{"report_id":"b3dd5b0f-cae3-4127-965e-e6ec28497b7e","version":6,"status":"done","tags":[],"date":"2026-02-22T12:27:48Z","url":{"schema":"http","addr":"wealthifse-mshiau.xyz/TDMNBVCXZLKJTD.html?pid=r_917716859248107","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"172.67.194.102","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/?pid=r_917716859248107","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"title":"WealthRise","dom":{"size":34891,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (29311)","md5":"7186753d83e3462bce65afe5b4ae77bb","sha1":"e4379e8e2e7351ce3d078d62f429811470eba57a","sha256":"b3be50a45fa600520f451c7e21e935ee9c13424abced91974f994c4e3e6ebd77","sha512":"b463b1dbeeb6d697bef22f9194c4be8cbdb8d961b7d8946f255d895a159db9688e0bbf8965bf637d23595c338b0440b09c48de87ae8b6148dc23bc2f12d7a3e4","ssdeep":"768:MQx+Rql2y8lDIXzXtLkUTdnzwH2RYWDaa3zpu7u6Ud+qe59ZnbOXiNv/Bu960BmM:MnRqX8lBgQ5vAD","tlshash":"6ff22c7081671abf529b1de0b0309b6eb5fa934dca23ca4893fe57a12fd6cc5cd91190","dom_hash":"domhash268207b5581bb0470438e34e2dee73a8","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"wealthifse-mshiau.xyz/TDMNBVCXZLKJTD.html?pid=r_917716859248107","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"172.67.194.102","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-29T12:27:48Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-02-15T22:32:42.929582Z","alert_count":0,"request_count":1,"received_data":8600,"sent_data":505,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"www.youtube.com","ip":{"addr":"216.58.211.14","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-02-15","domain_rank":286,"first_seen":"2013-04-13T07:43:20Z","last_seen":"2026-02-15T23:58:40.177238Z","alert_count":0,"request_count":2,"received_data":36975,"sent_data":885,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"wealthifse-mshiau.xyz","ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-11-18","domain_rank":0,"first_seen":"2026-02-22T09:56:11.335294Z","last_seen":"2026-02-22T09:56:11.335294Z","alert_count":68,"request_count":68,"received_data":8207678,"sent_data":32971,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"YouTube","description":"YouTube is a video sharing service where users can create their own profile, upload videos, watch, like and comment on other videos.","website":"https://www.youtube.com","common_platform_enumeration":"","icon":"YouTube.png","categories":["Video players"]}]},{"fqdn":"comeontasktogether.top","ip":{"addr":"172.67.208.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-06-17","domain_rank":0,"first_seen":"2025-10-18T12:56:29.370266Z","last_seen":"2026-02-20T03:06:46.653488Z","alert_count":0,"request_count":2,"received_data":3480,"sent_data":1121,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"log.plausible.space","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-06-11","domain_rank":2218878,"first_seen":"2025-06-27T02:57:24.696629Z","last_seen":"2026-02-22T06:39:54.305083Z","alert_count":0,"request_count":2,"received_data":4175,"sent_data":932,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/assets/useWord-CZffCRsc.js","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"7ef2850babb7762917902d1a8dc9f65d","sha1":"07acac5cba07495952a3f223f82866c25f5c92cb","sha256":"bfb160af732e768653934e4687cbf9cbac36dfc77096631854f00ef917beb6dd","sha512":"388cf9e223dda593f7258f745b23216e093626db455b8163d1b044a9c33fab52985f19fd44bd090b5f199aae32a9314f8712853cc1d47185cec6ac7f2a102fd7","ssdeep":"","tlshash":"70c02b453020caff133f05ee00b84c5443206c04326c6f64f118084b33d10830a67f09","size":142,"data":"","first_seen":"2025-11-21T04:16:31.886206Z","last_seen":"2026-06-01T11:19:27.981112Z","times_seen":102,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/assets/polyfills-BfFgEMPB.js","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"81da2134bfbff64d6f94199eb3b75e4e","sha1":"06d6d75bfe87f400a6c54efa7ca510f28808dcf6","sha256":"f31c699e9ff54b7416a8bb977aa627c5d4980723c485cf89be2766d85d8906c0","sha512":"34e97187f0734d42a8200d6fd9ecf57f9068071227a4403c9b402b8ccffc610df7778db13372d9fba7a4d843a0ad888d059bad8b345aebf31885b8c44585f232","ssdeep":"1536:PoL5BydBjL6nF7mEwax6Az5wFn72MywAs4BxG6hA1rPYR:PoTydhL6Jm4x6ANwFn72MywAsGc2","tlshash":"b7b3e588f6d6f0a243e77064403f100bf23b6d55b81e80a4e766d1e17cb9a4ad17bf69","size":107999,"data":"","first_seen":"2025-12-02T18:05:59.126798Z","last_seen":"2026-02-28T10:01:43.171214Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/?pid=r_917716859248107","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8a721a50c61c92f9abfe8d63f825ee7b","sha1":"d8e59ff6d82b15eadd4cd1fd49a9baef1c3fa177","sha256":"fb95e46456b3cc9a3c9f488e3f8b62fdc2c2314b9d4dffff33391bef134f5c87","sha512":"67af8cad0d127d30ef79bcb73c0fb1ce8dcdf651e29e2f9c5b39a35c632742890cceb5d5a1adecb3b108724dc7105b6f0d4cd35a346cd59d5e971c043c2591f5","ssdeep":"","tlshash":"afe02bb775f4697908a9395f782be6843ca00e714869644029dd44a9e860e938d2adc4","size":400,"data":"","first_seen":"2023-03-14T12:34:09Z","last_seen":"2026-06-03T16:26:29.845562Z","times_seen":328,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/assets/index-DhaLUDKt.js","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e69e19dd710fb773bb12c38b2d4c3c7b","sha1":"8c1de15748354c3bce519321a2377bc47cd55c1c","sha256":"f2f0cb01447020b3f44fbd2676ed00abc2727f0fcefef65edf70134662cde7cc","sha512":"8be6b4cd42f1fa62846abdc89b1de10d0b6d01ef410bfe9f78f6c9c15580ddacd4151938f3730caefd00da6c6071337025c5308c123137a59c9a77d2744d54a0","ssdeep":"49152:tr1x2g1gkVf31jVuVuSwyjvRc+U6TPhxVoBcjwxOQ8WdAD0QrvvxIn0hFZ8vTbH2:dK","tlshash":"2ef56ce813d8f3690996a28716093b3d66d84d39a742c7e15c1d6ede38d2c39423db3e","size":3624557,"data":"","first_seen":"2026-01-16T13:52:28.368736Z","last_seen":"2026-02-28T10:01:43.208687Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/assets/BottomBar-DdPzXLxH.js","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"986f34f51e6e5e25817f972fc6b0ee3b","sha1":"49954f01661713cae8ebe5afb3f4402776dda34d","sha256":"ac69e6d50ff805377f4e4ce70931f449d10249ebb1ccea7a7e7efb384b64da52","sha512":"5fb447cf696bdb443047a1e2068aba5af2f3539c0936678dc19a08477b6012b33edbb8d5ff978aa6217af9c14d1aa45f4875e1d5ad34bf3ce0eec89cab0977fd","ssdeep":"","tlshash":"6c310048e1d6dbbeed6808d55e5d8148300f0fecda2a8892917e1c101764ceab72b79a","size":1786,"data":"","first_seen":"2026-01-16T13:52:28.345739Z","last_seen":"2026-02-28T10:01:43.167996Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/assets/get-default-props-CK3cjgFI.js","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"4fe2c9f68d34a9ea78c94ecf3761ea0e","sha1":"521af5e8e48c55e3e0d236ed49c7de1ff8655c9c","sha256":"7f5993ecd88e48f1fa55c198a53d8a769269dec8f4a8fa06ee4b94860239aaaf","sha512":"8501b9dc000a7374d72cec66d339dad679a51df6f4ded6777b2176aeb0ce095c93a7f2b356facbfb58f1312bc1031d38f52dce4c80e17f14d5569eadae9c3b51","ssdeep":"","tlshash":"bdd02b58628590b8c37000a8503f9418b6b4cb18342e58018698c5e63aa945a9e97a2a","size":263,"data":"","first_seen":"2025-12-02T18:05:59.117215Z","last_seen":"2026-05-09T05:23:38.324354Z","times_seen":16,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/assets/HomeWhy-CwjEXtgN.js","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"ee597e820b59136940a6588cac1329e7","sha1":"73e1cd148af57d86b44dcfcbf7b9e3708a7d086d","sha256":"7abbf1ef47da2283d09a03c51e05e7bba4a7deba31ae7255b940c25c411c31fc","sha512":"46d461bcb67ffe5f8f58b42101f0c64b7a157fbc976a21fba7f40b6a7432d8cc1b24c2c0695b9dbfd8a3436ab187488289b51b70932444b5a6777d84aa840aed","ssdeep":"","tlshash":"2c11e10ce050ebbde92a2cf05d9e7444b41a0f6ddb1d8d61506919320f646d4ef1eba6","size":1097,"data":"","first_seen":"2026-01-16T13:52:28.332904Z","last_seen":"2026-02-28T10:01:43.16325Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/assets/HomePage-CLKHVGo3.js","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"83dfb4105434d91f42e9b6ba615358a9","sha1":"4ae157fa946aa38df5cef93c05e0ab99b47aa0b8","sha256":"0e4cd278945a104aab8e2a021b38cf91478653ef902ba4a3a54b97af3d740de3","sha512":"69ae8196df9cc4c963d251885d404029f0b1249528f838f200637bc1880a52acc10d2e3512b53bf22d19cda75959539c32599f1cc4459a74cc99339a4eb705a7","ssdeep":"1536:msZ6POpyR9zf3jr38HXweRYqotVl44kwCbTJQzO0p8QGJDv6:76PNJ/5t04kwCbTJQzO0pXGJDv6","tlshash":"3b931bc57052f86a86eb04e2417f0206b23a1e98780d8458f57cacd93e6544af7bff79","size":96862,"data":"","first_seen":"2026-01-16T13:52:28.331773Z","last_seen":"2026-02-28T10:01:43.173489Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.youtube.com/iframe_api","fqdn":"www.youtube.com","domain":"youtube.com","tld":"com"},"ip":{"addr":"216.58.211.14","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"97a94e32911418b7acdec39e93b86db8","sha1":"179ec41129f484f1cff3556c31bf3c23d94ed9fb","sha256":"486d76bf58cd47d380dc4f138a02ad134947f03e2fd334ac6c7f5957181970d2","sha512":"7926b234e154d63c987ffd3003b28339d26795b7300852214b4692b4a5c30833bfc056da4397cd460d77510226a1a4fe634fae8e81bb92c331643371ee1ac6fc","ssdeep":"","tlshash":"a111cb7b3d80e6398658a4e4a03fd31cb1a224957850dd9110cee889e65cbca9e3d5ac","size":993,"data":"","first_seen":"2026-02-18T12:32:48.904619Z","last_seen":"2026-02-24T17:21:47.34189Z","times_seen":1864,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/?pid=r_917716859248107","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4a6cf21f6e21c0f54c7220c807399231","sha1":"6c19165b0448d461c6552fabd4fa7e4a8e522173","sha256":"540f0eda101da28076f3c129493ac62e5ef3dd08a46d653dc30a1e6cefd06989","sha512":"d72d6cb2aa7ceb2e512e8668deb283df02258a01b9c8433b1f8cfd38ba2c9ac5601dc171e5c46feebf218da972c4d568ee3c8e1d190b9ae1ebf81e617c4309ed","ssdeep":"","tlshash":"70c02b0b42d84ba94e64b01fdf2e6d30a53009c74d025703782c76640829626070fdc0","size":140,"data":"","first_seen":"2024-05-12T00:25:45Z","last_seen":"2026-06-02T21:08:29.349715Z","times_seen":493,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.youtube.com/s/player/4c5cf06a/www-widgetapi.vflset/www-widgetapi.js","fqdn":"www.youtube.com","domain":"youtube.com","tld":"com"},"ip":{"addr":"216.58.211.14","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e52aa0ebc4c3eaec9b5dc3fb189816ad","sha1":"deee2067e9e36617f997fb3be3788432b87129a7","sha256":"e9abd0d74c5ecca848c706e3f94780a00efc33f66f1a7971ded040458851fd69","sha512":"c1274aa8cacaa39f2724cdbc73acff36088115445878ed95e4fa62553cfd35475d5db1266b5dafd3e71fc8fb645baa6837f84de0478bee8848cd8e1969b94099","ssdeep":"384:LZ9f+ec30st6d53jPj6ANwSYpBZKjTfPXRbiNu44mHQP4Ia3zPw5BWngmurjtF4x:LGMws5vZqjQj7BO4G3IaIgurjtcG12","tlshash":"0ce2c6cdbbb1b4314373a5f5902f100fb23e586eb4088999b284d8e16cf59694627f7d","size":32131,"data":"","first_seen":"2026-01-29T12:44:11.570685Z","last_seen":"2026-06-01T13:30:55.172175Z","times_seen":25161,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/TDMNBVCXZLKJTD?pid=r_917716859248107","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6318c31b5848f37bc19d93ba21e2c81e","sha1":"c71fa1926df683e43b1da7619adba0d37539f604","sha256":"23c4451d2fc88581f7195ef0665aa686dd0daed279224f234226af6b78a6ed6c","sha512":"876e088a03d54e98b38c77f1e641856de6574a16f0e85557c33e272c913dd6e6e615e47ee9152bff43d3f830beddda1185a3de0340b066bddc75aa827b7216ad","ssdeep":"","tlshash":"94b012c90012020031f1b442cf43728030a700fb3404f00c6a20c2485ae538fc21f9cd","size":95,"data":"","first_seen":"2025-10-18T12:56:38.908051Z","last_seen":"2026-06-01T11:19:28.061094Z","times_seen":30,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"88a769d2fe35899fd45a332a0a032cc0","sha1":"514c6c1d8475d17e412849a4c90159517d0fa10a","sha256":"ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142","sha512":"756cc5cd029fc4adc9100d0da2f2b0efb3df0f2bf894fba2824019832fea594edd40a238a5ffacc205572cc0155f5632d70f54e37edc0772460f44c69cb76ab8","ssdeep":"192:3dArCS2Z+j/yQ9TCQxUhW2DPY808LE676SbHDc/7uN0VZG05w:NHSG+j/y2xa3bn7Q+0a0O","tlshash":"7442b79c7e95ba30079b91b1a17ff30f6276605a640bc0a0b05ddcd1a878d8d192bf75","size":12332,"data":"","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-06-03T17:45:43.622788Z","times_seen":111646,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/assets/tslib.es6-CkLbZ6h7.js","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"6728506e6dcd6dba1245c82078b5db27","sha1":"15ae32c6e83051e125ad4ced778720a94adc3b44","sha256":"e07121df8b1a960f410cf7cb6aae2be56281ff96749271107b919a760a3ec351","sha512":"a1b5a3d5019f40f899b564dc3d1db35fd99de722adc9429848889aed11ef017bac6055d7b9dc3aa248ff114ced0bcd53eaca5a9e4054422ebdecd225a12b5088","ssdeep":"","tlshash":"66e027943620aeb110af04c1102da886a62a6538d5b5a5903a1486b1009146a550eab7","size":435,"data":"","first_seen":"2026-01-16T13:52:28.34481Z","last_seen":"2026-02-28T10:01:43.154559Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"88a769d2fe35899fd45a332a0a032cc0","sha1":"514c6c1d8475d17e412849a4c90159517d0fa10a","sha256":"ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142","sha512":"756cc5cd029fc4adc9100d0da2f2b0efb3df0f2bf894fba2824019832fea594edd40a238a5ffacc205572cc0155f5632d70f54e37edc0772460f44c69cb76ab8","ssdeep":"192:3dArCS2Z+j/yQ9TCQxUhW2DPY808LE676SbHDc/7uN0VZG05w:NHSG+j/y2xa3bn7Q+0a0O","tlshash":"7442b79c7e95ba30079b91b1a17ff30f6276605a640bc0a0b05ddcd1a878d8d192bf75","size":12332,"data":"","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-06-03T17:45:43.622788Z","times_seen":111646,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"log.plausible.space/js/script.js","fqdn":"log.plausible.space","domain":"plausible.space","tld":"space"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b7b61c8ea52fe5ad1c778b6423c9b1e6","sha1":"96395022474cce70ed2c8c6c0376c36d26040d13","sha256":"91bda7309b059f33f21531717082b701d20fafbd5493c838029e942952018dd2","sha512":"a70cf48c4b472d264545840b5922119ab8b1523f295905c8484f8c1c36ea4b953c6f4d5bf605bc640390a355a2e5a3e97201fcc7da988f168a54f88e589f706b","ssdeep":"","tlshash":"e651916a7e41f53889b8e273622f332636373623752444020128dac23d24babc3a6dcc","size":2618,"data":"","first_seen":"2025-04-10T18:50:57.878891Z","last_seen":"2026-06-03T17:45:03.868295Z","times_seen":1424,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/assets/get-default-props-CK3cjgFI.js","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.377Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /assets/get-default-props-CK3cjgFI.js HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/assets/HomePage-CLKHVGo3.js\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5iboT8aXJDSfr%2BcvoeTb2AgtDtZRqc%2Bp5tGZJR5Q%2FPnMIV24XR7bBADqXzJl0rFY7wfYmibCmAggGb90vVP9V63dvq2rWzw5befEXgijNwZ6SYezrA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"86625779b8866ef09bfbf0033113a738\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\ncf-ray: 9d1e7a3b9f7c370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":263,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"4fe2c9f68d34a9ea78c94ecf3761ea0e","sha1":"521af5e8e48c55e3e0d236ed49c7de1ff8655c9c","sha256":"7f5993ecd88e48f1fa55c198a53d8a769269dec8f4a8fa06ee4b94860239aaaf","sha512":"8501b9dc000a7374d72cec66d339dad679a51df6f4ded6777b2176aeb0ce095c93a7f2b356facbfb58f1312bc1031d38f52dce4c80e17f14d5569eadae9c3b51","ssdeep":"","tlshash":"bdd02b58628590b8c37000a8503f9418b6b4cb18342e58018698c5e63aa945a9e97a2a","first_seen":"2025-12-02T18:05:59.117215Z","last_seen":"2026-05-09T05:23:38.324354Z","times_seen":16,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/assets/useWord-CZffCRsc.js","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.381Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /assets/useWord-CZffCRsc.js HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/assets/HomePage-CLKHVGo3.js\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fouUCtGDVvIyjUTGegcQT0gob8omo2Tok4e9PJyERFrndIi9qu9qIIhq%2BY4jaZm7g1fQnzhqkdG74krKPMd%2FsJkOyXlpj5VeXagZv3cqT%2BDy0I9DrA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"8c1c5e508076c8baaa66cd9b0063a30f\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\ncf-ray: 9d1e7a3baf80370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":142,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"7ef2850babb7762917902d1a8dc9f65d","sha1":"07acac5cba07495952a3f223f82866c25f5c92cb","sha256":"bfb160af732e768653934e4687cbf9cbac36dfc77096631854f00ef917beb6dd","sha512":"388cf9e223dda593f7258f745b23216e093626db455b8163d1b044a9c33fab52985f19fd44bd090b5f199aae32a9314f8712853cc1d47185cec6ac7f2a102fd7","ssdeep":"","tlshash":"70c02b453020caff133f05ee00b84c5443206c04326c6f64f118084b33d10830a67f09","first_seen":"2025-11-21T04:16:31.886206Z","last_seen":"2026-06-01T11:19:27.981112Z","times_seen":102,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/imgs/Home/star.webp","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.458Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /imgs/Home/star.webp HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\ncontent-encoding: br\r\ncontent-type: image/webp\r\netag: W/\"828dbc4f321bb012f94cd1f4eeb150cd\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AuuaeNqykDN6EHYFWkA2li80kgjaUQ%2FGWhsY3ULP03vj3nwzrk8a5DegSvfxQvh035dX18ledXsN7fASwY4ZQq3wliVwSe9KRphjdmfX3oWZZLelVw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\ncf-ray: 9d1e7a3c2f91370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":880,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"721e9998cb8f1087c961092004399c8a","sha1":"b6cba4a6d3868389434e2057f56cc4ee5d50f6da","sha256":"28f941c1fd529189e0086abed2b7881460b38063255c3e0b7895e900777bfec2","sha512":"6de7c103468485176d397069d070d283f3395424e6106e66ffc81600d27b4b4448fafe18b79d741f0f85fa4e3215f9934fdf5f7c576824dd49343b04450a3cf9","ssdeep":"","tlshash":"da119678ee48987fc59caf348f3813b709111ad09672ca07837655543b112d028bdb69","first_seen":"2025-12-02T18:05:59.103082Z","last_seen":"2026-05-09T05:23:38.293094Z","times_seen":18,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/assets/GeneralSans-Bold-BWHD35xo.otf","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.519Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /assets/GeneralSans-Bold-BWHD35xo.otf HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/assets/index-DWsLYg7B.css\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\ncontent-type: font/otf\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QBZB%2BkQu96MgVVoncCwSK%2BTWTBDsON6lr5z1o0biflni%2BRdQqpeqY949C5CM%2B4gTkTadzpct9%2FJzVP21%2B16FAfMLAFuGfQGHpLxNS%2Bk0M086AWk9MHprNJh2nDL%2BgFyfWA%3D%3D\"}]}\r\netag: W/\"4f43dc2beb93592c65b11680455cdd8d\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\nage: 247973\r\ncf-ray: 9d1e7a3c8fa8370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":43260,"size_decoded":0,"mime_type":"font/otf","magic":"OpenType font data","md5":"398fa49258135c6cefe9383eb0cb19e7","sha1":"7c66f9cd8c3240fde8504746b849217901adfea1","sha256":"88bff1f629ba18f1342250753648b9e74196b8a2229fbf2f53d602d787fd23fc","sha512":"dedd6a08758030adf38d24af7f055ad3584be51cc15cad70a126878abce216dc79f7810386459471b7c57483f923a2764163a31c6931b924c938d513bf9d3193","ssdeep":"768:daS3H79vZp3MeJ8aBG4U1lwLMZVCLu/N3ETWaDNfkuIFF3Ejz3MPuoQMivbFy+:dR379vZp3MeJDiwL0cL6aRfkuzz3MPuz","tlshash":"ee13089a3a077345d112f6384db79734db30fa244ff99a4a51ba49ba5c9c2870d33393","first_seen":"2023-07-24T14:56:47Z","last_seen":"2026-06-01T11:19:28.021428Z","times_seen":189,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"comeontasktogether.top/api/v1/user/detail?d=wealthifse-mshiau.xyz","fqdn":"comeontasktogether.top","domain":"comeontasktogether.top","tld":"top"},"ip":{"addr":"172.67.208.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.644Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"comeontasktogether.top","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sun, 08 Feb 2026 18:09:42 GMT","end":"Sat, 09 May 2026 18:16:59 GMT"},"fingerprint":{"sha1":"4A:0C:4A:55:D8:EF:C2:D9:20:4E:FA:52:02:4E:1F:0F:F8:5B:D7:35","sha256":"18:74:ED:D5:B9:01:F4:AB:F7:C7:03:E9:AE:6B:26:06:56:B9:9C:4A:54:DD:81:87:FF:79:C6:23:B4:29:D5:CB"}}},"request":{"raw":"OPTIONS /api/v1/user/detail?d=wealthifse-mshiau.xyz HTTP/1.1\r\nHost: comeontasktogether.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: code,lang\r\nReferer: https://wealthifse-mshiau.xyz/\r\nOrigin: https://wealthifse-mshiau.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 22 Feb 2026 12:27:26 GMT\r\ncontent-type: text/html;charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://wealthifse-mshiau.xyz\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: code,lang\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=D1lmNkGjLCSN4xYMm99napZ0a19k3Yv8xsdhzz2zdHwAcI3JJc8dlbXeLhVGzkazqV57PdnuVTkXfbLD9Xvq%2F0mjpqxdr758fTEPXMCFPnk59%2BANOaY%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9d1e7a3ddc62e07c-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-03T17:55:46.471571Z","times_seen":16085743,"resource_available":true,"data":null}},"time_used":581,"timings":{"blocked":82,"dns":65,"connect":8,"send":0,"wait":393,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/assets/useWord-CZffCRsc.js","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.185Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /assets/useWord-CZffCRsc.js HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-type: application/javascript\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fouUCtGDVvIyjUTGegcQT0gob8omo2Tok4e9PJyERFrndIi9qu9qIIhq%2BY4jaZm7g1fQnzhqkdG74krKPMd%2FsJkOyXlpj5VeXagZv3cqT%2BDy0I9DrA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"8c1c5e508076c8baaa66cd9b0063a30f\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\ncf-ray: 9d1e7a3a6f4e370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":142,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"7ef2850babb7762917902d1a8dc9f65d","sha1":"07acac5cba07495952a3f223f82866c25f5c92cb","sha256":"bfb160af732e768653934e4687cbf9cbac36dfc77096631854f00ef917beb6dd","sha512":"388cf9e223dda593f7258f745b23216e093626db455b8163d1b044a9c33fab52985f19fd44bd090b5f199aae32a9314f8712853cc1d47185cec6ac7f2a102fd7","ssdeep":"","tlshash":"70c02b453020caff133f05ee00b84c5443206c04326c6f64f118084b33d10830a67f09","first_seen":"2025-11-21T04:16:31.886206Z","last_seen":"2026-06-01T11:19:27.981112Z","times_seen":102,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/imgs/Home/fire.svg","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.464Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /imgs/Home/fire.svg HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Rs7bf0Cu0Ve%2B0WPB8vDbZkPoGVufn0hAGjJXc1tA%2FV%2BEsbIefx9bVQSEMkasbquW8MX5HRTRvoEQ1gmIks1rH0CtrQZAQ02lW5D6rHZ6sGiNfq2Q3w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"50c8fa942e8daa0c042779b7fb0df434\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\ncf-ray: 9d1e7a3c2f97370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":655,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"48265d34de039a12e47480e945836069","sha1":"304e55e774d81e2e55ce0ba7cb96beb81993bad6","sha256":"b93d0757e25c8ea28d0b0b6ae519cc8bb4f8a300f29a324d1ba3ba39f364767b","sha512":"abc93bcf3fae4a2014e0b7e783e45a342a1b2c05ee8b1377f678b065dead983a6e022ffa3459fc3f59fd0b3541d975b5609f862411790825f8f9ceaa15415255","ssdeep":"","tlshash":"2cf0fea8424819dec61fcb05261a7485771f10a6ea40847de66215318447c72793aedc","first_seen":"2025-12-02T18:05:59.105459Z","last_seen":"2026-05-09T05:23:38.284159Z","times_seen":16,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/assets/GeneralSans-SemiBold-DQ6WvPG1.otf","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.512Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /assets/GeneralSans-SemiBold-DQ6WvPG1.otf HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/assets/index-DWsLYg7B.css\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\ncontent-type: font/otf\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8KHjP565vvutEtrJD%2FHnaL3PVSxJwBHYhGzbFsHppRO15AmN4DaJcevF%2FC7CT%2BI72TUAzCgRaIIVCT6FezAeuVqyaMEEgIIXmGh%2Bo4iQnDTEPSrikiChjx3vUz6zJhofGw%3D%3D\"}]}\r\netag: W/\"6e5c3fe0b267256ccc36c6abe538c5ce\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\nage: 247973\r\ncf-ray: 9d1e7a3c7fa4370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":46640,"size_decoded":0,"mime_type":"font/otf","magic":"OpenType font data","md5":"858d81205b791170eaf0bc30c2ec7bc5","sha1":"24d398d7f5e7ebc4ba9488552455b79d38e17221","sha256":"6ad3ed9661df911b511135f494805704dea322dc2ae10a9620764f56df39c30b","sha512":"dfb54d625efbed4ff9c81d82ce48526d3df02513b77b624bd0a7bb9ac5dce5e7a5d11da88ec2b2751347d1f1540cea7dc412beaeb1997ca81b3b816756b09351","ssdeep":"768:t3E79vZp3MeJ81ARlwRaNS2dszB0zdXnaB96y//dwy4dkEzQDYU+3qeQNzvwRJzq:t079vZp3MeJrvwYNKKzdXaB960+kEzQp","tlshash":"62236c82fb4a4702d153bb348cb6d338c732ba248bbe634b657967755d0d0c65ea26c3","first_seen":"2023-05-26T17:06:12Z","last_seen":"2026-06-01T11:19:28.039267Z","times_seen":224,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/imgs/Home/fire.svg","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.599Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /imgs/Home/fire.svg HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Rs7bf0Cu0Ve%2B0WPB8vDbZkPoGVufn0hAGjJXc1tA%2FV%2BEsbIefx9bVQSEMkasbquW8MX5HRTRvoEQ1gmIks1rH0CtrQZAQ02lW5D6rHZ6sGiNfq2Q3w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"50c8fa942e8daa0c042779b7fb0df434\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\ncf-ray: 9d1e7a3cffba370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":655,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"48265d34de039a12e47480e945836069","sha1":"304e55e774d81e2e55ce0ba7cb96beb81993bad6","sha256":"b93d0757e25c8ea28d0b0b6ae519cc8bb4f8a300f29a324d1ba3ba39f364767b","sha512":"abc93bcf3fae4a2014e0b7e783e45a342a1b2c05ee8b1377f678b065dead983a6e022ffa3459fc3f59fd0b3541d975b5609f862411790825f8f9ceaa15415255","ssdeep":"","tlshash":"2cf0fea8424819dec61fcb05261a7485771f10a6ea40847de66215318447c72793aedc","first_seen":"2025-12-02T18:05:59.105459Z","last_seen":"2026-05-09T05:23:38.284159Z","times_seen":16,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/imgs/Home/rocket.svg","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.596Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /imgs/Home/rocket.svg HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gfYwB5Oqm0FzfqtJxxCmu4S9vp7v%2F70D%2F9TUDIq5oqflGrKp%2Bm5wNQNLZ9%2FzGHy881otdkoHt4I6ZhSFk2UWa7kXtls%2Bm8WKC6vBDvUeaIiAI5Xysg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"13791b44137942212d9cb3a4d00d6104\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\ncf-ray: 9d1e7a3cffb8370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1006,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"df580f5f2c933dfd1cf16bbf295cb84e","sha1":"cffc6d5ae2cd456e73627e36c0597e511e4aa209","sha256":"8f36e69108045cd76b278980ba58a330e32402d447ff701a7f2252418c75d359","sha512":"59d1ac057de1ffd6a26f8fbe5bf2e579713f71cbe62b38c7d8f8d6c7a9d3a9eb20b0f5c88629c073fb8ef9253ef181e90358b105b01e21ceb8bc1acb122ba1ee","ssdeep":"","tlshash":"6411abe4824842acea0d1cdada1b589173ee98b2fd5440d4cd9f14a2d1574b1d9038ec","first_seen":"2025-12-02T18:05:59.130704Z","last_seen":"2026-05-09T05:23:38.282515Z","times_seen":16,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/assets/polyfills-BfFgEMPB.js","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:24.503Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /assets/polyfills-BfFgEMPB.js HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wyPUMrdkajhMJAqw%2F0KwYUn5OpILpFnihRT%2BKees0S%2FXxToyGZ1tzkOPKPbBWDxAfhMesAKUGLZ2Bpzz%2BgpW2R3GkFHE7RSoEvW6aekfEnEsHQ7cySQsYL7ppPozkFZJeQ%3D%3D\"}]}\r\netag: W/\"aed3195a92b41219942cf971217c8bf9\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ndate: Sun, 22 Feb 2026 12:27:24 GMT\r\nage: 247992\r\ncf-ray: 9d1e7a362dfe370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":107999,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (59764), with NEL line terminators","md5":"81da2134bfbff64d6f94199eb3b75e4e","sha1":"06d6d75bfe87f400a6c54efa7ca510f28808dcf6","sha256":"f31c699e9ff54b7416a8bb977aa627c5d4980723c485cf89be2766d85d8906c0","sha512":"34e97187f0734d42a8200d6fd9ecf57f9068071227a4403c9b402b8ccffc610df7778db13372d9fba7a4d843a0ad888d059bad8b345aebf31885b8c44585f232","ssdeep":"1536:PoL5BydBjL6nF7mEwax6Az5wFn72MywAs4BxG6hA1rPYR:PoTydhL6Jm4x6ANwFn72MywAsGc2","tlshash":"b7b3e588f6d6f0a243e77064403f100bf23b6d55b81e80a4e766d1e17cb9a4ad17bf69","first_seen":"2025-12-02T18:05:59.126798Z","last_seen":"2026-02-28T10:01:43.171214Z","times_seen":8,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wealthifse-mshiau.xyz/TDMNBVCXZLKJTD?pid=r_917716859248107","date":"2026-02-22T12:27:24.281Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/TDMNBVCXZLKJTD?