fce7bc7bb12b4179a480db254ee53aa56291029ce0f048dd90787cf62147fa9d","first_seen":"2025-11-05T17:06:59.792877Z","last_seen":"2025-11-18T23:33:55.826922Z","times_seen":37,"resource_available":true,"data":null}},"time_used":74,"timings":{"blocked":22,"dns":4,"connect":1,"send":0,"wait":25,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.nikke-eu.com/act/wand/pc-download/vue_2.7.min.js","fqdn":"www.nikke-eu.com","domain":"nikke-eu.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:18.306Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"nikke-eu.com","organization":"PROXIMA BETA PTE. LIMITED"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 17 Feb 2025 00:00:00 GMT","end":"Wed, 18 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4E:FB:88:CA:40:A1:31:87:4F:97:97:6A:22:B0:FF:2E:E1:05:F8:34","sha256":"28:C3:99:73:D6:D0:D3:D2:B1:57:C9:C7:66:61:2B:DF:2A:BE:F0:2F:14:6A:2E:77:E8:42:65:3C:DA:8A:EE:C0"}}},"request":{"raw":"GET /act/wand/pc-download/vue_2.7.min.js HTTP/1.1\r\nHost: www.nikke-eu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Mon, 20 Oct 2025 08:30:34 GMT\r\nContent-Encoding: gzip\r\nEtag: \"7f8906c1a2320dd9108f0d40b74d8989\"\r\nContent-Type: application/javascript\r\nDate: Thu, 30 Oct 2025 13:17:05 GMT\r\nServer: tencent-cos\r\nx-cos-hash-crc64ecma: 13314458802335224650\r\nx-cos-request-id: NjkwMzY1NTFfZDc4YzdjMWVfMTM4ZmNfMWQyNmY4MGE=\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cosindex-replication-status: Complete\r\nContent-Length: 38419\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 17211197224394001188\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":107302,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65362)","md5":"7f8906c1a2320dd9108f0d40b74d8989","sha1":"4ba176b8609a5d83c23f8b83af4e1d2841cf2964","sha256":"d601f229247b261d18181988f7337b3f652165187f3c22a109821a50ea96a0f9","sha512":"04031f93bd158ea064048ca8f544d12e5dd3049dccd1ceaecb2d95314aeadfbd1b5acee47212cd37d8f55a2250bacf4900956a72b888517f39f493a6d762d6b7","ssdeep":"1536:lgU9/XtoO5ddrKYEuvm3X9pX8u4SQYfq7T1ApesyhcCtz0bA7:T/XmOAYEuuaYfq7TCplktz0bQ","tlshash":"dba3e8dc7296b47113eb20a1417f150bf33a6915a80ac5e0f223e4d67db8c8e916be7d","first_seen":"2023-03-08T15:15:50Z","last_seen":"2026-04-04T02:40:22.540011Z","times_seen":1393,"resource_available":true,"data":null}},"time_used":90,"timings":{"blocked":37,"dns":2,"connect":11,"send":0,"wait":10,"receive":1,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rumt-sg.com/collect/pv?from=https%3A%2F%2Fwww.nikke-eu.com%2Fact%2Fwand%2Fpc-download%2Findex.html%3Fcampaign%3Dpwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU%26campaignid%3DEU%26ad_group%3D3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3%26spend%3D8.0%26clickid%3D23297e6b208c4f40b67b6623522aa70a%26action_type%3Dclick%26uanetwork%3Dpwngames\u0026id=dWmboSvoOJ09Wa7ZwW\u0026uin=\u0026version=1.37.4\u0026aid=6bfd39ea-7aa2-409a-9923-32f587048567\u0026env=production\u0026platform=3\u0026netType=100\u0026vp=0%20*%200\u0026sr=1280%20*%201024\u0026sessionId=session-1763271139022\u0026referer=","fqdn":"rumt-sg.com","domain":"rumt-sg.com","tld":"com"},"ip":{"addr":"43.156.86.55","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:19.047Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rumt-sg.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Fri, 03 Jan 2025 00:00:00 GMT","end":"Tue, 03 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B3:A2:75:8F:A9:60:48:97:57:63:D7:37:E1:55:58:7E:91:C7:B2:AA","sha256":"99:16:99:A9:EF:66:CA:0E:C4:8A:94:C3:5B:1C:F4:58:C1:D9:54:FE:E8:60:E2:8A:C7:CD:9F:C9:0D:7E:98:23"}}},"request":{"raw":"GET /collect/pv?from=https%3A%2F%2Fwww.nikke-eu.com%2Fact%2Fwand%2Fpc-download%2Findex.html%3Fcampaign%3Dpwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU%26campaignid%3DEU%26ad_group%3D3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3%26spend%3D8.0%26clickid%3D23297e6b208c4f40b67b6623522aa70a%26action_type%3Dclick%26uanetwork%3Dpwngames\u0026id=dWmboSvoOJ09Wa7ZwW\u0026uin=\u0026version=1.37.4\u0026aid=6bfd39ea-7aa2-409a-9923-32f587048567\u0026env=production\u0026platform=3\u0026netType=100\u0026vp=0%20*%200\u0026sr=1280%20*%201024\u0026sessionId=session-1763271139022\u0026referer= HTTP/1.1\r\nHost: rumt-sg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.nikke-eu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sun, 16 Nov 2025 05:32:19 GMT\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T06:46:00.057853Z","times_seen":13320224,"resource_available":true,"data":null}},"time_used":1799,"timings":{"blocked":811,"dns":130,"connect":177,"send":0,"wait":178,"receive":0,"ssl":499},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/assets/uploads/channels/23.png","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.crichd.vip/web007","date":"2025-11-16T05:32:11.611Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crichd.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:56:14 GMT","end":"Thu, 05 Feb 2026 05:53:57 GMT"},"fingerprint":{"sha1":"40:25:3E:9A:40:8E:95:C7:E1:D7:E0:E5:03:BD:16:64:DB:44:2E:46","sha256":"35:43:E1:EF:96:B6:B2:9D:09:40:04:F9:0B:26:FE:53:B4:89:D6:E1:4D:6E:4F:3C:5E:59:6B:8F:07:CA:23:1D"}}},"request":{"raw":"GET /assets/uploads/channels/23.png HTTP/1.1\r\nHost: m.crichd.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.crichd.vip/web007\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 05:32:11 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 13 Feb 2017 20:51:31 GMT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Fw4cN%2F3zimqkmVs4Wn%2FwAu%2B2%2BViv98hK6ez%2Fnb%2BOsiAKe5%2FUT85Ly7VscnR7c3yXf6Uelw5x0Omx32f5qq%2BIFFj%2BETOB%2FRwMO5k%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: \"58a21c53-1486\"\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 1961\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: 99f49b3c18da56c7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5254,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 40, 8-bit/color RGBA, non-interlaced","md5":"a4748b170d2001d0b39ea0007cdd6a3f","sha1":"02eb9266a8bd6c2191e6465d885ee332ef1b2f3c","sha256":"91bd9878d2e5078c3c76b54d54355f7bcf6ba745ec18c2a60f7a412a5beca836","sha512":"fe5172975c4095d9f8cfceecbd36377a9bb8f9934c75517e0fc583fed6d3aca0372696cdead53b3985c0e4b8214913f3ec8f98ead280aba996a6a23c62e360d6","ssdeep":"96:YS9Hh+UuFeoyvy45SAb6wgJ8mqY+QHZZLGFy3adf/Klt7:YSX+advy45/btO0QHZgECf/s7","tlshash":"08b1af1d27b927b3a6bed407006ed46e086c5eeb764d258f91e45e843b0160f3b271b0","first_seen":"2023-05-26T18:24:13Z","last_seen":"2026-02-08T14:16:08.339036Z","times_seen":29,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/assets/images/logo-front.png?1100","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.crichd.vip/web007","date":"2025-11-16T05:32:11.554Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crichd.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:56:14 GMT","end":"Thu, 05 Feb 2026 05:53:57 GMT"},"fingerprint":{"sha1":"40:25:3E:9A:40:8E:95:C7:E1:D7:E0:E5:03:BD:16:64:DB:44:2E:46","sha256":"35:43:E1:EF:96:B6:B2:9D:09:40:04:F9:0B:26:FE:53:B4:89:D6:E1:4D:6E:4F:3C:5E:59:6B:8F:07:CA:23:1D"}}},"request":{"raw":"GET /assets/images/logo-front.png?1100 HTTP/1.1\r\nHost: m.crichd.