{"report_id":"bbff42e0-c76c-4c61-b128-dd6f1954f209","version":6,"status":"done","tags":[],"date":"2025-12-26T02:48:51Z","url":{"schema":"http","addr":"phgintolucky.com/","fqdn":"phgintolucky.com","domain":"phgintolucky.com","tld":"com"},"ip":{"addr":"104.21.50.88","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"phgintolucky.com/","fqdn":"phgintolucky.com","domain":"phgintolucky.com","tld":"com"},"title":"phginto | Discover and enjoy a world of engaging online games for all ages.","dom":{"size":29832,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (577)","md5":"6c295ee3681bcf054f618201ef424841","sha1":"132254b2bb286aeb0d088a158f60acb1ea41e4db","sha256":"14ab5221d8bb9d417a7a250028e2b58faca27612837b4e924a253d3317a3e32a","sha512":"a2ee90c53004d6648ce5123cd308b6bfdb4f716009ceb1166c9f6a1798df9eb09d50979f09d384712b010759c842e3e48b0d58f80503a9e91f166330001b8e22","ssdeep":"384:lI64vTXqDOCsRolWSRoyQz04o1Dh3DAD4tLEvj12ini3pM:2xvDcOCsSuynHdBKRnEpM","tlshash":"a6d230126cf41a73552313d23daebf54aaa76643828a0b02f8bc469d0ff4e65c53f25d","dom_hash":"domhash690356e88bac282190bf77ff1ee1efae","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"phgintolucky.com/","fqdn":"phgintolucky.com","domain":"phgintolucky.com","tld":"com"},"ip":{"addr":"104.21.50.88","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-30T02:48:51Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"phgintolucky.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"phgintolucky.com","ip":{"addr":"104.21.50.88","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-10-26","domain_rank":0,"first_seen":"2025-12-26T02:48:52.032637Z","last_seen":"2025-12-26T02:48:52.032638Z","alert_count":31,"request_count":31,"received_data":677156,"sent_data":14074,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"mifengyyds6688.com","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-09-10","domain_rank":0,"first_seen":"2025-09-23T12:33:00.93204Z","last_seen":"2025-12-25T01:56:01.421917Z","alert_count":0,"request_count":3,"received_data":256864,"sent_data":1350,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"phgintolucky.com/js/common.js","fqdn":"phgintolucky.com","domain":"phgintolucky.com","tld":"com"},"ip":{"addr":"104.21.50.88","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"307f58678bb3a1e748b673d7399e03bf","sha1":"16a921fa1c6da4f953e5e89f9184a4455ef2c96a","sha256":"bfcf1e4057d69835d1cebb93281e2dc0f4e1afe6622040c65c89edf579dd324e","sha512":"7ff4dc21f931c77340576368008c43cbc899b5acf672759cc0d14794f594bb940f1fe2382c6fa7dd2fcfbcc06150c39ef35a7451e35c286ccd9348bb9bbd556f","ssdeep":"","tlshash":"42410326b2006077887626e6eb8715d8fe2d50eb620241517d5edb0d0f734c45db2efe","size":2062,"data":"","first_seen":"2025-10-18T16:38:26.993795Z","last_seen":"2026-04-05T11:16:00.433804Z","times_seen":73,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"phgintolucky.com/","fqdn":"phgintolucky.com","domain":"phgintolucky.com","tld":"com"},"ip":{"addr":"104.21.50.88","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"db3c8253423b25162e9f292ae59425db","sha1":"33d750c9c8cc661f3129c74ac2c070385b506dc8","sha256":"25a8e0baa368f9a890a74487b26891cd2f187fa0521b6308b29379694cd05df5","sha512":"637d57ac34164e81b5ef279250c386f88f3ab13ee8e83d6f20f9d69b7069cef56b4b04f66aac4cb0899207a9532d36974226c8f969d1b10f15acef8094b2f47b","ssdeep":"","tlshash":"bdb0120ac8a8902b396070764d030311529f4244e09021c403f6130040d3928624f802","size":94,"data":"","first_seen":"2025-11-06T15:12:51.491144Z","last_seen":"2026-03-25T21:25:20.609665Z","times_seen":534,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"phgintolucky.com/css/index.css","fqdn":"phgintolucky.com","domain":"phgintolucky.com","tld":"com"},"ip":{"addr":"104.21.50.88","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://phgintolucky.com/","date":"2025-12-26T02:48:29.680Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phgintolucky.