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript\r\nexpires: Sun, 22 Feb 2026 13:15:24 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yfRyE%2Fw%2BH6tuE8oR33USkaXtGVYpb884my8%2BFHsET4NLUG%2Flf%2BgiEOXhagbHLiIxL0diLZsetGm%2B7OKr0c01RpDF49SdnHP5P3XpSWdDeGkD%2BtXjpA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncontent-encoding: br\r\nserver: cloudflare\r\ndate: Sun, 22 Feb 2026 12:27:24 GMT\r\ncf-ray: 9d1e7a34cdc7370a-ARN\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12332,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (12331)","md5":"88a769d2fe35899fd45a332a0a032cc0","sha1":"514c6c1d8475d17e412849a4c90159517d0fa10a","sha256":"ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142","sha512":"756cc5cd029fc4adc9100d0da2f2b0efb3df0f2bf894fba2824019832fea594edd40a238a5ffacc205572cc0155f5632d70f54e37edc0772460f44c69cb76ab8","ssdeep":"192:3dArCS2Z+j/yQ9TCQxUhW2DPY808LE676SbHDc/7uN0VZG05w:NHSG+j/y2xa3bn7Q+0a0O","tlshash":"7442b79c7e95ba30079b91b1a17ff30f6276605a640bc0a0b05ddcd1a878d8d192bf75","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-06-03T17:45:43.622788Z","times_seen":111646,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"log.plausible.space/js/script.js","fqdn":"log.plausible.space","domain":"plausible.space","tld":"space"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:24.489Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"plausible.space","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Mon, 02 Feb 2026 19:06:40 GMT","end":"Sun, 03 May 2026 19:14:00 GMT"},"fingerprint":{"sha1":"37:37:28:AC:59:F8:B0:0B:30:86:17:75:D1:F3:2D:33:2C:EC:97:14","sha256":"89:16:88:4F:DC:30:DA:87:BF:B4:83:5A:09:9D:D1:D6:B8:AA:E8:BC:B5:C1:A2:AE:4D:EE:02:46:5C:12:74:F2"}}},"request":{"raw":"GET /js/script.js HTTP/1.1\r\nHost: log.plausible.space\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 22 Feb 2026 12:27:24 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400, must-revalidate\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncontent-encoding: gzip\r\nage: 15365\r\ncf-cache-status: HIT\r\nlast-modified: Sun, 22 Feb 2026 08:11:18 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MEQ0qcEtcxHNZLdnkAA%2BAdSiJAMPx7hKRknjBg6JN%2FdkwzkRu8nz5LWTOM%2Fa2y6fNMvjgyiGWOdGiqJdqujCdrVOQft9qp%2F0h%2FU4mT2syXBGUT8%3D\"}]}\r\ncf-ray: 9d1e7a368fcd516a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2618,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2618), with no line terminators","md5":"b7b61c8ea52fe5ad1c778b6423c9b1e6","sha1":"96395022474cce70ed2c8c6c0376c36d26040d13","sha256":"91bda7309b059f33f21531717082b701d20fafbd5493c838029e942952018dd2","sha512":"a70cf48c4b472d264545840b5922119ab8b1523f295905c8484f8c1c36ea4b953c6f4d5bf605bc640390a355a2e5a3e97201fcc7da988f168a54f88e589f706b","ssdeep":"","tlshash":"e651916a7e41f53889b8e273622f332636373623752444020128dac23d24babc3a6dcc","first_seen":"2025-04-10T18:50:57.878891Z","last_seen":"2026-06-03T17:45:03.868295Z","times_seen":1424,"resource_available":true,"data":null}},"time_used":164,"timings":{"blocked":72,"dns":23,"connect":11,"send":0,"wait":15,"receive":0,"ssl":39},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/imgs/Home/star.webp","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.594Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /imgs/Home/star.webp HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\ncontent-encoding: br\r\ncontent-type: image/webp\r\netag: W/\"828dbc4f321bb012f94cd1f4eeb150cd\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AuuaeNqykDN6EHYFWkA2li80kgjaUQ%2FGWhsY3ULP03vj3nwzrk8a5DegSvfxQvh035dX18ledXsN7fASwY4ZQq3wliVwSe9KRphjdmfX3oWZZLelVw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\ncf-ray: 9d1e7a3cffb7370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":880,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"721e9998cb8f1087c961092004399c8a","sha1":"b6cba4a6d3868389434e2057f56cc4ee5d50f6da","sha256":"28f941c1fd529189e0086abed2b7881460b38063255c3e0b7895e900777bfec2","sha512":"6de7c103468485176d397069d070d283f3395424e6106e66ffc81600d27b4b4448fafe18b79d741f0f85fa4e3215f9934fdf5f7c576824dd49343b04450a3cf9","ssdeep":"","tlshash":"da119678ee48987fc59caf348f3813b709111ad09672ca07837655543b112d028bdb69","first_seen":"2025-12-02T18:05:59.103082Z","last_seen":"2026-05-09T05:23:38.293094Z","times_seen":18,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/imgs/nav/video.svg","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.638Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /imgs/nav/video.svg HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HjOZgJCq5VDyXau9ldV7rU7%2FwNG0gl%2FxmZtu9LKvur4JspTbGcqClJorBxDwvclP5ecqIVBUP%2FWLouXyb9JIZ06rAl1yw4sMFdHetzklF4qku7xPBw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"7e3a8c7c86065a9f647e532375cd8f8a\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\ncf-ray: 9d1e7a3d3fc8370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":770,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e882d4b7e106ae497a2ea26677a3f8d4","sha1":"6e6901de7a336397fb3d931c71d9a3ce22bfe0d2","sha256":"6d86773f7212e0b3ccbb931bed7a7fcef983ad2e3664f715db5a4c6c8051024e","sha512":"30d9435d934181de21aa69f7b9064e8e48245172ecae5443138c44936b925b1aee7295b9bfe6418ba595c26113266a742aacca6b1e805339065ecd4a3640d92c","ssdeep":"","tlshash":"6e01bd84c3ac52d8c28e83eb6a78b42c712da6c25515457cdaa54a2ee453cf81eacc56","first_seen":"2025-12-02T18:05:59.134651Z","last_seen":"2026-05-09T05:23:38.298703Z","times_seen":16,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/currencyCode.json","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:26.424Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /currencyCode.json HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\ncontent-type: application/json\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=00%2BZ8sc9374%2Fu%2FC2Kx4qrI7MB0ihVhpofkM%2BOrt1Ynq3vPWIxB6IP9ClVnk36z%2Bi4jSDYGzyT7vz8InNhrjBbeGs7nb1Y2ilUnePR31KrBomHM4%3D\"}]}\r\netag: W/\"cdb533d179c10e2e2a900265cdcdc5ef\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ndate: Sun, 22 Feb 2026 12:27:26 GMT\r\nage: 333628\r\ncf-ray: 9d1e7a4238ae370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":34453,"size_decoded":0,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"96f59a2617db9c318050b99bab5eec21","sha1":"b6d7d827c1609632d3e9879e0f333e4dce3c7de8","sha256":"3e13666dc5721d2eeda2e9241de6645a758058d32074504d133696feaf078ad5","sha512":"ee6ead783bf7d5f8ebd424f09cda486299f2e43ed10c6578f96643eb3f50f2e0702be0b3d4526cdc43bc20a5e3824f5267fff284675712dfe080aaee8729ad05","ssdeep":"192:5ELx3HMZ5m9fUtwawjTO4Rm7GiUlMim0L:50Lx9290L","tlshash":"f6f2c56bd0994c9ba8b2b367714a1615f036932f2682084f79fc466c1ff3dba5102f6d","first_seen":"2025-09-08T01:23:12.568113Z","last_seen":"2026-06-01T18:38:20.530225Z","times_seen":218,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/assets/HomeWhy-CwjEXtgN.js","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.187Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /assets/HomeWhy-CwjEXtgN.js HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-type: application/javascript\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4ph4RaUCCZKyqt55JcBUA%2BYO4mixFaJUzYhUvmjpHqmHjn6ZfmHEdkfuP1CErfECpmFrp4bj3oHYvKlS66DETdq0DRj9Mpe5kgS2Sdh01qJN89m9IA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"368ddf220e6b6a6f9fee29722223ad95\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\ncf-ray: 9d1e7a3a6f4f370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1097,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (1095)","md5":"ee597e820b59136940a6588cac1329e7","sha1":"73e1cd148af57d86b44dcfcbf7b9e3708a7d086d","sha256":"7abbf1ef47da2283d09a03c51e05e7bba4a7deba31ae7255b940c25c411c31fc","sha512":"46d461bcb67ffe5f8f58b42101f0c64b7a157fbc976a21fba7f40b6a7432d8cc1b24c2c0695b9dbfd8a3436ab187488289b51b70932444b5a6777d84aa840aed","ssdeep":"","tlshash":"2c11e10ce050ebbde92a2cf05d9e7444b41a0f6ddb1d8d61506919320f646d4ef1eba6","first_seen":"2026-01-16T13:52:28.332904Z","last_seen":"2026-02-28T10:01:43.16325Z","times_seen":5,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/assets/get-default-props-CK3cjgFI.js","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.188Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /assets/get-default-props-CK3cjgFI.js HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-type: application/javascript\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5iboT8aXJDSfr%2BcvoeTb2AgtDtZRqc%2Bp5tGZJR5Q%2FPnMIV24XR7bBADqXzJl0rFY7wfYmibCmAggGb90vVP9V63dvq2rWzw5befEXgijNwZ6SYezrA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"86625779b8866ef09bfbf0033113a738\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\ncf-ray: 9d1e7a3a6f52370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":263,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"4fe2c9f68d34a9ea78c94ecf3761ea0e","sha1":"521af5e8e48c55e3e0d236ed49c7de1ff8655c9c","sha256":"7f5993ecd88e48f1fa55c198a53d8a769269dec8f4a8fa06ee4b94860239aaaf","sha512":"8501b9dc000a7374d72cec66d339dad679a51df6f4ded6777b2176aeb0ce095c93a7f2b356facbfb58f1312bc1031d38f52dce4c80e17f14d5569eadae9c3b51","ssdeep":"","tlshash":"bdd02b58628590b8c37000a8503f9418b6b4cb18342e58018698c5e63aa945a9e97a2a","first_seen":"2025-12-02T18:05:59.117215Z","last_seen":"2026-05-09T05:23:38.324354Z","times_seen":16,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/imgs/logo.png","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.632Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /imgs/logo.png HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\ncontent-encoding: br\r\ncontent-type: image/png\r\netag: W/\"67f96cb6cb3d8298892c7d96f9299bee\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3t3%2BYU81FRgs2W2HUfKrGji2JRiOQz%2FWivPNsQoBAXnEEZGe6ffSt7jV%2BKWeg3QC3vvZEj6qxqVmFqM7lM0Zf19RqAHuTxtOqRS%2F9jkErZ1I49n9LA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\ncf-ray: 9d1e7a3d2fc3370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":38884,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1805 x 314, 8-bit colormap, non-interlaced","md5":"c0a7f8ffa5e0227b3ac24fffa74d7a0b","sha1":"2cdc3fd19288177119d74049b7e6bf1db72f6aa4","sha256":"a4584bde15929bce7322416026f980636de7de5d4c7b807372dbea1e60c9afbd","sha512":"21eaeffc8eada0effa79ad488ab04ed94bea5c7c650bcf5269083cc916b8b7a0badd646465415a0e623774b4812dfd6a6330fa770fad8ddcb638c013bc42b6f3","ssdeep":"768:hWZR/bsTZZRBwgWPb9viLw2cBsn9PvRj24cBtBnxfwu02QK20d/pB6QBJ:wZR/g1fSVNuYs9Pv048tJxfDLxrv","tlshash":"e603f2fd41bf0fbfe2a09219d9003d7948663f48fe95664c77603a268070677b79049b","first_seen":"2025-12-02T18:05:59.120842Z","last_seen":"2026-06-02T17:50:06.51219Z","times_seen":25,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/imgs/Home/video.svg","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:26.581Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /imgs/Home/video.svg HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=weS6ekX%2FZrIpTeNud4uL6%2B%2BykPYem%2F8SfwLiFSqu1EIis6iT4xmKpjltRhV6hefaVxcsMYo3wp7KaXTQl29XZ5L03%2FRhS%2BB3XdymoMeOq7bN%2B1A%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"1b13baa093bb9fbf0938cf13daa663ba\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ndate: Sun, 22 Feb 2026 12:27:26 GMT\r\ncf-ray: 9d1e7a4328eb370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":943,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1ba278ec9ff989859cb0c0b0e1e46762","sha1":"215c91ffc54554a79eae1d93c1f33279e2032b4d","sha256":"c8183fd8f9603a6fd2b67562d166687852703444bbba747b90f3d17187929e0a","sha512":"41f0ff0c0434d4d9d88fb9cf7b6329b0392f843d1a73887aca6052a9ca5a0f1f5f88fe2eecb5f4e7e1c6d8a663f7bde5b32167a10d48cbf209d7d761cd265157","ssdeep":"","tlshash":"e4115bb01108b32d101e171bd52575df2f49752df68009eca0d91c78e8a28589d79d6e","first_seen":"2025-12-02T18:05:59.10779Z","last_seen":"2026-05-09T05:23:38.289892Z","times_seen":16,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/favicon.ico","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wealthifse-mshiau.xyz/TDMNBVCXZLKJTD?pid=r_917716859248107","date":"2026-02-22T12:27:24.317Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/TDMNBVCXZLKJTD?