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.crichd.vip/web007\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 05:32:11 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 15 Apr 2024 13:18:14 GMT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bMo8ImE7L8LoKkSS6L4Za9IUcG%2Fy9yFwS%2BBn6ZPd48I6BEcGWS7T4GjwW05pxSAAi7sFsl18Zaiq6nddgn3Qc%2BX1GGN7EdqTGxQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: \"661d2916-4162\"\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 1962\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: 99f49b3bf8c956c7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16738,"size_decoded":0,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image","md5":"a6089d7c11315380bd6c06b9c081e82c","sha1":"3064e23d589d58fe27599527f9453a617ebd712b","sha256":"51069db9478187d9bf64b3d412734d8878bb00df8ac2754f17a6d7a5e399133a","sha512":"2408fd4c2cba5edacb35b1bb4ef9c3106b1c697f97e2e216ea192749714bef88e96e33d6a4cc0d1f14cf30c0e04713350fcb10de0de49f559f864b34033d8c31","ssdeep":"384:Vu9p0dClXbdpyCyRkSUGCs7mEICq9jPP56OLszJwExNdT9NqJ:Vs7lXDyASjC3EIl56Kszis","tlshash":"0c72d142072f158dc2367b7c75a5b69297234b11023e793b22d7ac6c6bea245bc0c3c2","first_seen":"2024-08-20T04:07:07.291623Z","last_seen":"2026-02-08T14:16:08.308337Z","times_seen":9,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn-apac.onetrust.com/scripttemplates/202409.2.0/assets/otFlat.json","fqdn":"cdn-apac.onetrust.com","domain":"onetrust.com","tld":"com"},"ip":{"addr":"104.18.32.137","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:19.059Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"onetrust.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 01:43:25 GMT","end":"Wed, 11 Feb 2026 02:43:23 GMT"},"fingerprint":{"sha1":"EB:6B:52:98:E5:B0:CA:A9:F4:63:C7:8E:59:8E:6D:FC:AA:B9:90:B7","sha256":"05:40:C5:36:2E:62:5C:4A:3F:E1:1A:F7:DA:C5:5B:0F:02:8B:BE:79:C2:92:21:8C:52:78:FB:BE:03:EA:D1:AD"}}},"request":{"raw":"GET /scripttemplates/202409.2.0/assets/otFlat.json HTTP/1.1\r\nHost: cdn-apac.onetrust.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.nikke-eu.com/\r\nOrigin: https://www.nikke-eu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 16 Nov 2025 05:32:19 GMT\r\ncontent-type: application/json\r\ncontent-length: 3003\r\ncf-ray: 99f49b6b0c8b35a6-OSL\r\ncontent-encoding: gzip\r\ncontent-md5: KL0M7jDr39bOhstSUdPe1w==\r\nlast-modified: Thu, 28 Nov 2024 09:48:43 GMT\r\netag: 0x8DD0F91D88852E5\r\nx-ms-request-id: 8aa95a6f-501e-0080-6e60-4f660c000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,ETag,Last-Modified,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\nvary: accept-encoding\r\nage: 29755\r\nexpires: Mon, 17 Nov 2025 05:32:19 GMT\r\ncache-control: public, max-age=86400\r\ncf-cache-status: HIT\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13554,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"23e8424aa65b5cc6f0693ec20c2ceae0","sha1":"0f4f59077d295d0799b9b02c0da2076f7dd73960","sha256":"d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e","sha512":"9d649426db646bce98e4a3aab625cb1de12f2afae943adc7dd9c5b54740a7e14e20b826e6fa7812ca7add18e5a12b4feca99ff864c8bf29349e200b7a8641b48","ssdeep":"384:KIy0clDjbn42OXOw85csXf1NFyNg/OoH6iAHyPtJJAR:KIy5F/i","tlshash":"7152bb513e204b29e1efcb994882b5d835327d8bfe3399cd924da7b443ad2f50d22745","first_seen":"2024-06-28T23:53:54Z","last_seen":"2026-04-04T05:28:38.792265Z","times_seen":15884,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rumt-sg.com/collect?id=dWmboSvoOJ09Wa7ZwW\u0026uin=\u0026version=1.37.4\u0026aid=6bfd39ea-7aa2-409a-9923-32f587048567\u0026env=production\u0026platform=3\u0026netType=100\u0026vp=0%20*%200\u0026sr=1280%20*%201024\u0026sessionId=session-1763271139022\u0026from=https%3A%2F%2Fwww.nikke-eu.com%2Fact%2Fwand%2Fpc-download%2Findex.html%3Fcampaign%3Dpwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU%26campaignid%3DEU%26ad_group%3D3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3%26spend%3D8.0%26clickid%3D23297e6b208c4f40b67b6623522aa70a%26action_type%3Dclick%26uanetwork%3Dpwngames%26lang_type%3Den\u0026referer=","fqdn":"rumt-sg.com","domain":"rumt-sg.com","tld":"com"},"ip":{"addr":"43.156.86.55","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:21.493Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rumt-sg.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Fri, 03 Jan 2025 00:00:00 GMT","end":"Tue, 03 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B3:A2:75:8F:A9:60:48:97:57:63:D7:37:E1:55:58:7E:91:C7:B2:AA","sha256":"99:16:99:A9:EF:66:CA:0E:C4:8A:94:C3:5B:1C:F4:58:C1:D9:54:FE:E8:60:E2:8A:C7:CD:9F:C9:0D:7E:98:23"}}},"request":{"raw":"OPTIONS /collect?id=dWmboSvoOJ09Wa7ZwW\u0026uin=\u0026version=1.37.4\u0026aid=6bfd39ea-7aa2-409a-9923-32f587048567\u0026env=production\u0026platform=3\u0026netType=100\u0026vp=0%20*%200\u0026sr=1280%20*%201024\u0026sessionId=session-1763271139022\u0026from=https%3A%2F%2Fwww.nikke-eu.com%2Fact%2Fwand%2Fpc-download%2Findex.html%3Fcampaign%3Dpwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU%26campaignid%3DEU%26ad_group%3D3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3%26spend%3D8.0%26clickid%3D23297e6b208c4f40b67b6623522aa70a%26action_type%3Dclick%26uanetwork%3Dpwngames%26lang_type%3Den\u0026referer= HTTP/1.1\r\nHost: rumt-sg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://www.nikke-eu.com/\r\nOrigin: https://www.nikke-eu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 16 Nov 2025 05:32:21 GMT\r\ncontent-length: 0\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: GET, HEAD, PUT, POST, DELETE, PATCH\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T06:46:00.057853Z","times_seen":13320224,"resource_available":true,"data":null}},"time_used":179,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.popin.cc/td_js_sdk_171.js","fqdn":"api.popin.cc","domain":"popin.cc","tld":"cc"},"ip":{"addr":"119.63.193.220","port":443,"asn":38627,"as":"Baidu, Inc.","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:21.788Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.popin.cc","organization":"popIn Inc."},"issuer":{"commonName":"DigiCert Secure Site Pro G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 25 Sep 2025 00:00:00 GMT","end":"Mon, 26 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5B:66:38:53:B4:EB:8A:03:D2:53:C1:B8:40:BD:83:76:E3:03:91:6E","sha256":"98:FB:02:24:15:CB:C2:2D:9F:D5:47:A7:0B:8D:E9:89:7C:FA:F3:93:C9:E6:03:F7:12:F1:A9:C3:A0:B0:48:66"}}},"request":{"raw":"GET /td_js_sdk_171.js HTTP/1.1\r\nHost: api.popin.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nCookie: __mguid_=118684526ee4717e2kxrj000mi1a40cm\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 16 Nov 2025 05:32:21 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nx-amz-replication-status: COMPLETED\r\nLast-Modified: Mon, 16 Jun 2025 02:33:37 GMT\r\nETag: W/\"407bff8fef2ee540c10553635a3eb41b\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: cLSeEWMlKm_0RJjCuK_Txi2qpUSIO8Xu\r\nExpires: Sun, 16 Nov 2025 06:32:21 GMT\r\nCache-Control: max-age=3600\r\nCross-Origin-Resource-Policy: cross-origin\r\nTiming-Allow-Origin: *\r\nX-Cache-Status: HIT from 10.252.55.25\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":77192,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (326)","md5":"407bff8fef2ee540c10553635a3eb41b","sha1":"e9bf07b0b86385d633e8be06d58c75807d652127","sha256":"906b6bddd2ef3b6d40c60673e5626b2195e21f44bba44042553be4de34c69f89","sha512":"31396162023c434ef7ed676bf7eeeb73bc2472c9d78526719ebf7efc5ea125f09506f898997f5535665059cda7c46a03b94b9f55fbaf8eb8af9f5697fc6d985d","ssdeep":"768:XIC4FsqrMdFUGCRqxAM+J5hJdGxP6C0QE1d8/r3RdtuZqSqKm9bEABMeMif:H6rMKaC31W/TRdtTSqKfJ4f","tlshash":"4373204abae27530e203f139866fd808b275a45b199ded49394cd2a44f2543c87f9fec","first_seen":"2025-06-16T05:04:06.65767Z","last_seen":"2026-04-04T04:32:38.954572Z","times_seen":149,"resource_available":true,"data":null}},"time_used":498,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":497,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"st.chatango.com/js/gz/r1102251136/CommonUIModule.js","fqdn":"st.chatango.com","domain":"chatango.com","tld":"com"},"ip":{"addr":"208.93.230.18","port":443,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://st.chatango.com/h5/gz/r1102251136/id.html","date":"2025-11-16T05:32:14.552Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.chatango.