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 19:36:53 GMT","end":"Wed, 25 Mar 2026 20:35:26 GMT"},"fingerprint":{"sha1":"4D:FD:FD:E8:57:AE:AC:19:04:4F:C7:33:B5:67:EC:5B:EE:8A:24:7E","sha256":"41:BE:75:17:86:4F:77:24:E3:5C:F4:CE:8F:62:34:AE:98:CE:A2:79:B3:88:2D:92:32:2A:87:3C:51:03:9D:84"}}},"request":{"raw":"GET /css/index.css HTTP/1.1\r\nHost: phgintolucky.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://phgintolucky.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 02:48:30 GMT\r\ncontent-type: text/css\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\ncache-control: public, max-age=43200\r\nexpires: Fri, 26 Dec 2025 14:48:29 GMT\r\nserver: cloudflare\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nlast-modified: Fri, 26 Dec 2025 02:48:29 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NOELjtWUy%2BQyfFwD2Iu4LiRcYLc1NIz6C1InPTe5uS3%2B072qmDxQz7alKZK1rjp7hVE2%2Btk4SNyeuYEPih%2F2WtebMB22yv9Gi17agqFB3Pg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b3d42714922c272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15036,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (391)","md5":"49c0a5529286facd0187077e36f60ea0","sha1":"b8971b06c9ce2611e89c9b5b95edda4105efb81c","sha256":"16299072ba86d1e46cf8ab554849e2274853190ec744e2de2d31083fa4689062","sha512":"d695bc32014514d2a372027f71a5466305895f804b569884c459f36566f57394f21f2facc758b63a98b177f1e911659480f565e0f5f0a59d6cf12cf5c776f1e6","ssdeep":"384:eIL1PvQWQwX0z0M03vCnt7N5gejfXTz10elC3GyfTgjyySQ4Oz1wiQWHSfKej+ob:eev8lXdrDadrgOrrOjyie4D3KCtJKSSB","tlshash":"d862e0096d740922ac3f632b3c7dbe7163ab85c3984fcb775db424588eec0b5856e648","first_seen":"2025-11-07T11:52:11.82842Z","last_seen":"2026-04-05T11:16:00.426198Z","times_seen":66,"resource_available":false,"data":null}},"time_used":354,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":354,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"phgintolucky.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mifengyyds6688.com/phgx/phgx1-800-60.gif","fqdn":"mifengyyds6688.com","domain":"mifengyyds6688.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://phgintolucky.com/","date":"2025-12-26T02:48:29.687Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cc78c670.sni.cloudflaressl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 08 Nov 2025 11:41:04 GMT","end":"Fri, 06 Feb 2026 12:40:56 GMT"},"fingerprint":{"sha1":"E6:9A:56:D6:3E:1D:39:9A:BF:DA:93:EA:C7:BF:E3:8E:C1:5C:AC:2B","sha256":"EC:FA:DD:93:C1:EC:D2:D7:33:10:B3:EA:57:B7:95:96:DF:C5:0B:FA:1D:F9:C9:61:D1:4E:37:69:75:57:7D:A5"}}},"request":{"raw":"GET /phgx/phgx1-800-60.gif HTTP/1.1\r\nHost: mifengyyds6688.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://phgintolucky.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 26 Dec 2025 02:48:29 GMT\r\ncontent-type: image/gif\r\ncontent-length: 47555\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=03biYsEPCojV%2BUBYSLNXI7xHzyl4WX37vQQCcomhjJgw1tCz343443DjoFvWa4IOo2jxG7yW%2FY89jrRbGRS2LX%2Bzoz9PUeX6k5%2FEIEqGP1E%3D\"}]}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\naccept-ranges: bytes\r\netag: \"e0f572ace66844e548e44bd8fbcab3a3\"\r\nlast-modified: Fri, 17 Oct 2025 14:00:48 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nage: 3831\r\ncache-control: max-age=14400\r\ncf-ray: 9b3d42717b3256a9-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":47555,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 800 x 60","md5":"e0f572ace66844e548e44bd8fbcab3a3","sha1":"f153a63185a7c7e84ca7266faba47f1fe6564507","sha256":"37796e0f7202851c54eaaf4138cd1db10e9cacf1090259d6a196bbad1362bef0","sha512":"b16da9353f0f981674ce7b88dce9c2a9ed4607c98ddf5d6eae1715f74a0e71680d776da0b9bd81e4a37b517ecaf2447ea196ffd7ec2736487ef5c145ee9da6e6","ssdeep":"768:YDLfzUZEabSxFJc4finy9k+H+sj0iKtQrlgfUWEYfStxHc0K+nVmbph6vJWotapJ:srUpSxX/cCkLsj7HrlgCYSosVmgWoYv/","tlshash":"8823f1eb383a0661589b4998a70aa2274b1ac7f8117424e6107bd1f0b2372776947c9b","first_seen":"2025-10-18T16:38:26.9578Z","last_seen":"2026-03-30T00:04:44.066059Z","times_seen":235,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":1,"send":0,"wait":10,"receive":6,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"phgintolucky.com/phginto-digital-gaming-rise.webp","fqdn":"phgintolucky.com","domain":"phgintolucky.com","tld":"com"},"ip":{"addr":"104.21.50.88","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://phgintolucky.com/","date":"2025-12-26T02:48:29.725Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phgintolucky.