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-03T17:55:46.471571Z","times_seen":16085743,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/assets/index-DWsLYg7B.css","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:24.438Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /assets/index-DWsLYg7B.css HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-type: text/css; charset=utf-8\r\npriority: u=2,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JQi%2F%2FoRhEQr3%2BuBCODu%2FgSnrj68c1kWqyqgPn54n28yf04RHt6LzZhoDDZLeDU4YMOpFhnjkLHmmLCt0AT4Gyhqlh7CdCWptgZX4EhoNxffHA0yKDg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"868531e8a3de464577ee5eb1c802996a\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ndate: Sun, 22 Feb 2026 12:27:24 GMT\r\ncf-ray: 9d1e7a35cdf3370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48813,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (48812)","md5":"e8611cd6776150b36ec655b42b1eb23e","sha1":"31c12c8b652f230a02570e2ebb03c42c1ed93add","sha256":"681dc4bd41ee33912732a65be77274d22ebdc145c91bf8d721419f943f511061","sha512":"3329817854b0686ca5afd3ff19385262a8805fa6fdad3fe614ef62dd041c6b9ab39e26cdd01a2bc30fc0e334b830be9087d5addfeb648228d1fb038378701032","ssdeep":"768:zOPQqgntRH1tRpFHY9tqwpqK6IzI8U34K95CZN3C:zOGHlpFHY9tqwpqK6IzI845","tlshash":"1323a92e5900003a6c5749f1e2d8df98e25bf4c3df379eefb54226118b827e62d96709","first_seen":"2026-01-16T13:52:28.348683Z","last_seen":"2026-05-09T05:23:38.335436Z","times_seen":14,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:24.439Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript\r\nexpires: Sun, 22 Feb 2026 13:15:24 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=C9wVnb5qBxkeuLiUHrxqvbzkLSulf9WOE%2FmB1mQ6SCuC0U08v5bpSV44kTwXiCRVkX6ry962afoPOdetn6NcWSz%2Fm9YK9CcWEf8kEcloZrS2%2BBQVCQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncontent-encoding: br\r\nserver: cloudflare\r\ndate: Sun, 22 Feb 2026 12:27:24 GMT\r\ncf-ray: 9d1e7a35cdf4370a-ARN\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12332,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (12331)","md5":"88a769d2fe35899fd45a332a0a032cc0","sha1":"514c6c1d8475d17e412849a4c90159517d0fa10a","sha256":"ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142","sha512":"756cc5cd029fc4adc9100d0da2f2b0efb3df0f2bf894fba2824019832fea594edd40a238a5ffacc205572cc0155f5632d70f54e37edc0772460f44c69cb76ab8","ssdeep":"192:3dArCS2Z+j/yQ9TCQxUhW2DPY808LE676SbHDc/7uN0VZG05w:NHSG+j/y2xa3bn7Q+0a0O","tlshash":"7442b79c7e95ba30079b91b1a17ff30f6276605a640bc0a0b05ddcd1a878d8d192bf75","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-06-03T17:45:43.622788Z","times_seen":111646,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/assets/tslib.es6-CkLbZ6h7.js","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.378Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /assets/tslib.es6-CkLbZ6h7.js HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/assets/HomePage-CLKHVGo3.js\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=inRVA4408elGdObyKRDHP9h9PRnSl%2FVP96jjd%2FpweTnEOBGN1uAPXW8nPS%2F08Ngb8kS03wVhiihSNImKTB7%2FjAhFebOTxQ1ORCY4V4NdJ1hKK6EzRQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"ffb6ef342609980949c4a8f09ffd6413\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\ncf-ray: 9d1e7a3b9f7d370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":435,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (434)","md5":"6728506e6dcd6dba1245c82078b5db27","sha1":"15ae32c6e83051e125ad4ced778720a94adc3b44","sha256":"e07121df8b1a960f410cf7cb6aae2be56281ff96749271107b919a760a3ec351","sha512":"a1b5a3d5019f40f899b564dc3d1db35fd99de722adc9429848889aed11ef017bac6055d7b9dc3aa248ff114ced0bcd53eaca5a9e4054422ebdecd225a12b5088","ssdeep":"","tlshash":"66e027943620aeb110af04c1102da886a62a6538d5b5a5903a1486b1009146a550eab7","first_seen":"2026-01-16T13:52:28.34481Z","last_seen":"2026-02-28T10:01:43.154559Z","times_seen":5,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/imgs/nav/home.svg","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.634Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /imgs/nav/home.svg HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=exXMT8thpvZBVPMOSJmCk17AXp1t9G4trTus5p0YkTXnVcBsxaqrW9TRNk36dj526jAdJsJgRqH0PvJHIyDjAug7PI5AOmtFSk9EfpHKGxs3%2BWl88VfRn1x9gsQEU18cHQ%3D%3D\"}]}\r\netag: W/\"11b96ad8e198821f3f313a5de17259b7\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\nage: 247973\r\ncf-ray: 9d1e7a3d2fc4370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":748,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1331c3df86d8bd586ac9ab5978beebc2","sha1":"bf3538e50e6ce3368ef11eae41e38bd262ac8dbf","sha256":"30cd90cf0fdb2b978a8659e3cc7f4730da439675e7226e564de7df7f85c4f77a","sha512":"7c9bcbf36b69f4107c8a1d3d2d78de8b0b1d5a033313dce3b79d897cef85a09cbafb68fd0ba7bb1cc89aace5ba4232dfc652d54a1fcdb79549e68ca112918290","ssdeep":"","tlshash":"2501d0e0b2dd157ca30d168d32a4605d061c14e5b893029cb9facf9ddacac445c57e19","first_seen":"2025-12-02T18:05:59.113215Z","last_seen":"2026-05-09T05:23:38.328302Z","times_seen":16,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/imgs/Home/choose.svg","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.685Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /imgs/Home/choose.svg HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=O%2F66rFUJAYJ0werZiMKZ2K%2BUI6RVuU5DjJjVyIajAzFCiQpnTtvgft91EuD6ICgi7wgud1C6em6m67CpzK2jEKkUuiYXC%2FutuM6CKxZ5Ci8UcH0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"f443f324f2044b6817ffc6ed278de1b0\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\ncf-ray: 9d1e7a3d8ff2370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":902,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"5fa3892c467f7b62662c6b2362090d3f","sha1":"4971fafc068cfff0fe55f4b96146b60408c2148e","sha256":"2ecb2b696a5742124db622643b6638660120666b2142a67e0a2162d55b49cfac","sha512":"961386ba9b463236327ce226e8d2f0a0cb5e2fca155ea905cf128f4f78bf80e7b3d9934bf5da8cc38fed94c9b6c194cf6139c05d405645d48a977d73dd77c1c1","ssdeep":"","tlshash":"8b117addf66aac946d4863884370f1487811b056d89722b8d00c96bc2d965be2e5dfa8","first_seen":"2025-12-02T18:05:59.14317Z","last_seen":"2026-05-09T05:23:38.274883Z","times_seen":16,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/favicon.ico","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:24.755Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 22 Feb 2026 12:27:24 GMT\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ncf-cache-status: HIT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\nage: 9099\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sH9RzIcp22q8yTyfZama4tVldgSVustgVo0LrKwZfI%2FowB%2FlfecYypGnVn0IOL1Utt0bmxY1WZjEXrUS3uYVXIrsq2z%2FwRAxmZkzzbkupXlTbUfSVg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nserver: cloudflare\r\nvary: accept-encoding\r\ncf-ray: 9d1e7a37be74370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"YouTube","description":"YouTube is a video sharing service where users can create their own profile, upload videos, watch, like and comment on other videos.","website":"https://www.youtube.com","common_platform_enumeration":"","icon":"YouTube.png","categories":["Video players"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3480,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (458)","md5":"52dbeb68c874049e900193d1fdd5b029","sha1":"0946d7989b26b6295f31492869a8071783c699ab","sha256":"b83583112c65d2bc3145030598e10a10500104cac354d2f4099a4b335d63b357","sha512":"32f431755a458647fedc9109df0d778323aa99af386429e3dccb730928d048b226ca36103441281520dac04e16d8dd4875895b8db843f5ebdaffce94a6292be3","ssdeep":"","tlshash":"b9714473eeaccd3542b41b4b6455f44ca9d0e293c238dc407adc85ad5d90fde8e67988","first_seen":"2026-02-22T12:27:56.577562Z","last_seen":"2026-02-22T12:27:56.577562Z","times_seen":1,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/imgs/All/close.svg","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.130Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /imgs/All/close.svg HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Jqdmm0SXRnx7Sfm7N4bIrlVFIPbja8hI1kAOzY3xzbxW1Hrl%2BNK9095JFqPCDLYdnG0CzLEj%2BqnJZGqzlpXN%2FwtMWunKi6sgVJDlUfM8DllYfHN9fg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"5701369a495bc010d7c4ff25d8ec4b8b\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\ncf-ray: 9d1e7a3a1f28370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":416,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c83c15deac388178b316aa922b76e869","sha1":"01d74695e3aa3938ab7b15c45de51782f52dfcba","sha256":"027532ca5012c72bae8e4176c89f261ba5e8377e02d8a43b44a149fd5339101f","sha512":"96d0f29acc7edda08a6586d2adebb236bff1a8090a83613d1e2264d7c7d163bf3a6b54770c5da5a5a1cd4efd1799af4aaa861dca90a44638c5779082aa1554d3","ssdeep":"","tlshash":"fbe0223083805626841c21a2be38fd20b02db0aabcc8eee4c2238ce503b3c535b90987","first_seen":"2025-12-02T18:05:59.099751Z","last_seen":"2026-05-09T05:23:38.314063Z","times_seen":16,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/imgs/toast_success.svg","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.171Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /imgs/toast_success.svg HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2F5o7t7Rgamhk9xSskXIh1ic0EOOZsRMz%2B%2FbHK6bpvqUIQO%2FJH3iM6dqlGll7MEpIQe8A3NjB92eK0cNYChGZvdItKWLtCbngxq9%2BX585Mcvjgbub7fMF4Gonv3Nsd9p6qg%3D%3D\"}]}\r\netag: W/\"f6573c21f014e588c17d94fe860b4312\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\nage: 247988\r\ncf-ray: 9d1e7a3a5f44370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":501,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"45d90896f2bfaeed0387e8d27d2fe23d","sha1":"8612c5c9627a383cd7424b73ba20c764bbc8006c","sha256":"73d37f588b6106ce8c2e09b2dfff1cc57d52080e5bae38a2a7106a65ffddc58a","sha512":"8629373125222ed11578f0a7e5254caeebca843d9f9e0181f17ca45b524638d0f88b42b5710fb33072f5f6147f2c0b562583a4bfd3f9b2bf4ab7aa8ce80b6f55","ssdeep":"","tlshash":"fff059a0c3c4587cd80c8a5f16682e117009f19bd0e4f93cc61e9be42846dec3c4bc6a","first_seen":"2025-09-08T01:23:12.599536Z","last_seen":"2026-06-01T18:38:20.573774Z","times_seen":218,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/imgs/Home/cashout_bg.jpg","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.506Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /imgs/Home/cashout_bg.jpg HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/assets/HomePage-M9V46_xm.css\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\ncontent-encoding: br\r\ncontent-type: image/jpeg\r\netag: W/\"90b3999c1f9b7c5f46f9f3e38a757657\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GjTcNOqi6gmtqIP2A8jyKP5oAjIwh1cv9kVrohqGlioZyM%2FGeHXQp7cbQari3isv4RNudxyouo1ihEGL%2Bwoj0Pyj%2FatjPnQo5RnMYdpNkkpLGrNFXg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\ncf-ray: 9d1e7a3c7f9d370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":37213,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1002x729, components 3","md5":"07651171b139275b1c03369f62d3d7e9","sha1":"e168e1929b5ea17228bda2e397ade82357546602","sha256":"d39b9001832c048cb19e673fcc548948027a85ad9d89809c14f7b46c2b726689","sha512":"7300a0625d0353a986080e9fa2e53b8c89a7039258ac697f70a0d38741f03fea67cd52dc3235eac51a091fadf1e7f34e9a6a56b17e2b84da192b891525287951","ssdeep":"768:VBIX2C5hU85QaAwabZ7yyfTIUDC2mWvax78VXkfi14K+CrRNA0I:VBm2OhLQaAlHfThC2A7C0od+C9N/I","tlshash":"fcf2d016db44fe31dad625710d9353157f395cfeb3a4a0073262066996fb3881c0abc7","first_seen":"2023-09-19T06:13:15Z","last_seen":"2026-06-02T17:50:06.538795Z","times_seen":121,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/assets/HomePage-M9V46_xm.css","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.167Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /assets/HomePage-M9V46_xm.css HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-type: text/css; charset=utf-8\r\npriority: u=2,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DgSdSDp1ZPjNLAyZv7PtokqJ6d5pp2iMw1BDWNQmEzP2VoXfvPTlpJY1L2qq0gz2FXIQlS82Gv5gUwTosz2xJtEIJiIDeDxSb0u%2BEbdHIT%2FFh6L5FQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"c7099cb954c45cabd3c5981ce462a648\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\ncf-ray: 9d1e7a3a5f3a370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5038,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (5037)","md5":"f76322bf969204ad417b6827be5d0f24","sha1":"0e4a13bf979424b3b96ebdaed01edc06e84b8ab7","sha256":"dc6ff98107d73e58fa5c50153c5f9dfcaae419d644a271d4c545bade7a84eacf","sha512":"c2b0e1f62d6cb4a2fe0df0f692d449afa01f839d62ef9176dd2815fabcd138b0ba56684bb595e725584a999622cbcff545d805e051ce06b968cc2dafb59675e5","ssdeep":"48:XEnEgVwfO+87rjKQUWDn2vrEOEXsNsjUN8qz9Bu5DCTgpsKw5rQAp1RRFf43h+W0:XEnEgV1FjKQL2TEOEtYZctpsKm0ATn5","tlshash":"dea16126e95065bef0379d2076d44acc0224c052c6328eafe5143e2cdb9f6e416ab78f","first_seen":"2025-12-02T18:05:59.116362Z","last_seen":"2026-05-09T05:23:38.331383Z","times_seen":16,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/@fawazahmed0/currency-api@latest/v1/currencies/usd.json","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:26.345Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/@fawazahmed0/currency-api@latest/v1/currencies/usd.json HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/\r\nOrigin: https://wealthifse-mshiau.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 22 Feb 2026 12:27:26 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 3288\r\ncf-ray: 9d1e7a41db7a5868-ARN\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 2026.2.21\r\nx-jsd-version-type: version\r\netag: W/\"1d50-R0fK+YbGQ79pHm7lSkC79a01as0\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-etou8220162-FRA\r\nx-cache: HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nage: 36145\r\ncf-cache-status: HIT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=yadrcxmbwGSqhnIFTXYty6vGfjvD8G2UKAOTgv7a2sDIvQ5AUM%2FLjUuikVAizuHBIpw2XMwW8Qf7kuC4BMrDwq4AIi16GsYT1KHk4P40Nd54J6aJds9X1U5SIcBf3Xtsx9g%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7504,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"d5e72fe9805d1802846bb01a73a3e377","sha1":"4747caf986c643bf691e6ee54a40bbf5ad356acd","sha256":"a9957afd1835143d31b1935145f98f4ed8d0bb3e4db8e3b140c7deb2f788b164","sha512":"73bb1049ca12876aa4e4f6113f8b5519a7c47a772045f972211b97544b037cce96848e291b9d22bd8e22b50da55b601448bfa0e33a7520488657b01168bc4a73","ssdeep":"192:ZsVdC+JonfU2Hxmuj3kW9UmoF+zTZXCjDPUeWifsv9G+FzHu6VbGLgF3:ZS1orH9j3r9boiTZXCv5Wi0i6YLgF3","tlshash":"73f1108f81b423e6b5c0cdbd0b3db2700d5b29670d51c35adfa0be27a2695b7094ad27","first_seen":"2026-02-22T09:56:16.276595Z","last_seen":"2026-02-22T12:27:56.583591Z","times_seen":2,"resource_available":false,"data":null}},"time_used":79,"timings":{"blocked":28,"dns":2,"connect":8,"send":0,"wait":22,"receive":1,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/assets/index-DhaLUDKt.js","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:24.481Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /assets/index-DhaLUDKt.js HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bdKvCp2PR0YWn1qmsn5NnVxnZRmCW%2FQFF8bInfhlFR30MtZWrjcjFt2iWmu1jjJ2LdbExd5nq46UICq5dl4e1HnWKPog3DD7Ku2PuhgF%2BriamTM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"a31992a5049652ad72aaff56927b952f\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ndate: Sun, 22 Feb 2026 12:27:24 GMT\r\ncf-ray: 9d1e7a360df8370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3624557,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (50044)","md5":"de863d926abe70655fc85fd7162ae76d","sha1":"9e8dc73d048283ed550aaec815e12b64ab91ca34","sha256":"5af52343491cdecd722fb99eb44ab285fe12a2d159566eac0b16cf930ab752bc","sha512":"4716ebeffd4f0b17cab471334ea31dfa1e7a1d210ef1b1010bc0fb95e612631bff31aedf8caa09dc38ae4704bef29122302851a5c9008278b6f1cf651faf558f","ssdeep":"24576:tr1x2g1gkV+1ocBHuVuSwO1jvRc+U6TPhlP9MKSGb9eIhRI2WIRRvmmtoB5Hf:tr1x2g1gkV+1FuVuSwyjvRc+U6TPhxVa","tlshash":"2a554d9fa3da33b50db3739139851af9bedc853d934dcb2f0828531928d28585e6d827","first_seen":"2026-02-22T12:27:56.585298Z","last_seen":"2026-02-22T12:27:56.585298Z","times_seen":1,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":73,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/imgs/Top/wallet.svg","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.137Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /imgs/Top/wallet.svg HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oXB%2FAXahb3qtDsg0nBZJqrLbD5a1yejmceoQD0g4ilsj4D7%2FQNQ8fJ%2FAtfv7yDJFTdGMRuQFhU5h5D9ByBYcYFcorFgXQLfTj6aRTHZ49quG61oeIA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"4fe55b823b4a802705d2aafb7f4b311f\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\ncf-ray: 9d1e7a3a2f29370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":640,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2699d9ba33408e926c317c933355b10e","sha1":"d05b839d6fa3c270b5fc7836dcc7e97289717dbf","sha256":"1a50ce6f22170bc9ea21a5ac8284e8211c55734191b3199c97861efc18d6e22a","sha512":"3740661c654c5cc66539ee571662d955ff689a19c6fea8127e8a3185195e0470d3583ed7769246baa893118f9f9ab8bd50a6c9b7d763019813267d91893a7b61","ssdeep":"","tlshash":"68f09937c2aeebbe498e464b0670a200330da1bdf600637c988dd7309056d91cd138d8","first_seen":"2025-12-02T18:05:59.108685Z","last_seen":"2026-05-09T05:23:38.322239Z","times_seen":16,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/imgs/Home/choosed.svg","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.687Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /imgs/Home/choosed.svg HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yzNEhGkcVi8gzcPJnZnhjtc1U7NoQ0dTxOJihKObJw3NoG7fTVbUCsiijyp7kqtV9nb%2FLUouqjrMWfNVD2IY%2FQfdHx21biUYwFKkl5z2r6euxs5o3A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"69d06954efd8896ba58aa972e027490f\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\ncf-ray: 9d1e7a3d8ff3370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":987,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a602aa79cb87d3bf0ce03404beab9635","sha1":"d37f1f998c2d9615f15a660e27b8c6727cf249b3","sha256":"1c78555cee9a4ced4b25bb09afb80252f6fe57ff6443ed6f28abba1da76b4aea","sha512":"aa69b91bf657dd919c753c33b5f54354c1bc33a76877837fdf3cb411de20b4f11f3a1bdf32ce14ee9fe3c1bf8e9e1434fc602ed14094ba22fc75ebda784fe59d","ssdeep":"","tlshash":"ca112d2ad26476b8482d83ec853a31b03f1f285dba018338c296db34b853f56cd049ef","first_seen":"2025-12-02T18:05:59.128607Z","last_seen":"2026-05-09T05:23:38.340302Z","times_seen":16,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/imgs/Top/close_menu.svg","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:26.510Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /imgs/Top/close_menu.svg HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=C41oR9Az55M%2Fhftjjc3518xb%2B%2FS50J4FJgQ6cn6AhyI6Gd4QdOc2fxY4b59urQe4y%2BpfUAm6RVELVDzt9MAPayOtc1cj1JqtAijYJ4IESEnVOP94caDwejUwJVuKOhQiPQ%3D%3D\"}]}\r\netag: W/\"74069118fc2edc72e61881b8d865836b\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ndate: Sun, 22 Feb 2026 12:27:26 GMT\r\nage: 247989\r\ncf-ray: 9d1e7a42b8c7370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":416,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2238885bb526da37a8fa76e921420a32","sha1":"69611931067d641dc988425c257efd0cf25645da","sha256":"54860001facc48c8b435c18a06c0646c03668d092bd9eb07581511013eb4a26e","sha512":"93a0fd4654ca8c52748859252ef3323e6377b398abb062a3810f269070c93678c7c540f1241b4e27a64184d25a0135ed5713b92ee48adbe720cc9184d6bb455f","ssdeep":"","tlshash":"c3e0223083805626841c21a2bd38fd20b02e70a67cc8eee4c3234cd503b3c535b90987","first_seen":"2026-01-16T13:52:28.337447Z","last_seen":"2026-05-09T05:23:38.321184Z","times_seen":14,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/TDMNBVCXZLKJTD.html?pid=r_917716859248107","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-22T12:27:23.923Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /TDMNBVCXZLKJTD.html?pid=r_917716859248107 HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 308 Permanent Redirect\r\ndate: Sun, 22 Feb 2026 12:27:24 GMT\r\ncontent-length: 0\r\nlocation: /TDMNBVCXZLKJTD?pid=r_917716859248107\r\naccess-control-allow-origin: *\r\nreferrer-policy: strict-origin-when-cross-origin\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=COUE6duQsExIeoqkzXT6T7YSqhr2S%2B62Ty%2BxrNnsNTevXEjrnOJ%2FsmOLOOX%2Bt85YKAP%2Ftd1YozpXzgrohMvFV8waj1WZWUgLG5egJ8P1%2Bkl7UfCtWQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncf-cache-status: BYPASS\r\ncf-ray: 9d1e7a330ed33483-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"308","status_text":"Permanent Redirect","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1690,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"05762093d8e4610067c8c4d543b5e3b3","sha1":"171c4ca85dc54cda8e5e9dcfe580749d0705e953","sha256":"92f0afc2c232ffde5e0e243d7c07d8c86f041ce1cf33225808a4d6db2874265d","sha512":"1c3774c662e53ca2808bc53388a34f0d602b8931a226a9767bbb6295093a4e6d0a31279b4e3c2e99dd4e8745c176406016cf1a954705048ee79a5d9b09920f50","ssdeep":"","tlshash":"283102dbea18c10586f9831829daf15842a9d183c270c0a1b6ec96cd1cc5f6fc5f729c","first_seen":"2026-02-22T12:27:56.590964Z","last_seen":"2026-02-22T12:27:56.590964Z","times_seen":1,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":78,"dns":44,"connect":8,"send":0,"wait":19,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/imgs/logo1.png","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.100Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /imgs/logo1.png HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncf-cache-status: HIT\r\ncontent-encoding: br\r\ncontent-type: image/png\r\netag: W/\"0a8e52616c464f04a8fb15c8c9f7d23d\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\npriority: u=4,i=?0\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=X0lcP8xW8FII7CCGYuCydNlH1OlBZKbot7Rv%2BMawzeRtxBpFFrYbg5v7FjqG7sFB4l5BIrLoim7b3OYVKsGqizGaSgT4CZ89ONUy0gVamJb6DIx5%2F4ig67aQ9%2B5Vx1DaHw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\nage: 247988\r\ncf-ray: 9d1e7a39ef11370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26144,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 8-bit colormap, non-interlaced","md5":"e57481655f41787fa9cf35b38648303d","sha1":"b7a082d09de6e4bd7e9299c24c2dfbb49ea79459","sha256":"f7eb8e41095be1993257c72d686377de23b84d02c9706dabe2cbb1f9e045a14a","sha512":"847ee4118265e61b079d1d3774421414d8786f2b8360701e6c307f3014b687dd0a319f7efe70934b964b4647bb8b2db78c779c8906c7874c52a2f66dafd674f3","ssdeep":"768:CyrAbpK9wlo4mQT2sXMLx/5n5OLJ8VHOm4UGOEXqWd:CsUoh6UFh5OLJ8lOVURWqWd","tlshash":"4fc2e09db8bb3b08f1a8ebb3d4160e4684bd9cd7ce4890182b1d7d4d47fa8614b45d83","first_seen":"2025-12-02T18:05:59.141623Z","last_seen":"2026-06-02T17:50:06.529456Z","times_seen":25,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/imgs/Home/dollar.svg","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.689Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /imgs/Home/dollar.svg HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SsCeNYqjyQRS5MPMmaa1d56VKpuOE2PNvUQwDCHy7amqINemTgevGXuYjDC2DSBGO98KziebLUyrBDZFMimhv3iZ%2FDokXg4cQMYLJvEg%2FKQifx5MfQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"cb48c9ab7affd0afe67c9c59b14f0fab\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\ncf-ray: 9d1e7a3d9ff5370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1077,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"278a0f4cbc50fbcfefe53de958834db9","sha1":"5c6f11eb2c7da886840fff05e2545b9f1a2c03d4","sha256":"8acb551b3ed09d0f954965c0b00b21d9fea10514942b5207c2b40f5fb9cb92c6","sha512":"f6267855d6614b2dfc39c97dc527acd611b159c92f07bb352364e124baf6cc1a62b35081f56860d30ffb27d95293af6adc67bf3b2b48f5c9a837c6859727aa65","ssdeep":"","tlshash":"dd11f028e11896baca295f68432391a5602f60dde4f0417dc756ca15bb81cec1b0d8df","first_seen":"2025-12-02T18:05:59.103963Z","last_seen":"2026-05-09T05:23:38.285571Z","times_seen":16,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.youtube.com/iframe_api","fqdn":"www.youtube.com","domain":"youtube.com","tld":"com"},"ip":{"addr":"216.58.211.14","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:24.498Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:39:20 GMT","end":"Mon, 20 Apr 2026 08:39:19 GMT"},"fingerprint":{"sha1":"FC:29:4D:58:5E:E6:74:45:80:0C:2C:FE:14:2F:15:E5:F5:52:19:FC","sha256":"97:7E:CA:18:F0:30:B2:D8:F5:C6:F8:72:E1:CF:30:B5:CE:EA:5D:CF:26:AC:0B:BB:CF:17:23:E2:33:E0:56:12"}}},"request":{"raw":"GET /iframe_api HTTP/1.1\r\nHost: www.youtube.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/javascript; charset=utf-8\r\nx-content-type-options: nosniff\r\ncontent-security-policy: script-src 'unsafe-eval' 'self' 'unsafe-inline' https://www.google.com https://apis.google.com https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com https://www.google-analytics.com https://*.youtube.com https://*.google.com https://*.gstatic.com https://youtube.com https://www.youtube.com https://google.com https://*.doubleclick.net https://*.googleapis.com https://www.googleadservices.com https://tpc.googlesyndication.com https://www.youtubekids.com https://www.youtube-nocookie.com https://www.youtubeeducation.com https://www-onepick-opensocial.googleusercontent.com;report-uri https://csp.withgoogle.com/csp/youtube_main/allowlist, require-trusted-types-for 'script'\r\nexpires: Sun, 22 Feb 2026 12:27:24 GMT\r\ndate: Sun, 22 Feb 2026 12:27:24 GMT\r\ncache-control: private, max-age=0\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: report-uri https://csp.withgoogle.com/csp/youtube_main/strict;base-uri 'self';object-src 'none';script-src 'nonce-lwDtU67SOKBi9UZPpmzNtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"youtube_main\"\r\norigin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9, AiDEBptUfVeO93q48VdVMe/ubupazdAl8AaHP+NBzdnW8quUcHdzJUyGSfrmtpKJu7EOvwRp9ug2rEo3XU+WMAMAAAB2eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJEZXZpY2VCb3VuZFNlc3Npb25DcmVkZW50aWFsczIiLCJleHBpcnkiOjE3NzQzMTA0MDAsImlzU3ViZG9tYWluIjp0cnVlfQ==\r\nreport-to: {\"group\":\"youtube_main\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/youtube_main\"}]}\r\np3p: CP=\"This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info.\"\r\ncontent-encoding: br\r\nserver: ESF\r\nx-xss-protection: 0\r\nset-cookie: YSC=Ni8VbKtH3tc; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none\n__Secure-YEC=; Domain=.youtube.com; Expires=Mon, 29-May-2023 12:27:24 GMT; Path=/; Secure; HttpOnly; SameSite=lax\nVISITOR_INFO1_LIVE=8madPBkKhds; Domain=.youtube.com; Expires=Fri, 21-Aug-2026 12:27:24 GMT; Path=/; Secure; HttpOnly; SameSite=none\nVISITOR_PRIVACY_METADATA=CgJOTxIhEh0SGwsMDg8QERITFBUWFxgZGhscHR4fICEiIyQlJiA3; Domain=.youtube.com; Expires=Fri, 21-Aug-2026 12:27:24 GMT; Path=/; Secure; HttpOnly; SameSite=none\n__Secure-ROLLOUT_TOKEN=CMT_zoK5gbjjYhCpxsi2jO2SAxipxsi2jO2SAw%3D%3D; Domain=youtube.com; Expires=Fri, 21-Aug-2026 12:27:24 GMT; Path=/; Secure; HttpOnly; SameSite=none; Partitioned\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":993,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (501)","md5":"97a94e32911418b7acdec39e93b86db8","sha1":"179ec41129f484f1cff3556c31bf3c23d94ed9fb","sha256":"486d76bf58cd47d380dc4f138a02ad134947f03e2fd334ac6c7f5957181970d2","sha512":"7926b234e154d63c987ffd3003b28339d26795b7300852214b4692b4a5c30833bfc056da4397cd460d77510226a1a4fe634fae8e81bb92c331643371ee1ac6fc","ssdeep":"","tlshash":"a111cb7b3d80e6398658a4e4a03fd31cb1a224957850dd9110cee889e65cbca9e3d5ac","first_seen":"2026-02-18T12:32:48.904619Z","last_seen":"2026-02-24T17:21:47.34189Z","times_seen":1864,"resource_available":true,"data":null}},"time_used":225,"timings":{"blocked":94,"dns":1,"connect":7,"send":0,"wait":25,"receive":0,"ssl":95},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/assets/BottomBar-DdPzXLxH.js","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.372Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /assets/BottomBar-DdPzXLxH.js HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/assets/HomePage-CLKHVGo3.js\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=edrA6Aj63Bn%2FKAa2Vbvjyr1AO86yc3nImGBy4YPcT261HqYb9yy7vyPwSubm8CZjVjLSJ2809N8DAuI8T%2BZ43atxD%2Bz1G6LerBg4P06C1E%2BR63U%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"a9e1ab230fa6b970b9b0ccc3538df1c3\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\ncf-ray: 9d1e7a3b9f79370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1786,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (1782)","md5":"986f34f51e6e5e25817f972fc6b0ee3b","sha1":"49954f01661713cae8ebe5afb3f4402776dda34d","sha256":"ac69e6d50ff805377f4e4ce70931f449d10249ebb1ccea7a7e7efb384b64da52","sha512":"5fb447cf696bdb443047a1e2068aba5af2f3539c0936678dc19a08477b6012b33edbb8d5ff978aa6217af9c14d1aa45f4875e1d5ad34bf3ce0eec89cab0977fd","ssdeep":"","tlshash":"6c310048e1d6dbbeed6808d55e5d8148300f0fecda2a8892917e1c101764ceab72b79a","first_seen":"2026-01-16T13:52:28.345739Z","last_seen":"2026-02-28T10:01:43.167996Z","times_seen":5,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/assets/GeneralSans-Regular-Dn3hZj8I.otf","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.518Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /assets/GeneralSans-Regular-Dn3hZj8I.otf HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/assets/index-DWsLYg7B.css\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-type: font/otf\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pK%2FDipOMUsRN0EKp7pVHj7RBDCd5u%2BaUa49o7%2B1DfQQ01nk9%2Ben8CTd7MeTSwRmXQf3RmwmsPirUXk5L6iYPdCssaQOD5NcHiYnF7nr3S726h%2Bg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"9f9cc0351f0ef97bbaf269ee066021fc\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\ncf-ray: 9d1e7a3c8fa7370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":45948,"size_decoded":0,"mime_type":"font/otf","magic":"OpenType font data","md5":"95afa0447815d0498c2ed4c828cdd92a","sha1":"b03745ee5c7610ffcd8b64a4a4ccf28e25ed9759","sha256":"f5cfd05c1dafa77e944670528a81958f7c21b7517bafd2a8796a3aa17e56b9ce","sha512":"1ea46cff6c87562823cad2fca7677eb15e2c28d6a18ad031bb39aa9bd84a86bb52c1c829a25b03c94ed776234d3eccfca1b60cb2b4b6bd8764faf5e346f4d995","ssdeep":"768:O35y79vZp3MeJ8qqNrflwkDrPUznaeYCPFYir6uYbkEP5jX7K2q+jqUmMNHVuivJ:OJy79vZp3MeJCBwkD7U7KMFZOpbkEP5r","tlshash":"f2236b96f7450b01c1527b3449bae734e732fa1c8afe6b0b55b552ad6c5e0c20e72ac3","first_seen":"2023-05-26T17:06:12Z","last_seen":"2026-06-01T11:19:27.973161Z","times_seen":241,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/imgs/nav/withdraw.svg","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.639Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /imgs/nav/withdraw.svg HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=S8FKtTLFoPnI6OH9n9KYo7HE17nR3Nq5loKFxawxpMscRDV9xoYHkLNW%2BYKrQewS2OyqNHT1cZN%2Fbukk9vVm0a9ZqDyWh2ljSDj9GpPehwb%2FL8L5yTkl6LVFNfzQY19Z2g%3D%3D\"}]}\r\netag: W/\"babe77f26fbca33bf65fc524994ac0b1\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\nage: 247973\r\ncf-ray: 9d1e7a3d3fca370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1186,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"467a6c691b52d0b95651f1136947ab87","sha1":"b5895c84a4aa702e5e257db50caa6b596fea9f6d","sha256":"b2bd2b39357b8e558672ae8f34e2e95bb190c4db381b63b2961add68ee041a6f","sha512":"f65a7c080cff6126c5301d0711433ae41d44ae7a780e5a2e2a7ab02659be8c554588dbf37c810e13bd6b3eb334ad83bfb53df3b62e1df6595463cb1ad8667f80","ssdeep":"","tlshash":"0c214db4860517691188b1cbbc7cfc96e51c2847b6ceeeecd0652ed90876c9b6cc6507","first_seen":"2025-12-02T18:05:59.114009Z","last_seen":"2026-05-09T05:23:38.333485Z","times_seen":16,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/imgs/nav/record.svg","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.641Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /imgs/nav/record.svg HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KXrkNGIRO5QRi9NRk0SV%2F5hulOLAFTypxv73eYmEhujQC4djQNiTfw4sgynOyJAzPQXwADG6BvZBzy2x5CDUcMp0LyYtBzMdLHNs2jhjkwpJzNyVUw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"b6ef371d7f4f50783335106459dd732e\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\ncf-ray: 9d1e7a3d3fcb370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1471,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"767a59dd9446de5b13a456cbb9b02647","sha1":"653b316a0622c0f3b996aa0f46b543380bca6e91","sha256":"a6dc4f149debf36a371c28054089ff740cf1509564fc9cde36a9b547d723f83f","sha512":"c3858c98a58fcc7fac4166a18fadc330131a2b7688b4e235b5c9ec376accbbd698f905257b1b05b0ae513767cf480de7e5ad55d24f2e7a346f350f57c3e07615","ssdeep":"","tlshash":"ce31e1500b6404794c8543cec790b7d12b0ed4edb5060379b448b7a1e362be8ffda9aa","first_seen":"2025-12-02T18:05:59.106336Z","last_seen":"2026-05-09T05:23:38.278327Z","times_seen":16,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/imgs/nav/invite.svg","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.635Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /imgs/nav/invite.svg HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Cc6L0V5mw72De5a4X4ZTRX%2Fd41hjgnxO1KrUS50ppzXmouP5DpEde%2FfNTBkSM3Sq1ipNhOl5J48RlnwSCIisnOgua%2F8%2B0r%2BvCizT021o0AwAehd7BQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"58698cbc4b3882ba211c91966aeb27af\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\ncf-ray: 9d1e7a3d2fc5370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3361,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"22d0c86ce7426ab0a03a4e0b9adec761","sha1":"db0d655d93bc3f4a29a1600b771eaa32fca67f19","sha256":"0ec68db35824fd56f2bb2a158011f23173c600f9b9b5290a3123500078cdce44","sha512":"7cb12d17ae3dac4258202a28e96faf9e2c5305ef66a666a8c005f3ef158106877675483d06e4998cc12272a65e6dd102087e734b116009ee96f7532d9e051b3a","ssdeep":"","tlshash":"0061c1656f316ea09207c60ebe9bf8a2abd721b3d0d3ea6c177ebcc40622b015554d17","first_seen":"2025-12-02T18:05:59.123953Z","last_seen":"2026-05-09T05:23:38.34271Z","times_seen":16,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/assets/polyfills-BfFgEMPB.js","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:24.510Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /assets/polyfills-BfFgEMPB.js HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wyPUMrdkajhMJAqw%2F0KwYUn5OpILpFnihRT%2BKees0S%2FXxToyGZ1tzkOPKPbBWDxAfhMesAKUGLZ2Bpzz%2BgpW2R3GkFHE7RSoEvW6aekfEnEsHQ7cySQsYL7ppPozkFZJeQ%3D%3D\"}]}\r\netag: W/\"aed3195a92b41219942cf971217c8bf9\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ndate: Sun, 22 Feb 2026 12:27:24 GMT\r\nage: 247992\r\ncf-ray: 9d1e7a363dff370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":107999,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (59764), with NEL line terminators","md5":"81da2134bfbff64d6f94199eb3b75e4e","sha1":"06d6d75bfe87f400a6c54efa7ca510f28808dcf6","sha256":"f31c699e9ff54b7416a8bb977aa627c5d4980723c485cf89be2766d85d8906c0","sha512":"34e97187f0734d42a8200d6fd9ecf57f9068071227a4403c9b402b8ccffc610df7778db13372d9fba7a4d843a0ad888d059bad8b345aebf31885b8c44585f232","ssdeep":"1536:PoL5BydBjL6nF7mEwax6Az5wFn72MywAs4BxG6hA1rPYR:PoTydhL6Jm4x6ANwFn72MywAsGc2","tlshash":"b7b3e588f6d6f0a243e77064403f100bf23b6d55b81e80a4e766d1e17cb9a4ad17bf69","first_seen":"2025-12-02T18:05:59.126798Z","last_seen":"2026-02-28T10:01:43.171214Z","times_seen":8,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.youtube.com/s/player/4c5cf06a/www-widgetapi.vflset/www-widgetapi.js","fqdn":"www.youtube.com","domain":"youtube.com","tld":"com"},"ip":{"addr":"216.58.211.14","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:24.930Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:39:20 GMT","end":"Mon, 20 Apr 2026 08:39:19 GMT"},"fingerprint":{"sha1":"FC:29:4D:58:5E:E6:74:45:80:0C:2C:FE:14:2F:15:E5:F5:52:19:FC","sha256":"97:7E:CA:18:F0:30:B2:D8:F5:C6:F8:72:E1:CF:30:B5:CE:EA:5D:CF:26:AC:0B:BB:CF:17:23:E2:33:E0:56:12"}}},"request":{"raw":"GET /s/player/4c5cf06a/www-widgetapi.vflset/www-widgetapi.js HTTP/1.1\r\nHost: www.youtube.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"youtube\"\r\nreport-to: {\"group\":\"youtube\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/youtube\"}]}\r\ncontent-length: 10535\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 18 Feb 2026 08:35:06 GMT\r\nexpires: Thu, 18 Feb 2027 08:35:06 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 18 Feb 2026 05:28:41 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding, Origin\r\nage: 359538\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":32131,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (570)","md5":"e52aa0ebc4c3eaec9b5dc3fb189816ad","sha1":"deee2067e9e36617f997fb3be3788432b87129a7","sha256":"e9abd0d74c5ecca848c706e3f94780a00efc33f66f1a7971ded040458851fd69","sha512":"c1274aa8cacaa39f2724cdbc73acff36088115445878ed95e4fa62553cfd35475d5db1266b5dafd3e71fc8fb645baa6837f84de0478bee8848cd8e1969b94099","ssdeep":"384:LZ9f+ec30st6d53jPj6ANwSYpBZKjTfPXRbiNu44mHQP4Ia3zPw5BWngmurjtF4x:LGMws5vZqjQj7BO4G3IaIgurjtcG12","tlshash":"0ce2c6cdbbb1b4314373a5f5902f100fb23e586eb4088999b284d8e16cf59694627f7d","first_seen":"2026-01-29T12:44:11.570685Z","last_seen":"2026-06-01T13:30:55.172175Z","times_seen":25161,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/imgs/Top/menu.svg","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.141Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /imgs/Top/menu.svg HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=U4z7E%2FjwH%2FkgzomGq1IsJWQusRzMJbxFMJucsubE1eC%2FdZuwS8IZrGsXsgBCrDM3JpeZalQxW21ORwR%2FP3Ik7KzEm9gbMRj861cFxyDaHBQkq0q7xg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"dc185268ea9319e54e5c53ccafba8067\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\ncf-ray: 9d1e7a3a2f2b370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":704,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"953a45f0240beb28fea58b8c1353a879","sha1":"a1317e7337a0c93f6a2a12d8052b9a3b56da4ae3","sha256":"4c03ba5b01923303221149ca4b5407dfcf1fefd6e675e78bda488bf6c2ac8a76","sha512":"3d3e1f8a74a4eddd9c1428a3a01b1f166bd045328218078ab4700c9bee250ff0f4beb1ae66e263cb59f0e62170e6d241344e4e0f2642420d100f498ae3912bfd","ssdeep":"","tlshash":"7901f6a4438a203cfc19a1477411fe64d21e7153f9e4ccb8a05c4de60ea2ceb6ddb1a7","first_seen":"2025-12-02T18:05:59.10064Z","last_seen":"2026-05-09T05:23:38.319112Z","times_seen":16,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/imgs/Home/starComit.svg","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.593Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /imgs/Home/starComit.svg HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=D%2B0d%2BRXv6Ih7SSQyS0LpB8zl0XQKWTzgZF3Z4dNa%2BiJ9hMuAuC31UBiJsqqpfS%2F1Hgu5BQm3M7rD09PeV9XSEw6k6%2F%2FKSbkzucrrmR7iECsTID0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"3e56249dec04f7de1ec9306acd70ef1d\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\ncf-ray: 9d1e7a3cffb6370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8380,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"bc8512cd2f4c2842abc47037048fe94f","sha1":"70222a265ed2806000bf7248a8a1e4c041fa6b4e","sha256":"e0a7674ea6e534e4ae86f106380ca61980213f54b363244815b3159b6a2a45d8","sha512":"01a25b2ac3fb8e08225b328dd22a1baace475669466d86ac2f2c77d45ea496a95a057f5a19e4c890047809355ed1332816a92202ff7fbdfc2855efd9411b3bbc","ssdeep":"96:auo7UOJDAtFKUXLGP78SkZeqXwuB0wJKzFm5Y8iAv78ld1hrn1Uh4JK+QeaKDCXf:fo7UO5K7LKeeqP0wsz18P8Lv5k4var","tlshash":"d50242ecabe762e0e056f3f18b6419647b5730f97d61dbb8cf7a2d51b60206c94488d0","first_seen":"2025-12-02T18:05:59.115408Z","last_seen":"2026-05-09T05:23:38.314855Z","times_seen":16,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/TDMNBVCXZLKJTD?pid=r_917716859248107","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-22T12:27:24.025Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /TDMNBVCXZLKJTD?pid=r_917716859248107 HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 22 Feb 2026 12:27:24 GMT\r\ncontent-type: text/html; charset=utf-8\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=e6uOS0ttt8QZrB8qgJ9Piw4xF9jGLDOyytGyknHpdAmVfKWb%2FLoiS0MRDW6RdL2efk6e2hSpMsWRWHIlyzgcdXjH5Eqsn7kZgEjCQtSKmI4afvLpnLh3cYixjH9vqfAF9Q%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nserver: cloudflare\r\nvary: accept-encoding\r\nage: 504243\r\ncontent-encoding: br\r\ncf-ray: 9d1e7a333f1b3483-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1690,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"05762093d8e4610067c8c4d543b5e3b3","sha1":"171c4ca85dc54cda8e5e9dcfe580749d0705e953","sha256":"92f0afc2c232ffde5e0e243d7c07d8c86f041ce1cf33225808a4d6db2874265d","sha512":"1c3774c662e53ca2808bc53388a34f0d602b8931a226a9767bbb6295093a4e6d0a31279b4e3c2e99dd4e8745c176406016cf1a954705048ee79a5d9b09920f50","ssdeep":"","tlshash":"283102dbea18c10586f9831829daf15842a9d183c270c0a1b6ec96cd1cc5f6fc5f729c","first_seen":"2026-02-22T12:27:56.590964Z","last_seen":"2026-02-22T12:27:56.590964Z","times_seen":1,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/?pid=r_917716859248107","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-22T12:27:24.367Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /?pid=r_917716859248107 HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/TDMNBVCXZLKJTD?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 22 Feb 2026 12:27:24 GMT\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ncf-cache-status: HIT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=A0NHgRzfzOYuJps1W6BZL%2BhYBe0UFv9rhhUyLUq3G8oF7cUYy%2FqSvjtK%2Fwa2JsTJvLkaQZjK67Y13KzlZrTm%2FpE7nQlvv3aZWOWUhoH0zoFgODY%3D\"}]}\r\npriority: u=1,i=?0\r\nage: 1880379\r\nserver: cloudflare\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncf-ray: 9d1e7a355de5370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"YouTube","description":"YouTube is a video sharing service where users can create their own profile, upload videos, watch, like and comment on other videos.","website":"https://www.youtube.com","common_platform_enumeration":"","icon":"YouTube.png","categories":["Video players"]}],"data":{"size":3480,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (458)","md5":"893e824d6699b1911e90907be11960f0","sha1":"2fdd48be0df70fa00c13a078b14af1bea6654546","sha256":"60d6bdbdf414d2d4ffb97dc373177df38d4d68b55f230ea0093d15b902f57820","sha512":"6229ec4241216eaf75a24e3dcf591f2d831dff31b5b2df4a44d4f35c21f196b7b4c4c5e2afe85c3bf2a312fef668e7cc27ac882550cbf4fded67345efc82ba3a","ssdeep":"","tlshash":"fb71b573ee14c97587a48e4b705af40c6aa5d243cb64d880a2fc81eda541fd7cf73985","first_seen":"2026-02-22T12:27:56.602113Z","last_seen":"2026-02-22T12:27:56.602113Z","times_seen":1,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":18,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/assets/index-DhaLUDKt.js","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:24.770Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /assets/index-DhaLUDKt.js HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bdKvCp2PR0YWn1qmsn5NnVxnZRmCW%2FQFF8bInfhlFR30MtZWrjcjFt2iWmu1jjJ2LdbExd5nq46UICq5dl4e1HnWKPog3DD7Ku2PuhgF%2BriamTM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"a31992a5049652ad72aaff56927b952f\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ndate: Sun, 22 Feb 2026 12:27:24 GMT\r\ncf-ray: 9d1e7a37de77370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3624557,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (50044)","md5":"e407628a2e9266c81408a87263e36a7b","sha1":"bdd58be6e7eaceffe39557bd863459845b35ebf8","sha256":"6af29cafefb55ab1c34dd55fed906950654860df8d55ca76048ef428d1cbc058","sha512":"f970a3f7eade8fb62b9eac84bdd03bccdf3c511154d29b6ce4d427e2326702c8b7c1372ebc627aefe2262d61c9cbdd8cc20e61206a2c54ba068da860d5dc39a4","ssdeep":"24576:tr1x2g1gkV7znW/uW91HdEem1ocn1fuVuSwO1jvRc+U6TPhlP9MKSGb9eIhRI2WT:tr1x2g1gkVfR1j1uVuSwyjvRc+U6TPhY","tlshash":"895529baa2d9136909f271d2298433b97d96cd38c38cde7f8d34d30428fa9f8115d999","first_seen":"2026-02-22T12:27:56.603951Z","last_seen":"2026-02-22T12:27:56.603951Z","times_seen":1,"resource_available":false,"data":null}},"time_used":50,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/assets/HomePage-CLKHVGo3.js","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.321Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /assets/HomePage-CLKHVGo3.js HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/assets/index-DhaLUDKt.js\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EghsohprjT3hazqw9tApyb231ruf66re2oGBVm7wotkj1HrnAoTw4%2FMaiZGGAHZdaJGyBuT%2F7aV9Nts0R04VVYRz9wp%2FHeIMFtdMSkAw2PpIOe9V5Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"a09d911265f84bd7e1ac5e6ba5bd3a62\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\ncf-ray: 9d1e7a3b4f74370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":96862,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"83dfb4105434d91f42e9b6ba615358a9","sha1":"4ae157fa946aa38df5cef93c05e0ab99b47aa0b8","sha256":"0e4cd278945a104aab8e2a021b38cf91478653ef902ba4a3a54b97af3d740de3","sha512":"69ae8196df9cc4c963d251885d404029f0b1249528f838f200637bc1880a52acc10d2e3512b53bf22d19cda75959539c32599f1cc4459a74cc99339a4eb705a7","ssdeep":"1536:msZ6POpyR9zf3jr38HXweRYqotVl44kwCbTJQzO0p8QGJDv6:76PNJ/5t04kwCbTJQzO0pXGJDv6","tlshash":"3b931bc57052f86a86eb04e2417f0206b23a1e98780d8458f57cacd93e6544af7bff79","first_seen":"2026-01-16T13:52:28.331773Z","last_seen":"2026-02-28T10:01:43.173489Z","times_seen":5,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"comeontasktogether.top/api/v1/user/detail?d=wealthifse-mshiau.xyz","fqdn":"comeontasktogether.top","domain":"comeontasktogether.top","tld":"top"},"ip":{"addr":"172.67.208.