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 15 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:69:E1:D0:F3:D1:74:D0:DA:D5:22:F8:D3:1E:06:08:AD:10:C4:11","sha256":"09:28:F7:57:15:FC:10:13:9B:36:F1:1C:C5:1D:EE:8C:45:0E:F5:7B:37:E3:7C:84:D3:8B:89:EE:9E:19:0E:20"}}},"request":{"raw":"GET /js/gz/r1102251136/CommonUIModule.js HTTP/1.1\r\nHost: st.chatango.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://st.chatango.com/h5/gz/r1102251136/id.html\r\nCookie: session_id=5651987607810559\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 16 Nov 2025 05:32:14 GMT\r\nContent-Type: application/x-javascript\r\nContent-Length: 7614\r\nLast-Modified: Sun, 02 Nov 2025 19:40:21 GMT\r\nConnection: keep-alive\r\nETag: \"6907b3a5-1dbe\"\r\nExpires: Mon, 16 Nov 2026 05:32:14 GMT\r\nCache-Control: max-age=31536000\r\nContent-Encoding: gzip\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21140,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (1121)","md5":"27543eb3d80d69bdb014f5a3b4f19963","sha1":"7f8b4b6cdde77f63c0df6676c19a11c480ac90aa","sha256":"9d7bf2516c34273d8809fae0fecf01119b54be83feaf0759fed7116f6d36406b","sha512":"25711f8c535d94df7baeb284847d78c637b6f5c02538e627d35eb07544a055d6c700458853ec9d3d9244b4b35462eab3822901ad02b70326776e4ce97859a5a5","ssdeep":"384:l/YCCywYyufacPsKZOyNxMF0QIZP5qxP5qvCfZdi1jN:N9facPsKZ5xWQHeCtN","tlshash":"3192085bb2623167e262f0f4047f411a1637a549a89582ac349eede45ebdc2c3377f38","first_seen":"2025-09-20T18:59:54.733769Z","last_seen":"2026-04-03T20:52:09.41165Z","times_seen":220,"resource_available":true,"data":null}},"time_used":167,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":166,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/assets/uploads/channels/20.png","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.crichd.vip/web007","date":"2025-11-16T05:32:11.600Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crichd.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:56:14 GMT","end":"Thu, 05 Feb 2026 05:53:57 GMT"},"fingerprint":{"sha1":"40:25:3E:9A:40:8E:95:C7:E1:D7:E0:E5:03:BD:16:64:DB:44:2E:46","sha256":"35:43:E1:EF:96:B6:B2:9D:09:40:04:F9:0B:26:FE:53:B4:89:D6:E1:4D:6E:4F:3C:5E:59:6B:8F:07:CA:23:1D"}}},"request":{"raw":"GET /assets/uploads/channels/20.png HTTP/1.1\r\nHost: m.crichd.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.crichd.vip/web007\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 05:32:11 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 02 Sep 2021 09:48:38 GMT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HG68%2BABQJFlJb94hyaAWJ%2BG%2Bsd%2F%2BTrDxUuKfkjkTf3FeKOWM1oJKRWCUSt33nf0quSd16FepbZlSYEM9sTO2%2FORptLRTCJkaHkg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: \"61309df6-8475\"\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 1961\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: 99f49b3c08d556c7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":33909,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 600 x 104, 8-bit/color RGBA, non-interlaced","md5":"c3db037b4c853767ae95cba0d86ac77b","sha1":"f21e7f8dcfd5671a1cc8db36cfa3b093583f6f92","sha256":"121b5db0217d4f63e20a397e35f2cdc14572a0f32af4bb7e1ae05e7aaf9a2bd8","sha512":"5bb8cf93fcedd628b48d32ee72a3923773b8c6693a30037ca417637a1234651ce3d364ee1d87afd233dd0e76f2ac97bd3c861c0b5a8df6c03cf74872d4c10afc","ssdeep":"768:V6a3pmmEbDg5vn990ns3Tm6DV/uic02RC1X4WG3n9Zt:4zmAg5/H0ns3TzVjc02RC143tZt","tlshash":"1ae2f1033f2435815cd4ca756bdcc89a7bb643d7ba9ee49c0caac2c0764519c0a3d57e","first_seen":"2023-05-26T18:24:14Z","last_seen":"2026-02-08T14:16:08.289067Z","times_seen":31,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":32,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rumt-sg.com/collect?id=dWmboSvoOJ09Wa7ZwW\u0026uin=\u0026version=1.37.4\u0026aid=6bfd39ea-7aa2-409a-9923-32f587048567\u0026env=production\u0026platform=3\u0026netType=100\u0026vp=0%20*%200\u0026sr=1280%20*%201024\u0026sessionId=session-1763271139022\u0026from=https%3A%2F%2Fwww.nikke-eu.com%2Fact%2Fwand%2Fpc-download%2Findex.html%3Fcampaign%3Dpwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU%26campaignid%3DEU%26ad_group%3D3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3%26spend%3D8.0%26clickid%3D23297e6b208c4f40b67b6623522aa70a%26action_type%3Dclick%26uanetwork%3Dpwngames%26lang_type%3Den\u0026referer=","fqdn":"rumt-sg.com","domain":"rumt-sg.com","tld":"com"},"ip":{"addr":"43.156.86.55","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:23.101Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rumt-sg.com","organization":"Shenzhen Tencent Computer Systems Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Fri, 03 Jan 2025 00:00:00 GMT","end":"Tue, 03 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B3:A2:75:8F:A9:60:48:97:57:63:D7:37:E1:55:58:7E:91:C7:B2:AA","sha256":"99:16:99:A9:EF:66:CA:0E:C4:8A:94:C3:5B:1C:F4:58:C1:D9:54:FE:E8:60:E2:8A:C7:CD:9F:C9:0D:7E:98:23"}}},"request":{"raw":"OPTIONS /collect?id=dWmboSvoOJ09Wa7ZwW\u0026uin=\u0026version=1.37.4\u0026aid=6bfd39ea-7aa2-409a-9923-32f587048567\u0026env=production\u0026platform=3\u0026netType=100\u0026vp=0%20*%200\u0026sr=1280%20*%201024\u0026sessionId=session-1763271139022\u0026from=https%3A%2F%2Fwww.nikke-eu.com%2Fact%2Fwand%2Fpc-download%2Findex.html%3Fcampaign%3Dpwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU%26campaignid%3DEU%26ad_group%3D3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3%26spend%3D8.0%26clickid%3D23297e6b208c4f40b67b6623522aa70a%26action_type%3Dclick%26uanetwork%3Dpwngames%26lang_type%3Den\u0026referer= HTTP/1.1\r\nHost: rumt-sg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://www.nikke-eu.com/\r\nOrigin: https://www.nikke-eu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 16 Nov 2025 05:32:23 GMT\r\ncontent-length: 0\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: GET, HEAD, PUT, POST, DELETE, PATCH\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T06:46:00.057853Z","times_seen":13320224,"resource_available":true,"data":null}},"time_used":177,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/assets/images/home.png","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.crichd.vip/web007","date":"2025-11-16T05:32:11.555Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crichd.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:56:14 GMT","end":"Thu, 05 Feb 2026 05:53:57 GMT"},"fingerprint":{"sha1":"40:25:3E:9A:40:8E:95:C7:E1:D7:E0:E5:03:BD:16:64:DB:44:2E:46","sha256":"35:43:E1:EF:96:B6:B2:9D:09:40:04:F9:0B:26:FE:53:B4:89:D6:E1:4D:6E:4F:3C:5E:59:6B:8F:07:CA:23:1D"}}},"request":{"raw":"GET /assets/images/home.png HTTP/1.1\r\nHost: m.crichd.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.crichd.vip/web007\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 05:32:11 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 13 Feb 2017 20:33:38 GMT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gsfjNwsi9oRSltT3ShMUBWsHy6VTbBW9nDW%2FA55l4kejltYuvq6mY0DC4kGFquW%2Fe%2Ffyyhep5QHCS93gFE1JJP06VAuPXj1OHUc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: \"58a21822-1083\"\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 1969\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: 99f49b3bf8cb56c7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4227,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 49 x 49, 8-bit/color RGBA, non-interlaced","md5":"2f908e33b642599063cd05a784c37e05","sha1":"b948ff1f3a9795b91c74d8ae72dbe01736a84ef5","sha256":"65233f3f33be99d3900b0555630de9efb67cfb478f30c52c342b9032f69b789f","sha512":"c84c37464228fe231624baec9549674e477dc547ae4607705dddb80b1726ad5f252f02c8048cf011c6ab1981404b492b9713e51d8fb022f2683a3d7aec4c5d20","ssdeep":"96:rSDZ/I09Da01l+gmkyTt6Hk8nTqWg9dIeyRyQQnuIPE8CxUi:rSDS0tKg9E05Te9+auIPEld","tlshash":"0b917e5f98a4905f7ead7a0009cd410af71ab23c93833b74e9c091df18a2d1b9b69476","first_seen":"2023-05-26T18:24:13Z","last_seen":"2026-02-08T14:16:08.317728Z","times_seen":28,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/assets/uploads/categories/1.png","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.crichd.vip/web007","date":"2025-11-16T05:32:11.556Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crichd.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:56:14 GMT","end":"Thu, 05 Feb 2026 05:53:57 GMT"},"fingerprint":{"sha1":"40:25:3E:9A:40:8E:95:C7:E1:D7:E0:E5:03:BD:16:64:DB:44:2E:46","sha256":"35:43:E1:EF:96:B6:B2:9D:09:40:04:F9:0B:26:FE:53:B4:89:D6:E1:4D:6E:4F:3C:5E:59:6B:8F:07:CA:23:1D"}}},"request":{"raw":"GET /assets/uploads/categories/1.png HTTP/1.1\r\nHost: m.crichd.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.crichd.vip/web007\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 05:32:11 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 13 Feb 2017 20:51:18 GMT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GgHgruBvpXtzokaLAOf%2FAg5V27RbuPp2ezJKADXPCFAHDpFFROc9bn2yqK93fdc6j%2FT3jVI0dEpVnpP07ubSc66JWslo%2F0ya6b0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: \"58a21c46-a3d\"\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 1969\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: 99f49b3bf8ca56c7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2621,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 30 x 31, 8-bit/color RGBA, non-interlaced","md5":"1b0681b241f9b241896dbfa8aa5bd492","sha1":"81128a88734a3404145a41f13e7f565c79299323","sha256":"dedd0a94a7c8451dc4d62a7c607d8d5018352757de92f9de5a74ed2171170312","sha512":"0bc5a1a0790d3f919690669d89e4d3e2c91bbdcbeb1469c9371f8a5a60c54088b9a0cd7a4773e7358a3a9b3f83f19c215b258ca29235c6d1eb2822bd8b135bd5","ssdeep":"","tlshash":"58514c41c7ac57e0d2f6721f684c107168b59ef67563f24e1b24516852047d0dff3923","first_seen":"2023-05-26T18:24:14Z","last_seen":"2026-02-08T14:16:08.295069Z","times_seen":27,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"asset.popin.cc/js/h/val.html?postM=1\u0026trackingid=","fqdn":"asset.popin.cc","domain":"popin.cc","tld":"cc"},"ip":{"addr":"34.117.195.210","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:20.229Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.popin.cc","organization":"popIn Inc."},"issuer":{"commonName":"DigiCert Secure Site Pro G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 25 Sep 2025 00:00:00 GMT","end":"Mon, 26 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5B:66:38:53:B4:EB:8A:03:D2:53:C1:B8:40:BD:83:76:E3:03:91:6E","sha256":"98:FB:02:24:15:CB:C2:2D:9F:D5:47:A7:0B:8D:E9:89:7C:FA:F3:93:C9:E6:03:F7:12:F1:A9:C3:A0:B0:48:66"}}},"request":{"raw":"GET /js/h/val.html?postM=1\u0026trackingid= HTTP/1.1\r\nHost: asset.popin.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AOCedOEPgpYmKorgXz_Ms908foOauT09cIkxy6L5knEQcfWntbZIjisL-AnXIVJsRpgEAF8MxESdz5c\r\nx-goog-generation: 1755070387959940\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 10528\r\ncontent-language: en\r\nx-goog-hash: crc32c=aV6Ylg==, md5=7e/1jIOHT0fMq51A870gyA==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\nserver: UploadServer\r\nvia: 1.1 google\r\ncontent-encoding: br\r\ncontent-length: 3784\r\ndate: Sun, 16 Nov 2025 05:26:41 GMT\r\nage: 339\r\nlast-modified: Wed, 13 Aug 2025 07:33:07 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\ncache-control: public,max-age=3600\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]}],"data":{"size":10528,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (10528), with no line terminators","md5":"edeff58c83874f47ccab9d40f3bd20c8","sha1":"2735b25663624646f63b160bf870e26a75935ebb","sha256":"025e0432cd05131c056f2f14e3116f6373f7d0fa002726a9f6fe932e2cd59945","sha512":"e3ebe8c9d734558d9be34fc2daa46e8aca861b037191114d3f1530e84068abb30b8184fd19eb921d13e4370c14f121a65b2ed450f758730c2cbcdbfd8da6b781","ssdeep":"192:bq5aFuCVFyLZ/CM5zRUoEb1rqOz8Cz0F9MeEQHpQYT:jFyFlEb15z8Cz0vEQHpV","tlshash":"3f22dbeb32c5756663a2019d583f3307b22d4c5f64cc6980ea15e4e03a78adb4337f66","first_seen":"2024-12-02T15:40:32.454962Z","last_seen":"2026-04-04T05:06:44.851081Z","times_seen":4942,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":27,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bat.bing.net/actionp/0?ti=187030255\u0026Ver=2\u0026mid=c38b50e3-4550-47fb-9f78-3598ab3ffd45\u0026bo=1\u0026evt=consent\u0026src=enforced\u0026cdb=AQEZ\u0026asc=D","fqdn":"bat.bing.net","domain":"bing.net","tld":"net"},"ip":{"addr":"150.171.28.10","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:22.100Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bat.bing.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 08","organization":"Microsoft Corporation"},"validity":{"start":"Tue, 21 Oct 2025 02:00:33 GMT","end":"Sun, 19 Apr 2026 02:00:33 GMT"},"fingerprint":{"sha1":"62:7A:BC:C4:E3:80:17:91:83:49:E3:83:45:24:DB:AE:BF:0B:EB:1F","sha256":"49:47:A8:23:DF:CE:A3:73:C0:ED:8D:5E:33:E9:AB:A1:79:C3:B9:92:74:C0:63:B4:37:11:CF:FB:2E:39:9D:CF"}}},"request":{"raw":"POST /actionp/0?ti=187030255\u0026Ver=2\u0026mid=c38b50e3-4550-47fb-9f78-3598ab3ffd45\u0026bo=1\u0026evt=consent\u0026src=enforced\u0026cdb=AQEZ\u0026asc=D HTTP/1.1\r\nHost: bat.bing.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.nikke-eu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\ncache-control: no-cache, must-revalidate\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\naccess-control-allow-origin: *\r\nx-cache: CONFIG_NOCACHE\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\nx-msedge-ref: Ref A: 5E149E9D80114E7582C31FB67B66E57B Ref B: OSL231050215060 Ref C: 2025-11-16T05:32:22Z\r\ndate: Sun, 16 Nov 2025 05:32:22 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T06:46:00.057853Z","times_seen":13320224,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":23,"dns":3,"connect":2,"send":0,"wait":50,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/assets/uploads/channels/3.png","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.crichd.vip/web007","date":"2025-11-16T05:32:11.565Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crichd.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:56:14 GMT","end":"Thu, 05 Feb 2026 05:53:57 GMT"},"fingerprint":{"sha1":"40:25:3E:9A:40:8E:95:C7:E1:D7:E0:E5:03:BD:16:64:DB:44:2E:46","sha256":"35:43:E1:EF:96:B6:B2:9D:09:40:04:F9:0B:26:FE:53:B4:89:D6:E1:4D:6E:4F:3C:5E:59:6B:8F:07:CA:23:1D"}}},"request":{"raw":"GET /assets/uploads/channels/3.png HTTP/1.1\r\nHost: m.crichd.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.crichd.vip/web007\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 05:32:11 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 23 Jul 2017 17:00:25 GMT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mRYqG4nOGwnofUfCwOj4otX73U1bVTjZfnVssQ5IGVELgchllDNHoZ6SEBzp1Zw9Q35Cfk1MbCe9GIpvg5IzA1DDEpKS6Paoq1o%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: \"5974d629-1b4c\"\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 1961\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: 99f49b3bf8ce56c7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6988,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 26, 8-bit/color RGBA, non-interlaced","md5":"943d91616700475610ab01dd4379026f","sha1":"97c7ad407274942528f81ccdd0b45cc9b587fee9","sha256":"a8186e488e3a77dc62613448371be4265aebff02ac22326b002a8277386d5b09","sha512":"07f90b545f7aba674ef0a34cc128876f483bd127d04debd9c55f5a785634cf9519b08b7b2724c7a03295ccd6c2a0bb718bbc9aa1b26e5514c521b561c080c574","ssdeep":"192:GS6nDMYnVP2KznyHo1AI6nKBx7jcKN7tthy5PGMi:GjnNnz6KL3Pthy5Pk","tlshash":"0de1ae05371cd2f44c466c6ba7bf03e45068289e3a5f2b21445cc06b3d6aeb3a37b622","first_seen":"2023-05-26T18:24:14Z","last_seen":"2026-02-08T14:16:08.270286Z","times_seen":27,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ust.chatango.com/groupinfo/c/r/crichdsupport/gprofile.xml","fqdn":"ust.chatango.com","domain":"chatango.com","tld":"com"},"ip":{"addr":"208.93.230.24","port":443,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://st.chatango.com/h5/gz/r1102251136/id.html","date":"2025-11-16T05:32:13.379Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.chatango.