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:26.140Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"comeontasktogether.top","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sun, 08 Feb 2026 18:09:42 GMT","end":"Sat, 09 May 2026 18:16:59 GMT"},"fingerprint":{"sha1":"4A:0C:4A:55:D8:EF:C2:D9:20:4E:FA:52:02:4E:1F:0F:F8:5B:D7:35","sha256":"18:74:ED:D5:B9:01:F4:AB:F7:C7:03:E9:AE:6B:26:06:56:B9:9C:4A:54:DD:81:87:FF:79:C6:23:B4:29:D5:CB"}}},"request":{"raw":"GET /api/v1/user/detail?d=wealthifse-mshiau.xyz HTTP/1.1\r\nHost: comeontasktogether.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/\r\nlang: en\r\ncode: WR\r\nOrigin: https://wealthifse-mshiau.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 22 Feb 2026 12:27:26 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://wealthifse-mshiau.xyz\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nset-cookie: PHPSID=c79b8e8bbd66da41919167880372a4d5; Max-Age=31536000; Path=/; HttpOnly\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BpaC2DvbAIyRaHbCNi9Ri62isdCL5cvgsCPPnAcpZKe8LRSFFNiF8KnCRrOYaF5TCfK3tnSiuTGg7XsoLloUEPp%2BjLGoC5qr%2FM2jwsNa7HFSTvSgmJY%3D\"}]}\r\ncf-ray: 9d1e7a404a4be07c-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1937,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7c27c9273adfec2ad5461c51a35c09ba","sha1":"fdc68c9a9aa151c83023a54c750dae42c5e1cf2a","sha256":"044fdd950b585b696c4fb3867d218f55e1af02bd8dc941a0c1f4ba8c98f60513","sha512":"a2a33210df6b3d7c050e19fe73be07272a483a681ef8b534613581787b2f1c3d581bf34950ea0e95de5f6890b49df566e0d402fe2eaa058908a239f06bc1b21d","ssdeep":"","tlshash":"69415aba3414ea9bb8d0ceca855b6bf95c2e30530fdc8483eb79949051a5dfe60684c5","first_seen":"2025-12-26T12:59:43.242551Z","last_seen":"2026-06-01T18:38:20.57681Z","times_seen":153,"resource_available":false,"data":null}},"time_used":204,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":204,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/imgs/Top/close_menu.svg","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:26.487Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /imgs/Top/close_menu.svg HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=C41oR9Az55M%2Fhftjjc3518xb%2B%2FS50J4FJgQ6cn6AhyI6Gd4QdOc2fxY4b59urQe4y%2BpfUAm6RVELVDzt9MAPayOtc1cj1JqtAijYJ4IESEnVOP94caDwejUwJVuKOhQiPQ%3D%3D\"}]}\r\netag: W/\"74069118fc2edc72e61881b8d865836b\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ndate: Sun, 22 Feb 2026 12:27:26 GMT\r\nage: 247989\r\ncf-ray: 9d1e7a4298c4370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":416,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2238885bb526da37a8fa76e921420a32","sha1":"69611931067d641dc988425c257efd0cf25645da","sha256":"54860001facc48c8b435c18a06c0646c03668d092bd9eb07581511013eb4a26e","sha512":"93a0fd4654ca8c52748859252ef3323e6377b398abb062a3810f269070c93678c7c540f1241b4e27a64184d25a0135ed5713b92ee48adbe720cc9184d6bb455f","ssdeep":"","tlshash":"c3e0223083805626841c21a2bd38fd20b02e70a67cc8eee4c3234cd503b3c535b90987","first_seen":"2026-01-16T13:52:28.337447Z","last_seen":"2026-05-09T05:23:38.321184Z","times_seen":14,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/imgs/Home/task.svg","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:26.551Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /imgs/Home/task.svg HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-03T17:55:46.471571Z","times_seen":16085743,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/index.html?pid=r_917716859248107","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-22T12:27:24.331Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /index.html?pid=r_917716859248107 HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/TDMNBVCXZLKJTD?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 308 Permanent Redirect\r\ncontent-length: 0\r\npriority: u=1,i=?0\r\nlocation: /?pid=r_917716859248107\r\ncf-cache-status: BYPASS\r\naccess-control-allow-origin: *\r\nreferrer-policy: strict-origin-when-cross-origin\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gcfl7hbZLFIvZoGvd0GkbuT1jXWmoinigmubKJr17rzETTUtsXECXQeWjjEGFqvq8Lhrh1NGxHCSB%2F%2BP7VK8opnsk72JNFV3ZjupwncidKABybfLPg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ndate: Sun, 22 Feb 2026 12:27:24 GMT\r\nserver: cloudflare\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncf-ray: 9d1e7a351dde370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"308","status_text":"Permanent Redirect","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"YouTube","description":"YouTube is a video sharing service where users can create their own profile, upload videos, watch, like and comment on other videos.","website":"https://www.youtube.com","common_platform_enumeration":"","icon":"YouTube.png","categories":["Video players"]}],"data":{"size":3480,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (458)","md5":"893e824d6699b1911e90907be11960f0","sha1":"2fdd48be0df70fa00c13a078b14af1bea6654546","sha256":"60d6bdbdf414d2d4ffb97dc373177df38d4d68b55f230ea0093d15b902f57820","sha512":"6229ec4241216eaf75a24e3dcf591f2d831dff31b5b2df4a44d4f35c21f196b7b4c4c5e2afe85c3bf2a312fef668e7cc27ac882550cbf4fded67345efc82ba3a","ssdeep":"","tlshash":"fb71b573ee14c97587a48e4b705af40c6aa5d243cb64d880a2fc81eda541fd7cf73985","first_seen":"2026-02-22T12:27:56.602113Z","last_seen":"2026-02-22T12:27:56.602113Z","times_seen":1,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"log.plausible.space/api/event","fqdn":"log.plausible.space","domain":"plausible.space","tld":"space"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:24.769Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"plausible.space","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Mon, 02 Feb 2026 19:06:40 GMT","end":"Sun, 03 May 2026 19:14:00 GMT"},"fingerprint":{"sha1":"37:37:28:AC:59:F8:B0:0B:30:86:17:75:D1:F3:2D:33:2C:EC:97:14","sha256":"89:16:88:4F:DC:30:DA:87:BF:B4:83:5A:09:9D:D1:D6:B8:AA:E8:BC:B5:C1:A2:AE:4D:EE:02:46:5C:12:74:F2"}}},"request":{"raw":"POST /api/event HTTP/1.1\r\nHost: log.plausible.space\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/\r\nContent-Type: text/plain\r\nContent-Length: 178\r\nOrigin: https://wealthifse-mshiau.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":178,"data":"{\"n\":\"pageview\",\"v\":3,\"u\":\"https://wealthifse-mshiau.xyz/?pid=r_917716859248107\",\"d\":\"h5-wealthrise.com\",\"r\":\"https://wealthifse-mshiau.xyz/TDMNBVCXZLKJTD?pid=r_917716859248107\"}"}},"response":{"raw":"HTTP/3 202 Accepted\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 2\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: \r\ncache-control: max-age=0, private, must-revalidate\r\nx-request-id: GJaRSLkbV59BXRl8y80F\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WB93fEJzhHkk0vijzwpxDAj1CmXkP4%2BdwhU6etju349ZINQQFsWLMc9i1GK6DbqneGFa0SLrlO%2Brv4Smwoc06uoLxmMAeoMKg012mvfqPiNqRg0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d1e7a382c5c76a9-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"202","status_text":"Accepted","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"444bcb3a3fcf8389296c49467f27e1d6","sha1":"7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb","sha256":"2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df","sha512":"9fbbbb5a0f329f9782e2356fa41d89cf9b3694327c1a934d6af2a9df2d7f936ce83717fb513196a4ce5548471708cd7134c2ae99b3c357bcabb2eafc7b9b7570","ssdeep":"","tlshash":"c710000000000000300000000000000000000000000000000000000000000c0000c000","first_seen":"2023-03-08T02:32:37Z","last_seen":"2026-06-03T17:56:26.773197Z","times_seen":421441,"resource_available":true,"data":null}},"time_used":293,"timings":{"blocked":46,"dns":1,"connect":0,"send":0,"wait":245,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/imgs/Home/rocket.svg","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.463Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /imgs/Home/rocket.svg HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gfYwB5Oqm0FzfqtJxxCmu4S9vp7v%2F70D%2F9TUDIq5oqflGrKp%2Bm5wNQNLZ9%2FzGHy881otdkoHt4I6ZhSFk2UWa7kXtls%2Bm8WKC6vBDvUeaIiAI5Xysg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"13791b44137942212d9cb3a4d00d6104\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\ncf-ray: 9d1e7a3c2f93370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1006,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"df580f5f2c933dfd1cf16bbf295cb84e","sha1":"cffc6d5ae2cd456e73627e36c0597e511e4aa209","sha256":"8f36e69108045cd76b278980ba58a330e32402d447ff701a7f2252418c75d359","sha512":"59d1ac057de1ffd6a26f8fbe5bf2e579713f71cbe62b38c7d8f8d6c7a9d3a9eb20b0f5c88629c073fb8ef9253ef181e90358b105b01e21ceb8bc1acb122ba1ee","ssdeep":"","tlshash":"6411abe4824842acea0d1cdada1b589173ee98b2fd5440d4cd9f14a2d1574b1d9038ec","first_seen":"2025-12-02T18:05:59.130704Z","last_seen":"2026-05-09T05:23:38.282515Z","times_seen":16,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/imgs/nav/profile.svg","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.643Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /imgs/nav/profile.svg HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8bGRm7COFrW6NlZfvfG1FKBuhHWBntDtdrnp%2BAPGhGorSlR8zF66%2F%2B0MSdTtEyhJWWAc8nfdoTejoUn2ikX7s%2B%2BROMBObt8hyGetx8YPM0PEYVti3A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"38619d1f1fe2723b2029354ed02a285c\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\ncf-ray: 9d1e7a3d3fce370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1528,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6737106fc6fd0ecaae6bb28fe95e493d","sha1":"a949477c59aefdc5aed2a3729b50d744c2bd6c70","sha256":"45b4f19dd56d9fa316d981d3bd84a5115477c579901779ed375e5c2d54723945","sha512":"ba689448efc96ae131d2313772c5fe21e381ebe0b8a411e798697d935c3184bb3bd649939eb157948d48cec7891842f4f07879fdb516757d8f5db2f615adda22","ssdeep":"","tlshash":"c331deddc378cfb4b419518ffbe0b4f5325932aa6ad2044ce12c454b42d2d985e19cd4","first_seen":"2025-12-02T18:05:59.09874Z","last_seen":"2026-05-09T05:23:38.339078Z","times_seen":16,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/imgs/Home/friends.svg","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:26.562Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /imgs/Home/friends.svg HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-03T17:55:46.471571Z","times_seen":16085743,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/imgs/Home/friends.svg","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:26.582Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /imgs/Home/friends.svg HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6dH52NGBNV9vJunVGTrTtZ6ui2uSkeQGgI4NLugFlh2KeW6dVyH5hMUvDdUfx%2FanGZAGvITKBM4%2BlzCBEwF5RgZMAOuNkpJdvmdrqovjjbawcSc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"2b5c6ba76b2c45e22fb0c7274804e636\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ndate: Sun, 22 Feb 2026 12:27:26 GMT\r\ncf-ray: 9d1e7a4328ec370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1535,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c35c683741c6bc6b76339ea90b51aff6","sha1":"5f5807b0141d61865d14a8e08e2c0724544bb54d","sha256":"4c059880db2831da7c66a0ab179a0739cbf9931bf4040f7e053590165f9c80ae","sha512":"29961f04f6df973c43285460b267e674e0e5ac369a1491ee6f27b58edd918b3f611d9eb865e64af0b6b82df6a966d636c4ce65791a57c435472a3a6840a2f5ec","ssdeep":"","tlshash":"5e312ce08358bbba881193e6b05f7c65702e14ca7fc8cfb440a51dc590e0cd86e988ef","first_seen":"2025-12-02T18:05:59.137286Z","last_seen":"2026-05-09T05:23:38.315727Z","times_seen":16,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/assets/HomeWhy-CwjEXtgN.js","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.376Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /assets/HomeWhy-CwjEXtgN.js HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/assets/HomePage-CLKHVGo3.js\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4ph4RaUCCZKyqt55JcBUA%2BYO4mixFaJUzYhUvmjpHqmHjn6ZfmHEdkfuP1CErfECpmFrp4bj3oHYvKlS66DETdq0DRj9Mpe5kgS2Sdh01qJN89m9IA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"368ddf220e6b6a6f9fee29722223ad95\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\ncf-ray: 9d1e7a3b9f7b370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1097,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (1095)","md5":"ee597e820b59136940a6588cac1329e7","sha1":"73e1cd148af57d86b44dcfcbf7b9e3708a7d086d","sha256":"7abbf1ef47da2283d09a03c51e05e7bba4a7deba31ae7255b940c25c411c31fc","sha512":"46d461bcb67ffe5f8f58b42101f0c64b7a157fbc976a21fba7f40b6a7432d8cc1b24c2c0695b9dbfd8a3436ab187488289b51b70932444b5a6777d84aa840aed","ssdeep":"","tlshash":"2c11e10ce050ebbde92a2cf05d9e7444b41a0f6ddb1d8d61506919320f646d4ef1eba6","first_seen":"2026-01-16T13:52:28.332904Z","last_seen":"2026-02-28T10:01:43.16325Z","times_seen":5,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/imgs/Home/home_top_bg.png","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.502Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /imgs/Home/home_top_bg.png HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/assets/HomePage-M9V46_xm.css\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\ncontent-encoding: br\r\ncontent-type: image/png\r\netag: W/\"2e7e64c70987873679ddd94873357ef3\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5uSzGu0KegQ0QTnlOUcPXA2BMgoWKymNDFm8WC%2B5Tqt5ab4NR98D5yaEnjQLumMyKaUSGDcqREmZXWh7VZbRpo%2FnfHZfkHKGfzEQe9IrQH%2BbjZA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\ncf-ray: 9d1e7a3c6f9c370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31900,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 600 x 171, 8-bit