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 15 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:69:E1:D0:F3:D1:74:D0:DA:D5:22:F8:D3:1E:06:08:AD:10:C4:11","sha256":"09:28:F7:57:15:FC:10:13:9B:36:F1:1C:C5:1D:EE:8C:45:0E:F5:7B:37:E3:7C:84:D3:8B:89:EE:9E:19:0E:20"}}},"request":{"raw":"GET /groupinfo/c/r/crichdsupport/gprofile.xml HTTP/1.1\r\nHost: ust.chatango.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://st.chatango.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://st.chatango.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 16 Nov 2025 05:32:13 GMT\r\nContent-Type: text/xml\r\nContent-Length: 79\r\nLast-Modified: Tue, 17 Sep 2024 10:57:54 GMT\r\nConnection: keep-alive\r\nETag: \"66e960b2-4f\"\r\nExpires: Sun, 16 Nov 2025 05:32:13 GMT\r\nCache-Control: max-age=0\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":79,"size_decoded":0,"mime_type":"text/xml","magic":"XML 1.0 document, ASCII text, with no line terminators","md5":"06175773b05ef86f476a059b502dba64","sha1":"fbd1b133b35ac0ec1670f04def8b7c94e874b2cf","sha256":"3abf9029b0b153bb5609d5941f749abb5a701a4138ff3e07a1da2df5a916b15c","sha512":"09df9ed725ee88d261c8647f3e5cfe7e9363691b8ed5937359e4ccdba4637a38e1bcac138a3ebc10e521594b6f6b2122ad9a8009340b542945d3ac83a2a95505","ssdeep":"","tlshash":"a3a0220c883cf03a8b0008082bb8b28233eb230a00e0802cbb880800028a0cbcf0f30f","first_seen":"2025-07-17T18:00:00.056506Z","last_seen":"2026-02-08T14:16:08.259394Z","times_seen":22,"resource_available":false,"data":null}},"time_used":1196,"timings":{"blocked":517,"dns":26,"connect":161,"send":0,"wait":162,"receive":0,"ssl":328},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.nikke-eu.com/act/wand/pc-download/lazysizes.min.js","fqdn":"www.nikke-eu.com","domain":"nikke-eu.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:18.308Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"nikke-eu.com","organization":"PROXIMA BETA PTE. LIMITED"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 17 Feb 2025 00:00:00 GMT","end":"Wed, 18 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4E:FB:88:CA:40:A1:31:87:4F:97:97:6A:22:B0:FF:2E:E1:05:F8:34","sha256":"28:C3:99:73:D6:D0:D3:D2:B1:57:C9:C7:66:61:2B:DF:2A:BE:F0:2F:14:6A:2E:77:E8:42:65:3C:DA:8A:EE:C0"}}},"request":{"raw":"GET /act/wand/pc-download/lazysizes.min.js HTTP/1.1\r\nHost: www.nikke-eu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Mon, 04 Aug 2025 04:40:02 GMT\r\nContent-Encoding: gzip\r\nEtag: \"45bacd312d5098b4b59f563d8756c15d\"\r\nContent-Type: application/javascript\r\nDate: Tue, 23 Sep 2025 12:21:45 GMT\r\nServer: tencent-cos\r\nx-cos-hash-crc64ecma: 8069349710420771718\r\nx-cos-request-id: NjhkMjkwZDlfZmUxNTc5MWVfM2Y0YzVfMTc1NTc5MjA=\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cosindex-replication-status: Complete\r\nContent-Length: 3494\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 2452504713013336100\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7889,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (7862)","md5":"45bacd312d5098b4b59f563d8756c15d","sha1":"fa55e2cff078381e5365d95782a95a787d0b7192","sha256":"3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b","sha512":"ab9f37a692ab09173b3793b49f69f352227eb2e52fec4b752467a5b386d739a30541c6a63e4f478dd5249d9bae16304db3bb6c32e69d81ee64f51cdd98efb519","ssdeep":"192:HIJHXkovHIdcC9vaE6cyxqI1qwLcIRAKEFkNB+xb+25CqqBFPvAxOn:H2kNdcC9J6co91qwLcI6KgkixbdjqBFH","tlshash":"b0f1b59f755570b3aadb74b5416f310f673279339d86e092e2bac080493c84aa323f2d","first_seen":"2023-03-07T01:10:08Z","last_seen":"2026-04-04T06:39:29.264198Z","times_seen":11720,"resource_available":true,"data":null}},"time_used":89,"timings":{"blocked":37,"dns":3,"connect":15,"send":0,"wait":11,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"geolocation.onetrust.com/cookieconsentpub/v1/geo/location","fqdn":"geolocation.onetrust.com","domain":"onetrust.com","tld":"com"},"ip":{"addr":"172.64.155.119","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:18.520Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geolocation.onetrust.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Sep 2025 20:44:08 GMT","end":"Mon, 29 Dec 2025 21:44:04 GMT"},"fingerprint":{"sha1":"8B:1F:BE:C3:41:B7:13:B4:FB:C2:88:AF:57:B5:54:E7:1D:EB:57:D3","sha256":"E0:2A:67:58:A8:54:95:48:0D:DC:50:DD:D2:DB:A0:19:5D:03:D3:89:A2:CD:41:C6:CB:7D:F3:4A:1C:B7:25:50"}}},"request":{"raw":"GET /cookieconsentpub/v1/geo/location HTTP/1.1\r\nHost: geolocation.onetrust.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.nikke-eu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 16 Nov 2025 05:32:18 GMT\r\ncontent-type: application/json\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: GET, OPTIONS\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\ncf-ray: 99f49b67cc7e2efa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":65,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"8d896eded71ee5fc863cf1ec1485da75","sha1":"b36c99cd02aa88e94a55b028381d9c5cb61cbbef","sha256":"3dddf5b1f3c0e76d359e7fe585b61f721980981a612e17d7ebfedfc3e6fc3b3d","sha512":"a216a2ec987ed8aa509d4bf88075844374819f15767190c2f9fc1b7dc05436cb33ac0fa3466bd207bd3104e455cd3c72fb8622dd0759ab64f197ac216850382e","ssdeep":"","tlshash":"3da0025864599d1d9dfd824a530e726a1244a309828751c6c6c9ed75c5812c9b05c480","first_seen":"2025-06-02T14:25:58.002399Z","last_seen":"2026-04-04T06:31:10.903986Z","times_seen":104039,"resource_available":false,"data":null}},"time_used":64,"timings":{"blocked":19,"dns":1,"connect":1,"send":0,"wait":22,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sg-act.playerinfinite.com/api/proxy_direct/account/Account/GetUserCountryCodeWithIP","fqdn":"sg-act.playerinfinite.com","domain":"playerinfinite.com","tld":"com"},"ip":{"addr":"43.134.152.232","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:19.017Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.playerinfinite.com","organization":"PROXIMA BETA PTE. LIMITED"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 16 Jun 2025 00:00:00 GMT","end":"Mon, 15 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:E7:1F:F5:AE:3C:B7:87:C6:B4:16:8A:44:C2:36:33:62:2C:8F:B3","sha256":"2A:E9:FF:31:20:68:39:73:71:6D:3D:92:50:E4:5A:6C:84:DB:96:95:1E:AC:F4:0E:CB:8C:93:CF:43:86:F5:FE"}}},"request":{"raw":"OPTIONS /api/proxy_direct/account/Account/GetUserCountryCodeWithIP HTTP/1.1\r\nHost: sg-act.playerinfinite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nOrigin: https://www.nikke-eu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sun, 16 Nov 2025 05:32:19 GMT\r\nstrict-transport-security: max-age=15724800; includeSubDomains\r\naccess-control-allow-origin: https://www.nikke-eu.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: PUT, GET, POST, OPTIONS\r\naccess-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie,X-Gameid,X-Language,X-Source,X-Ticket,X-Uid,X-Areaid\r\naccess-control-max-age: 1728000\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T06:46:00.057853Z","times_seen":13320224,"resource_available":true,"data":null}},"time_used":1259,"timings":{"blocked":485,"dns":1,"connect":256,"send":0,"wait":251,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"track.iegcom.com/v2/websdk/report","fqdn":"track.iegcom.com","domain":"iegcom.com","tld":"com"},"ip":{"addr":"34.49.88.155","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:20.177Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"track.iegcom.com","organization":""},"issuer":{"commonName":"DNSPod DV TLS RSA CA 2025","organization":"DNSPod, Inc."},"validity":{"start":"Tue, 28 Oct 2025 00:00:00 GMT","end":"Tue, 27 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:2A:71:4B:75:E9:66:F5:FD:05:E7:53:B7:1A:20:FF:DD:F4:A0:56","sha256":"81:74:2D:04:92:3C:B4:23:12:7C:91:86:68:90:62:25:5B:DB:75:03:F6:41:BF:00:BF:57:60:9C:93:DB:6E:E6"}}},"request":{"raw":"POST /v2/websdk/report HTTP/1.1\r\nHost: track.iegcom.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 1188\r\nOrigin: https://www.nikke-eu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 201 Created\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\ncontent-type: application/json; charset=utf-8\r\netag: W/\"19-pSuUqvA1T8UMUbHJkpqfXlk/bjI\"\r\nx-cloud-trace-context: 5f4b4bf72e8c35c59f54a2982959a1ba\r\ndate: Sun, 16 Nov 2025 05:32:20 GMT\r\nserver: Google Frontend\r\ncontent-length: 25\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"201","status_text":"Created","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":25,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"66f41088bf6267ad8ea40e3533e2f275","sha1":"a52b94aaf0354fc50c51b1c9929a9f5e593f6e32","sha256":"cf29e1b2087058ccb7d034620fc45bb35671afa6509fbd6459f315ddf6b82343","sha512":"bf3b0c147804c73fdb49592ed285c3b650ee3d0581e2893524182322f56608845765dd44928b84b051b7fddf5d243388c9f1f82508e6f2f8fad3213ad5eca933","ssdeep":"","tlshash":"6d7000330008088322003c0c00030b0a208008a0aa000ba0c02c080c8a0c088a382000","first_seen":"2023-05-06T09:48:28Z","last_seen":"2026-04-01T23:27:14.185594Z","times_seen":132,"resource_available":false,"data":null}},"time_used":105,"timings":{"blocked":34,"dns":0,"connect":0,"send":0,"wait":69,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/assets/bootstrap/js/bootstrap.min.js","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.crichd.vip/web007","date":"2025-11-16T05:32:11.550Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crichd.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:56:14 GMT","end":"Thu, 05 Feb 2026 05:53:57 GMT"},"fingerprint":{"sha1":"40:25:3E:9A:40:8E:95:C7:E1:D7:E0:E5:03:BD:16:64:DB:44:2E:46","sha256":"35:43:E1:EF:96:B6:B2:9D:09:40:04:F9:0B:26:FE:53:B4:89:D6:E1:4D:6E:4F:3C:5E:59:6B:8F:07:CA:23:1D"}}},"request":{"raw":"GET /assets/bootstrap/js/bootstrap.min.js HTTP/1.1\r\nHost: m.crichd.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.crichd.vip/web007\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 05:32:11 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 13 Feb 2017 20:35:29 GMT\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AotAGTkAz2R7z2X2UAKXJxrNuGTQo6%2Fr1ecX%2BMUSjUMvpDKniz3x0pmVHRPsnOtpd89T8rG0vs0sDMxdzrk1BAUgXz3xIRpWlkA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: \"58a21891-8c75\"\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 1969\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: 99f49b3be8c556c7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":35957,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32025), with CRLF line terminators","md5":"1ae0e64754a542cbea996dec63c326fd","sha1":"e2ddfe5a574c29f39b511aada1bd85e0ba60fa70","sha256":"6447e59227786bcda7ad58ef045540cba328e5ec0e5ddbd88b4f57122feaf926","sha512":"822551519f11dd4fa2ad96d08677da68cb0ad45a39ea0b4dea51995b603953b8f85e71a06bbaeba85ee298ee5702eaaaffbfef9c94a615f4eaac4b2e395862cf","ssdeep":"768:K8lBD27UwlNBMl9/qahC2+jS1g8ep0skCXFXflc7Gf3Z1RQ:Be78+S1Klvl13ZrQ","tlshash":"19f29606b23031a107efb1e5515b020b7239696ee90690bc78b9dae53db9c48717bf3d","first_seen":"2023-03-07T01:07:33Z","last_seen":"2026-04-04T02:50:04.534183Z","times_seen":1735,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.popin.cc/ads/29824.js","fqdn":"api.popin.cc","domain":"popin.cc","tld":"cc"},"ip":{"addr":"119.63.193.220","port":443,"asn":38627,"as":"Baidu, Inc.","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:19.305Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.popin.cc","organization":"popIn Inc."},"issuer":{"commonName":"DigiCert Secure Site Pro G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 25 Sep 2025 00:00:00 GMT","end":"Mon, 26 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5B:66:38:53:B4:EB:8A:03:D2:53:C1:B8:40:BD:83:76:E3:03:91:6E","sha256":"98:FB:02:24:15:CB:C2:2D:9F:D5:47:A7:0B:8D:E9:89:7C:FA:F3:93:C9:E6:03:F7:12:F1:A9:C3:A0:B0:48:66"}}},"request":{"raw":"GET /ads/29824.js HTTP/1.1\r\nHost: api.popin.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 16 Nov 2025 05:32:20 GMT\r\nContent-Type: text/javascript\r\nContent-Length: 1020\r\nConnection: keep-alive\r\nx-amz-replication-status: COMPLETED\r\nLast-Modified: Mon, 02 Sep 2024 07:38:29 GMT\r\nETag: \"19b95068d58c857137d39b525bbdcaa7\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: XlR_Oe0K.gr4jChHFuQChTpwriRAE8SG\r\nExpires: Sun, 16 Nov 2025 06:32:20 GMT\r\nCache-Control: max-age=3600\r\nCross-Origin-Resource-Policy: cross-origin\r\nTiming-Allow-Origin: *\r\nX-Cache-Status: HIT from 10.252.55.25\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":1020,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (946)","md5":"19b95068d58c857137d39b525bbdcaa7","sha1":"c74c4e48977080fe5c7a00231316d08a13d6542f","sha256":"dfe030d4d904eacd09848adf7299126104bc4a42bca5986ecd14429eb5f7c042","sha512":"6596e2992cf7304e37244da09cf446613016426fb0556310a7ea826c593a2372750d17352f6409b264957d99d591b36c572818e182dd8104dbbaf55f1382e1dc","ssdeep":"","tlshash":"a31112f3b8558d7b027d69f8603fd42c24e53ce51384e824ca25c41a6ad4d0400a5b94","first_seen":"2024-12-27T16:14:47.786349Z","last_seen":"2025-12-16T18:53:16.554566Z","times_seen":38,"resource_available":true,"data":null}},"time_used":1431,"timings":{"blocked":-1,"dns":5,"connect":247,"send":0,"wait":247,"receive":0,"ssl":932},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bat.bing.com/bat.js","fqdn":"bat.bing.com","domain":"bing.com","tld":"com"},"ip":{"addr":"150.171.27.10","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:21.189Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.bing.com","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 04","organization":"Microsoft Corporation"},"validity":{"start":"Tue, 09 Sep 2025 10:31:56 GMT","end":"Sun, 08 Mar 2026 10:31:56 GMT"},"fingerprint":{"sha1":"50:8E:E5:0E:CF:A8:D3:35:02:44:1B:62:B8:0C:E5:6C:F2:92:A0:4A","sha256":"AE:24:3D:66:8E:C9:C7:F7:4A:0D:CD:1A:D2:1C:66:76:B4:EF:E3:0C:39:72:89:34:B3:62:09:3A:F8:86:BF:77"}}},"request":{"raw":"GET /bat.js HTTP/1.1\r\nHost: bat.bing.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: private,max-age=1800\r\ncontent-length: 15076\r\ncontent-type: application/javascript\r\ncontent-encoding: gzip\r\nlast-modified: Mon, 10 Nov 2025 06:22:15 GMT\r\naccept-ranges: bytes\r\netag: \"8045595ba52dc1:0\"\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-cache: CONFIG_NOCACHE\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\nx-msedge-ref: Ref A: A7439468345048A99627F868E1B1F608 Ref B: OSL231050213034 Ref C: 2025-11-16T05:32:21Z\r\ndate: Sun, 16 Nov 2025 05:32:20 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":53955,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (53952), with CRLF line terminators","md5":"859fe5e4db9e938c0a967b43c678b80d","sha1":"d22c30b0c9a1dcabfed056470e309baad68804e7","sha256":"59d26c74a8a4d20005cb0a2ea23f9db944af214390b409e69734ada61cfbef79","sha512":"035dc73f195d7750556c1448e726d2f2f880ee97142c8869f825423b589b3a59ec9f4f051ddc4e8d617553be131bf82d8a41fe46bd78571714b99ce834cb5468","ssdeep":"768:YcMOThic7/DNIh+Qm3mT1OoLQBDjf6yPGV/Oj7hu23:TMOTkc7h/3ULMjf6yPGhur","tlshash":"b3330a4333509a7645f9419c786a2903a336570e30be70ac7a8cf8e6945de4b7237b7a","first_seen":"2025-11-10T21:29:14.74734Z","last_seen":"2026-03-29T03:29:44.520952Z","times_seen":13625,"resource_available":true,"data":null}},"time_used":106,"timings":{"blocked":29,"dns":17,"connect":3,"send":0,"wait":31,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sg-nikke.playerinfinite.com/act/wand/dae12156-a78c-49ce-8770-e8e5ec34265d.webp","fqdn":"sg-nikke.playerinfinite.com","domain":"playerinfinite.com","tld":"com"},"ip":{"addr":"101.33.11.223","port":443,"asn":139341,"as":"ACE","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:21.403Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.playerinfinite.com","organization":"PROXIMA