colormap, non-interlaced","md5":"358ba8c26549730f7a238165520bbe9f","sha1":"6db33e30d6b15a57641668afcbd46250547e9996","sha256":"92eb874b104ecd0583644489df92692d5fb684a5189034ff6f9443c1a6a3aee6","sha512":"72e156f7bb017fefd534b87c3de8e5d830dc4b48f4eb107c72b6c193e71c15ac2097e4edc399d4bec5f76f0cbce03f20c73d78502a35c01b2cac851399b954f7","ssdeep":"384:PNDybOiZFLzh/hajyGV/plDlm6B9LAGGr+5eRPs6bgxrJuXmw/0fVBmINcbfcpy5:PNePZxEplp7Lor+5KYMmZSh0o+RHQ","tlshash":"f6e2021e60549a46f6582b5bdb32c570d88704f1f89cc417cb83f04748756ca6faba46","first_seen":"2025-12-02T18:05:59.122439Z","last_seen":"2026-06-02T17:50:06.488044Z","times_seen":26,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/assets/GeneralSans-Medium-Dnk_K_Tg.otf","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.509Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /assets/GeneralSans-Medium-Dnk_K_Tg.otf HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/assets/index-DWsLYg7B.css\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-type: font/otf\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1tOhDqIt18NFltHudCeawDKWGz%2Fgnxt1ibGBWgh2o38yNuRiVNeETX4foHPxTQ58rRUehGK7QYBhz%2FpMYjbcMD12lrCjgYstV4m4ABIZJXipbn4iVg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"ca84a67f19ee41b8509951100b750612\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\ncf-ray: 9d1e7a3c7fa2370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":46424,"size_decoded":0,"mime_type":"font/otf","magic":"OpenType font data","md5":"543e455dde358b0724b7b27e5e9abcce","sha1":"90d6eedb55a4df589dcdb4038aa2feecb8c4ef3a","sha256":"a4c6067d3415ab1ec2e17e6bd0406c0d3f7a28c707c5ddd85ca6458cabd3dbf0","sha512":"8dfe1743cc88b58acbeaf985fd3bdca54f1d562303b450ad2b22b571def1ad3c706294c2d4f102f6dc4423fae0039a5dddcef48f8e6efa81c8213a806831698f","ssdeep":"768:+sw9X3xA79vZp3MeJ8u9Vlw/4p430jWoBM9K3wyynGcvkEt7PpqK3Y7TlJ9Nziv6:Aq79vZp3MeJJDwQp4EjlBM9KgllkEtjs","tlshash":"77234b96b7061705d113bb388cb7e338d330b92c87ff564ba4ba59a92d9c1c74c62687","first_seen":"2023-05-26T17:06:12Z","last_seen":"2026-06-03T03:49:20.026684Z","times_seen":246,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/imgs/nav/faq.svg","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.642Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /imgs/nav/faq.svg HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=n0a6Gsdn03YFYSpF3lKu6DSupo9hRq9wpFtj6Gyw39XeOCKwTuTdAGZ8cQujeRX5%2Fk8KcP1xU4COzv1lv5e6vr8IohQEyaYsep7epxn%2Bh9dhXEYszg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"00ceb7ce83d395e838b5430d2b24400f\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\ncf-ray: 9d1e7a3d3fcd370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":652,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"27829e9eaa4fd1008b5be1aca2e09a03","sha1":"293c089aeaf793251eb3352423f75b725e443cb4","sha256":"fae7942f21df7db3994cf2bb42a18a376596c5954464936f1058f7688f665770","sha512":"5f692f64b3a8f691f8b635942e0fc1853b005ec07e992b29c6af9033a5641a8efffa4b75a31c2dd362f334c7d3c066171ce4f7cc54a3bf2dda8b75e344bdb8c1","ssdeep":"","tlshash":"7af09e30c3a2d15cc19e77cc6eb013d2099936d2abc501359141ed3f02a38f62d93d0c","first_seen":"2025-12-02T18:05:59.131659Z","last_seen":"2026-05-09T05:23:38.288788Z","times_seen":16,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/imgs/Home/task.svg","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:26.579Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /imgs/Home/task.svg HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wxrYGpRh6z8myjWZiylSxQPy6N4MATNUd1hGqB2K453DcI%2FLbjVOL85qEhJWmCzucXGjShZeGAsIjmm8pF%2Bs8CuosbABkrPPcZUWEgZZNzCfuYg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"a1005e5ae41df40ac25794adfb521b75\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ndate: Sun, 22 Feb 2026 12:27:26 GMT\r\ncf-ray: 9d1e7a4328e8370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1056,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"9ac018432e9da5f5bcbe68bf6ae4b7df","sha1":"cf9d7c44a775f88e03c3d2553989f5990e7ecbc1","sha256":"aa1c55ab45946a71c3d3ca5cae68796a48246172db8cb2086a9e88cbbf3ec4a5","sha512":"e97a0a6be023fefbccad73d6c0835a606caa45cb0e1456405bce844aefad1971b6fc473056112e39463335fab74d73c2fab21abf5d1f8212693452cf68467a5b","ssdeep":"","tlshash":"bb11bf654798603cac1ee20b3118fe54d30d7093b4d9cdb885ad0ce40e22cfb9da7987","first_seen":"2025-12-02T18:05:59.135431Z","last_seen":"2026-05-09T05:23:38.330171Z","times_seen":16,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/assets/HomePage-CLKHVGo3.js","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.177Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /assets/HomePage-CLKHVGo3.js HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-type: application/javascript\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EghsohprjT3hazqw9tApyb231ruf66re2oGBVm7wotkj1HrnAoTw4%2FMaiZGGAHZdaJGyBuT%2F7aV9Nts0R04VVYRz9wp%2FHeIMFtdMSkAw2PpIOe9V5Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"a09d911265f84bd7e1ac5e6ba5bd3a62\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\ncf-ray: 9d1e7a3a6f4b370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":96862,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"83dfb4105434d91f42e9b6ba615358a9","sha1":"4ae157fa946aa38df5cef93c05e0ab99b47aa0b8","sha256":"0e4cd278945a104aab8e2a021b38cf91478653ef902ba4a3a54b97af3d740de3","sha512":"69ae8196df9cc4c963d251885d404029f0b1249528f838f200637bc1880a52acc10d2e3512b53bf22d19cda75959539c32599f1cc4459a74cc99339a4eb705a7","ssdeep":"1536:msZ6POpyR9zf3jr38HXweRYqotVl44kwCbTJQzO0p8QGJDv6:76PNJ/5t04kwCbTJQzO0pXGJDv6","tlshash":"3b931bc57052f86a86eb04e2417f0206b23a1e98780d8458f57cacd93e6544af7bff79","first_seen":"2026-01-16T13:52:28.331773Z","last_seen":"2026-02-28T10:01:43.173489Z","times_seen":5,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/assets/tslib.es6-CkLbZ6h7.js","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.191Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /assets/tslib.es6-CkLbZ6h7.js HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-type: application/javascript\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=inRVA4408elGdObyKRDHP9h9PRnSl%2FVP96jjd%2FpweTnEOBGN1uAPXW8nPS%2F08Ngb8kS03wVhiihSNImKTB7%2FjAhFebOTxQ1ORCY4V4NdJ1hKK6EzRQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"ffb6ef342609980949c4a8f09ffd6413\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\ncf-ray: 9d1e7a3a6f51370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":435,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (434)","md5":"6728506e6dcd6dba1245c82078b5db27","sha1":"15ae32c6e83051e125ad4ced778720a94adc3b44","sha256":"e07121df8b1a960f410cf7cb6aae2be56281ff96749271107b919a760a3ec351","sha512":"a1b5a3d5019f40f899b564dc3d1db35fd99de722adc9429848889aed11ef017bac6055d7b9dc3aa248ff114ced0bcd53eaca5a9e4054422ebdecd225a12b5088","ssdeep":"","tlshash":"66e027943620aeb110af04c1102da886a62a6538d5b5a5903a1486b1009146a550eab7","first_seen":"2026-01-16T13:52:28.34481Z","last_seen":"2026-02-28T10:01:43.154559Z","times_seen":5,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/imgs/Home/starComit.svg","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.455Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /imgs/Home/starComit.svg HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=D%2B0d%2BRXv6Ih7SSQyS0LpB8zl0XQKWTzgZF3Z4dNa%2BiJ9hMuAuC31UBiJsqqpfS%2F1Hgu5BQm3M7rD09PeV9XSEw6k6%2F%2FKSbkzucrrmR7iECsTID0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"3e56249dec04f7de1ec9306acd70ef1d\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\ncf-ray: 9d1e7a3c2f8f370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8380,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"bc8512cd2f4c2842abc47037048fe94f","sha1":"70222a265ed2806000bf7248a8a1e4c041fa6b4e","sha256":"e0a7674ea6e534e4ae86f106380ca61980213f54b363244815b3159b6a2a45d8","sha512":"01a25b2ac3fb8e08225b328dd22a1baace475669466d86ac2f2c77d45ea496a95a057f5a19e4c890047809355ed1332816a92202ff7fbdfc2855efd9411b3bbc","ssdeep":"96:auo7UOJDAtFKUXLGP78SkZeqXwuB0wJKzFm5Y8iAv78ld1hrn1Uh4JK+QeaKDCXf:fo7UO5K7LKeeqP0wsz18P8Lv5k4var","tlshash":"d50242ecabe762e0e056f3f18b6419647b5730f97d61dbb8cf7a2d51b60206c94488d0","first_seen":"2025-12-02T18:05:59.115408Z","last_seen":"2026-05-09T05:23:38.314855Z","times_seen":16,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/imgs/nav/task.svg","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.636Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /imgs/nav/task.svg HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8Eb70WZSHZOzRPhpGtqUAER0xB3sPBnsoy1yhadagcAS64il5XZDSojT6NvtbvI7NUyBB23%2BWcqirBrOiS8IY86zify2QK%2FhEZatRt5UbAFpvhoP4A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"25aade92539990349b804b2b50001e59\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\ncf-ray: 9d1e7a3d3fc6370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1077,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"837f6bd1981681bd2d3efe47d1ddb8e0","sha1":"c7c2fc9abc488556e347bf59903c99245e85cb2b","sha256":"2646dc5104e1b1a9a3f81ce09f069b3611eea3fd1e602ec553b61a1e3ba90fba","sha512":"bd3cbf31524a74e8626d237c4f6cfab4a6cd3d9a63c865a9ca243fb7a649b1e14b1209eb447340a9aec84b6094afbdc1b70839b56b7fbf8fc388cf6e27fea23a","ssdeep":"","tlshash":"5011f018d21886bacf695f688323d1a6512f22dda4a15278c756cb147b81cfc1b4c8cf","first_seen":"2025-12-02T18:05:59.138855Z","last_seen":"2026-05-09T05:23:38.332957Z","times_seen":16,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/imgs/nav/daily.svg","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.639Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /imgs/nav/daily.svg HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Klo7XOqOS%2B2yrNX%2BE6KVN3swqh3mKIXUwM3DDeXdvOY2sDPbjgdEHmf8Y9XBXVua6j4BOH4uN35B2%2FB7val4DLuXyZllzVuG0XcBjzh1qp7YwsQ3EA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"37c9037aee0607179a05234207f6aa4d\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\ncf-ray: 9d1e7a3d3fc9370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":816,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"edab1ab99409f67c45da3e0d190c3e04","sha1":"d9eb4e1a014d780aa4d9050fb231fcf70a6823a9","sha256":"6ced43a37bb76778f4328725595a58b9688b39acdb79dafecd45acc1347fa683","sha512":"f6015116a6f22e8e2ea430cd4e5ee17ca9aec23ec7f0315487609219112899ccf0ab25298c995ac45f2fa2d311218560470fdfed7b45e7fbe38592844759fac0","ssdeep":"","tlshash":"5001f911bb79e23d5386c2990674e834a79e96f976c099acdc3d55e80542b68ce83c48","first_seen":"2025-12-02T18:05:59.127719Z","last_seen":"2026-05-09T05:23:38.273554Z","times_seen":16,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/imgs/Home/video.svg","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:26.559Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /imgs/Home/video.svg HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-03T17:55:46.471571Z","times_seen":16085743,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/imgs/Top/lang.svg","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.139Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /imgs/Top/lang.svg HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=w3ZfdfKJwlwjdwVoxNagEIg6lLLTH7hzrDHj9Qczztg%2FtY%2FvaAlpFH64bPP55Ogz%2FOM3x5SP554wk6kNz9lmlGn6Rtv1KcL1sotoUCamDCM6y3eeHPc%2F1ldumGMVemCkAw%3D%3D\"}]}\r\netag: W/\"a7cc7db1b0d3785d0dee54a7541e537b\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\nage: 247988\r\ncf-ray: 9d1e7a3a2f2a370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1435,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"64599523541a7a5c5c104e7d4cf4af57","sha1":"9a486ad8c875120f5f90a71f18f2bb965906d132","sha256":"c0d76d46922f94db25beedb38434df5adbef28278af7b07937b7a57a19acb322","sha512":"d09a9e81ceb3f660d7e20e98ac418cdaf9fca6f24b2988718b104ae51fd92b5a193091634d5022291343906962a274b7837a5c3e72ee0e427bac42f0c4bdd809","ssdeep":"","tlshash":"bf21e0e846a892fc65cebf8af11012541a1d9c91f76d0561c8ddcf7e12cf511cf5190c","first_seen":"2025-12-02T18:05:59.111075Z","last_seen":"2026-05-09T05:23:38.291683Z","times_seen":16,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wealthifse-mshiau.xyz/assets/BottomBar-DdPzXLxH.js","fqdn":"wealthifse-mshiau.xyz","domain":"wealthifse-mshiau.xyz","tld":"xyz"},"ip":{"addr":"104.21.20.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://wealthifse-mshiau.xyz/?pid=r_917716859248107","date":"2026-02-22T12:27:25.183Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wealthifse-mshiau.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 17 Jan 2026 02:14:56 GMT","end":"Fri, 17 Apr 2026 03:14:50 GMT"},"fingerprint":{"sha1":"DB:A6:A9:68:D4:79:63:80:CC:2C:E1:80:4F:C9:C9:FC:A8:F2:D2:3B","sha256":"BD:CD:DE:88:8B:13:D4:A5:C7:06:D2:12:D5:D4:A9:31:36:B1:4A:B0:80:8D:AD:B8:5B:12:13:7A:C2:E3:5A:09"}}},"request":{"raw":"GET /assets/BottomBar-DdPzXLxH.js HTTP/1.1\r\nHost: wealthifse-mshiau.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wealthifse-mshiau.xyz/?pid=r_917716859248107\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nage: 9099\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-type: application/javascript\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncf-cache-status: HIT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=edrA6Aj63Bn%2FKAa2Vbvjyr1AO86yc3nImGBy4YPcT261HqYb9yy7vyPwSubm8CZjVjLSJ2809N8DAuI8T%2BZ43atxD%2Bz1G6LerBg4P06C1E%2BR63U%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"a9e1ab230fa6b970b9b0ccc3538df1c3\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nvary: accept-encoding\r\ndate: Sun, 22 Feb 2026 12:27:25 GMT\r\ncf-ray: 9d1e7a3a6f4d370a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1786,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (1782)","md5":"986f34f51e6e5e25817f972fc6b0ee3b","sha1":"49954f01661713cae8ebe5afb3f4402776dda34d","sha256":"ac69e6d50ff805377f4e4ce70931f449d10249ebb1ccea7a7e7efb384b64da52","sha512":"5fb447cf696bdb443047a1e2068aba5af2f3539c0936678dc19a08477b6012b33edbb8d5ff978aa6217af9c14d1aa45f4875e1d5ad34bf3ce0eec89cab0977fd","ssdeep":"","tlshash":"6c310048e1d6dbbeed6808d55e5d8148300f0fecda2a8892917e1c101764ceab72b79a","first_seen":"2026-01-16T13:52:28.345739Z","last_seen":"2026-02-28T10:01:43.167996Z","times_seen":5,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"wealthifse-mshiau.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}