BETA PTE. LIMITED"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 16 Jun 2025 00:00:00 GMT","end":"Mon, 15 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:E7:1F:F5:AE:3C:B7:87:C6:B4:16:8A:44:C2:36:33:62:2C:8F:B3","sha256":"2A:E9:FF:31:20:68:39:73:71:6D:3D:92:50:E4:5A:6C:84:DB:96:95:1E:AC:F4:0E:CB:8C:93:CF:43:86:F5:FE"}}},"request":{"raw":"GET /act/wand/dae12156-a78c-49ce-8770-e8e5ec34265d.webp HTTP/1.1\r\nHost: sg-nikke.playerinfinite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 11 Sep 2024 09:24:00 GMT\r\nEtag: \"efa5180192bff53a1e998c329bd112f4\"\r\nContent-Type: image/webp\r\nContent-Length: 44\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 9810083342473581310\r\nConnection: keep-alive\r\nServer: lego_ovs_video\r\nDate: Sun, 16 Nov 2025 05:32:21 GMT\r\nX-Cache-Lookup: Cache Hit\r\nCache-Control: max-age=604800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":44,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1x16, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"efa5180192bff53a1e998c329bd112f4","sha1":"6a8f3cf935101e022708ce7c6f90a22039433e5f","sha256":"24191478ecaaa411a49875a7aa9f74b2110ecab03e86d13e4596f3ca9f988157","sha512":"ef2bcc50dfd1e213c0d74d4a0e8e2fe5254672800824c028181259ca2c1dae420f76723128a9070f12e6d2b6949cff571b53dc5623b6f3f3e8694063b3ddc6b6","ssdeep":"","tlshash":"32900201a310a560c418583d147d03520159a0904001919114c54caa04114483a0514a","first_seen":"2024-12-27T16:14:47.812008Z","last_seen":"2026-03-05T07:34:47.163669Z","times_seen":45,"resource_available":false,"data":null}},"time_used":391,"timings":{"blocked":183,"dns":116,"connect":21,"send":0,"wait":21,"receive":0,"ssl":41},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.crichd.vip/assets/css/my-front-template.css?1000","fqdn":"m.crichd.vip","domain":"crichd.vip","tld":"vip"},"ip":{"addr":"104.21.83.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.crichd.vip/web007","date":"2025-11-16T05:32:11.551Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"crichd.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:56:14 GMT","end":"Thu, 05 Feb 2026 05:53:57 GMT"},"fingerprint":{"sha1":"40:25:3E:9A:40:8E:95:C7:E1:D7:E0:E5:03:BD:16:64:DB:44:2E:46","sha256":"35:43:E1:EF:96:B6:B2:9D:09:40:04:F9:0B:26:FE:53:B4:89:D6:E1:4D:6E:4F:3C:5E:59:6B:8F:07:CA:23:1D"}}},"request":{"raw":"GET /assets/css/my-front-template.css?1000 HTTP/1.1\r\nHost: m.crichd.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.crichd.vip/web007\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 05:32:11 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 11 Nov 2021 12:26:55 GMT\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6DnuqZhZDZCGFlkP5w%2Fviz4tVjg2XbYWzXnomhmg16iDvzS%2FyKPdHQeuRnb0e2wTuK%2FuDQ6%2F1j4PDEzjeaqMdpkM%2BvV0hWmoFYo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: \"618d0c0f-1165\"\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 1962\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: 99f49b3bf8c656c7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4453,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"1e8140d8efc428165d07d95f786b97bb","sha1":"5cd5a3bd03d262a503db409079b1130237b62c2d","sha256":"00ef0ee41ff184da23deba369f00ac494506311e4043f357c0a2fdb64fbf87ad","sha512":"02dc84fb9b3f5e400fcbddfa7b6cb6d11a2a3b4715f8d4ad24e77c58aaf3ead0e648f191965bbbc8104ef919117fecc980af59833ac60c6eb030854542e42ab5","ssdeep":"48:Ls2SBZmf48pc4v9ZQS9sBcfazXB7BRYmf48O4v90bmrThaMZGWvp//tDnFiv+E3p:IfZkcq9S4OR77YkUq98Pot7yFXNXt","tlshash":"99917312a25135c5700ba068aed596e8273d449bcd0fdf6dba7eb27ccb450e11172f89","first_seen":"2025-07-17T18:00:00.031884Z","last_seen":"2026-02-08T14:16:08.333257Z","times_seen":8,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adexchangeclear.com/script/suurl5.php?r=8908554\u0026cbur=0.7865916679209474\u0026cbiframe=0\u0026cbWidth=1280\u0026cbHeight=1024\u0026cbtitle=CricHD%20Live%20Cricket%20Streaming%20-%20Watch%20Live%20Cricket\u0026cbpage=https%3A%2F%2Fm.crichd.vip%2Fweb007\u0026cbref=\u0026cbdescription=Watch%20Live%20Cricket%20Streaming%20Online%20on%20our%20website%20CricHD.%20IPL%2C%20PSL%20Live%20Streaming%20for%20free.%20PTV%20Sports%20and%20Star%20Sports%20for%20IPL%20and%20PSL.\u0026cbkeywords=live%20cricket%2C%20live%20cricket%20streaming%2C%20watch%20cricket%20online%2C%20pak%20vs%20nz%2C%20india%20vs%20sa%2C%20aus%20vs%20nz%20vs%20eng%2C%20watch%20live%20cricket%2C%20ashes%20series%2C%20psl%20t20%2C%20ipl%20live%20streaming%2C%20t20%20live%20stream%2C%20test%20live%20stream%2C%20odi%20live%20stream%2C%20cricket%20match%20live%2C%20watch%20cricket%20match\u0026cbcdn=rpyztjadsbonh.store\u0026ufp=Win32%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits\u0026ts=1763271131873\u0026srs=98ec73e053b6dc4989585b7170d01317\u0026atv=71.2-b\u0026abtg=1\u0026adbv=3-cdn-js","fqdn":"adexchangeclear.com","domain":"adexchangeclear.com","tld":"com"},"ip":{"addr":"104.21.78.155","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://m.crichd.vip/web007","date":"2025-11-16T05:32:11.876Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adexchangeclear.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Oct 2025 20:14:35 GMT","end":"Tue, 06 Jan 2026 21:12:18 GMT"},"fingerprint":{"sha1":"7C:B6:62:0F:43:12:2D:86:DD:92:D1:44:95:36:24:C7:2F:BA:B0:B6","sha256":"06:21:18:21:3A:A8:90:A4:4D:D0:A6:7B:7B:C8:4A:3B:31:47:C3:5D:48:A5:94:AC:08:75:A0:A1:DF:D6:B9:3C"}}},"request":{"raw":"GET /script/suurl5.php?r=8908554\u0026cbur=0.7865916679209474\u0026cbiframe=0\u0026cbWidth=1280\u0026cbHeight=1024\u0026cbtitle=CricHD%20Live%20Cricket%20Streaming%20-%20Watch%20Live%20Cricket\u0026cbpage=https%3A%2F%2Fm.crichd.vip%2Fweb007\u0026cbref=\u0026cbdescription=Watch%20Live%20Cricket%20Streaming%20Online%20on%20our%20website%20CricHD.%20IPL%2C%20PSL%20Live%20Streaming%20for%20free.%20PTV%20Sports%20and%20Star%20Sports%20for%20IPL%20and%20PSL.\u0026cbkeywords=live%20cricket%2C%20live%20cricket%20streaming%2C%20watch%20cricket%20online%2C%20pak%20vs%20nz%2C%20india%20vs%20sa%2C%20aus%20vs%20nz%20vs%20eng%2C%20watch%20live%20cricket%2C%20ashes%20series%2C%20psl%20t20%2C%20ipl%20live%20streaming%2C%20t20%20live%20stream%2C%20test%20live%20stream%2C%20odi%20live%20stream%2C%20cricket%20match%20live%2C%20watch%20cricket%20match\u0026cbcdn=rpyztjadsbonh.store\u0026ufp=Win32%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits\u0026ts=1763271131873\u0026srs=98ec73e053b6dc4989585b7170d01317\u0026atv=71.2-b\u0026abtg=1\u0026adbv=3-cdn-js HTTP/1.1\r\nHost: adexchangeclear.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://m.crichd.vip/\r\nOrigin: https://m.crichd.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 16 Nov 2025 05:32:12 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\ncontent-encoding: gzip\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ehReysBojjsfplD2Vk%2FOldCwDKcUoXc4TeRXr4jc%2BpAVqZRoo1WKgI0N%2FXDy7B46ZERJRXj7WF0lEnfEKGx6eIuLyRpcfzqt7yKVmLqE%2FGsvhck%3D\"}]}\r\ncf-ray: 99f49b3e6ebc1ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":998,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"f12c841d5e9601969967c35ed7c5dbf5","sha1":"c76deedbb14e8151d073b51a10f88b8ed358a0ee","sha256":"0914ce71b274ec8babda189851588188c0ce916a8d3604198f652bb4cbb4ef59","sha512":"1635c9568d83b8b9fc61643107a2aef6114736572b22492b79234a0c761cd2eda8af6b1d956b53d6a894694035079a5121197758e96419c7e3abaaaa06c9fd6c","ssdeep":"","tlshash":"9111a85a3ca8413d7f9600345476a259dd8210036c11a03495e6ec1c5bb6ae84d2fe90","first_seen":"2025-11-16T05:32:51.516561Z","last_seen":"2025-11-16T05:32:51.516561Z","times_seen":1,"resource_available":false,"data":null}},"time_used":279,"timings":{"blocked":35,"dns":5,"connect":1,"send":0,"wait":209,"receive":0,"ssl":25},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"adexchangeclear.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ust.chatango.com/profileimg/g/o/goleafsgo416/thumb.jpg","fqdn":"ust.chatango.com","domain":"chatango.com","tld":"com"},"ip":{"addr":"208.93.230.24","port":443,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://st.chatango.com/h5/gz/r1102251136/id.html","date":"2025-11-16T05:32:14.640Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.chatango.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 15 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:69:E1:D0:F3:D1:74:D0:DA:D5:22:F8:D3:1E:06:08:AD:10:C4:11","sha256":"09:28:F7:57:15:FC:10:13:9B:36:F1:1C:C5:1D:EE:8C:45:0E:F5:7B:37:E3:7C:84:D3:8B:89:EE:9E:19:0E:20"}}},"request":{"raw":"GET /profileimg/g/o/goleafsgo416/thumb.jpg HTTP/1.1\r\nHost: ust.chatango.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://st.chatango.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 16 Nov 2025 05:32:15 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 1967\r\nLast-Modified: Sun, 24 Apr 2022 00:48:38 GMT\r\nConnection: keep-alive\r\nETag: \"62649e66-7af\"\r\nExpires: Sun, 16 Nov 2025 05:32:15 GMT\r\nCache-Control: max-age=0\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1967,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3","md5":"b84efd00a59f99a967b3fc7389f5a1fd","sha1":"97b3d0f35314363f3cbd284e2d88be9d2ea7438c","sha256":"953a34f087a1f46a1321db2d3a83542c2162173a1ae77cae11d9db2778959f5e","sha512":"70cead30c9f9f2067ed9f0f464577519555f60760a70c71c2bc24b753bd0b18c2f9f024d9cde44e965a48756d2a655b09984d1c94e4c63f26372385b5c3bf75c","ssdeep":"","tlshash":"9e412c1f731bd1909f0344b9306729b0d1bb5a6bbc7a2b341a150194c054cf8c3ccc8e","first_seen":"2023-12-01T03:09:21Z","last_seen":"2025-11-16T09:35:51.463176Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1172,"timings":{"blocked":503,"dns":1,"connect":164,"send":0,"wait":165,"receive":0,"ssl":336},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gizokraijaw.net/401/9283842","fqdn":"gizokraijaw.net","domain":"gizokraijaw.net","tld":"net"},"ip":{"addr":"104.21.65.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://st.chatango.com/h5/gz/r1102251136/id.html","date":"2025-11-16T05:32:14.983Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gizokraijaw.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 17 Oct 2025 19:43:39 GMT","end":"Thu, 15 Jan 2026 20:42:13 GMT"},"fingerprint":{"sha1":"D7:9E:5B:27:53:38:E5:30:9E:27:09:B5:20:A9:DB:AB:A3:8A:2C:79","sha256":"0C:F5:B9:11:E9:D8:FC:1B:7C:5E:E0:48:74:CA:44:61:58:F2:6A:63:27:F1:42:BB:FA:06:74:62:04:C8:5C:7E"}}},"request":{"raw":"GET /401/9283842 HTTP/1.1\r\nHost: gizokraijaw.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://st.chatango.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 16 Nov 2025 05:32:15 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: public, max-age=600, s-maxage=1800\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mpfvJ0efHWb8wxDZ0qimB%2FhljDGZxeDRs%2Bny8ysc0emUNxU1mJHNyUyL6wnbCkPtai0dW%2FNIMJM%2BzLZ20WbpdPl4OXDO3ztpo1Ay7FE%3D\"}]}\r\ncf-ray: 99f49b51bf480b4d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":170781,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"72e30197d438a8b689ab782906b39482","sha1":"817edade0c5c1507e2c336e3d08ca05fc2a93568","sha256":"95e87ce31ad943569bba49871050e50cc6a2d72134a042724e1767f59422b020","sha512":"3d9e8575a3dfe55261ff991f4a6c882c535067d52e5d223d245280d5eb0a3f873fee5a067e2d9d0fb7cbe52ea69ed94ce9a05449b61362740270a6bd836810d2","ssdeep":"3072:721zSqHyUv9114rTN9kSq8y2u+zoCeTSD1rgNy3edy6/2DUa8S443V0EFICtLHh/:mgnzkSGSzNeTSAXI6/2DUaYIVjIELBiw","tlshash":"7af3d788b292b1551d72a134322f824eb5dfab605c4e4a80d19be1b27f3706ed377dd8","first_seen":"2025-11-14T14:20:58.248512Z","last_seen":"2025-11-18T09:44:57.092465Z","times_seen":15,"resource_available":true,"data":null}},"time_used":93,"timings":{"blocked":26,"dns":5,"connect":1,"send":0,"wait":40,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://st.chatango.com/h5/gz/r1102251136/id.html","date":"2025-11-16T05:32:17.006Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:34:58 GMT","end":"Mon, 19 Jan 2026 08:34:57 GMT"},"fingerprint":{"sha1":"56:14:7E:EF:FA:D2:CF:DD:3B:30:9C:AE:7A:C9:AD:9E:A7:87:3D:E9","sha256":"72:DD:0F:82:4D:8A:09:2D:BB:5B:E6:1B:6F:09:F8:1E:BD:BD:D3:3E:B8:A4:8C:B9:49:13:4D:DC:D7:EF:EA:77"}}},"request":{"raw":"GET /css2?family=Roboto:wght@100;300;400;500;700 HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 16 Nov 2025 05:32:17 GMT\r\ndate: Sun, 16 Nov 2025 05:32:17 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":26935,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"0674bb1b4725131d0ccedb9f2119d9fa","sha1":"354de89c766f790720b9b55a28ce76bc2f2878e8","sha256":"37e93534f20120328ca625c0011682d90e4e4f4e702b0f90baf22d0c1f7fc8b4","sha512":"db19ac78c34f52d076a4b91cc180acb24697a1c8385c2d848ea0363ca684177c9f01de0a7115c165c8a01d4ea1441e86c98c8ae32292c15d0bd373500c52db23","ssdeep":"768:DFAFRFYFKFf4FQLFDFXFRKNyEfSQv3rgXU/9ffQiqGr8vkSfEQNVR1GJuofOQjLh:EcvMo1","tlshash":"32c2fba108174000978358e223cebf34fe4f92507141d0b5abfdab6bedcbc6652693ad","first_seen":"2025-09-09T04:12:34.447807Z","last_seen":"2025-11-18T23:33:55.824058Z","times_seen":1117,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.nikke-eu.com/act/wand/pc-download/assets/index-1a1c5ccf.css","fqdn":"www.nikke-eu.com","domain":"nikke-eu.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames","date":"2025-11-16T05:32:18.304Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"nikke-eu.com","organization":"PROXIMA BETA PTE. LIMITED"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 17 Feb 2025 00:00:00 GMT","end":"Wed, 18 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4E:FB:88:CA:40:A1:31:87:4F:97:97:6A:22:B0:FF:2E:E1:05:F8:34","sha256":"28:C3:99:73:D6:D0:D3:D2:B1:57:C9:C7:66:61:2B:DF:2A:BE:F0:2F:14:6A:2E:77:E8:42:65:3C:DA:8A:EE:C0"}}},"request":{"raw":"GET /act/wand/pc-download/assets/index-1a1c5ccf.css HTTP/1.1\r\nHost: www.nikke-eu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.nikke-eu.com/act/wand/pc-download/index.html?campaign=pwngames-EU-PC-20250115-Conversion-PWN-newinstall-EU\u0026campaignid=EU\u0026ad_group=3405_2a049d16-2c4c-4d49-8fdd-13d0e05aecf3\u0026spend=8.0\u0026clickid=23297e6b208c4f40b67b6623522aa70a\u0026action_type=click\u0026uanetwork=pwngames\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 24 Sep 2025 02:35:57 GMT\r\nContent-Encoding: gzip\r\nEtag: \"c9cb8c6aac269b624fc3a15c7ac55c04\"\r\nContent-Type: text/css\r\nDate: Wed, 24 Sep 2025 02:46:29 GMT\r\nServer: tencent-cos\r\nx-cos-hash-crc64ecma: 11141698061003507175\r\nx-cos-request-id: NjhkMzViODVfODU3NWI3MDlfZjU1YV8xNzhmMjVjMw==\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cosindex-replication-status: Complete\r\nContent-Length: 22843\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 10593708693241453086\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":106904,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"c9cb8c6aac269b624fc3a15c7ac55c04","sha1":"756768cf7873115338baecdbdaf747e9e77fb8f0","sha256":"1a1c5ccf56e594c2e05f6b0b9d35471fcb4c5f5e8890e7ff88a933fdea9c8789","sha512":"434f0ed3de5e1c47676b2b34072c87330fff076fcba68c3677c98e4afbea1d5bba535d9c320746aa4482e0df9be4a4ba0690adc92422ac81623a4b3fb6c9f747","ssdeep":"1536:GZge3JHcf7xax0fg1NUVOjtmMONJ6wwQrVD/LZ:0mDQ/jtm7NJ6wwQrVDDZ","tlshash":"8ca31a61b51489fd5d6bc091dad0eb5db32df082ce261ab8fa17b7248ecb3e60d63144","first_seen":"2025-11-05T17:06:59.828511Z","last_seen":"2025-11-18T23:33:55.87962Z","times_seen":37,"resource_available":false,"data":null}},"time_used":91,"timings":{"blocked":38,"dns":3,"connect":7,"send":0,"wait":9,"receive":1,"ssl":29},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}