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 19:36:53 GMT","end":"Wed, 25 Mar 2026 20:35:26 GMT"},"fingerprint":{"sha1":"4D:FD:FD:E8:57:AE:AC:19:04:4F:C7:33:B5:67:EC:5B:EE:8A:24:7E","sha256":"41:BE:75:17:86:4F:77:24:E3:5C:F4:CE:8F:62:34:AE:98:CE:A2:79:B3:88:2D:92:32:2A:87:3C:51:03:9D:84"}}},"request":{"raw":"GET /phginto-digital-gaming-rise.webp HTTP/1.1\r\nHost: phgintolucky.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://phgintolucky.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 02:48:30 GMT\r\ncontent-type: image/webp\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=43200\r\nexpires: Fri, 26 Dec 2025 14:48:29 GMT\r\nserver: cloudflare\r\ncf-cache-status: MISS\r\nlast-modified: Fri, 26 Dec 2025 02:48:30 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KO5Nkpvf1kMIGeWgxMDnH07Uji7T3pNayWlMdeHByZdeOXqlmjvEZqsVx5EMX4gtHf%2FuxaHp0nddvRkH6Sr7FwHFdcY7aLfg5tZytfEIuio%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b3d42716939c272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14882,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 512x512, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"f2783cff892bde6c73aa8a12a078c9f0","sha1":"10ba007793c008da16d6f9927c270bf670e50a97","sha256":"03346191179c632a7030e8bba3174d4454162958c1c28bbc5d165ee94ffa6840","sha512":"3d4a9bae351a0818f3fa7389642f0908be01308eebaa4e63177d461624f16b96eda3d996609d03b8d9342914776d3c069deeef8e1ed5ea7b88291a6849906484","ssdeep":"384:Bt3L4RpO39RsGyCZ9GKIsd9050g7Ao1CHBdZ9:z3z39by8I4/g/1yBdH","tlshash":"6462c08b4a0660358fc1079d9a208c1a7dac1632354f1ef3ca492d35b687d56cde9f9f","first_seen":"2025-12-26T02:48:56.573417Z","last_seen":"2025-12-26T02:48:56.573417Z","times_seen":1,"resource_available":false,"data":null}},"time_used":662,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":490,"receive":172,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"phgintolucky.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"phgintolucky.com/favicon.ico","fqdn":"phgintolucky.com","domain":"phgintolucky.com","tld":"com"},"ip":{"addr":"104.21.50.88","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://phgintolucky.com/","date":"2025-12-26T02:48:30.442Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phgintolucky.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 19:36:53 GMT","end":"Wed, 25 Mar 2026 20:35:26 GMT"},"fingerprint":{"sha1":"4D:FD:FD:E8:57:AE:AC:19:04:4F:C7:33:B5:67:EC:5B:EE:8A:24:7E","sha256":"41:BE:75:17:86:4F:77:24:E3:5C:F4:CE:8F:62:34:AE:98:CE:A2:79:B3:88:2D:92:32:2A:87:3C:51:03:9D:84"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: phgintolucky.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://phgintolucky.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 02:48:30 GMT\r\ncontent-type: image/png\r\nvary: accept-encoding\r\npriority: u=6,i=?0\r\ncache-control: public, max-age=43200\r\nexpires: Fri, 26 Dec 2025 14:48:30 GMT\r\nserver: cloudflare\r\ncf-cache-status: MISS\r\nlast-modified: Fri, 26 Dec 2025 02:48:30 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tZ%2FR78C1Z%2BfrUlb7Ng8QdeDCFp59oDsyyk2Xc6QELFYymkm9Ib9SYLJbo7gvMlvfMW%2BCYMghncvACBFjKEhYP2jxYWai%2FWLjS7Kht1Ixh98%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b3d42763992c272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9569,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 80, 8-bit/color RGB, non-interlaced","md5":"fdc0645a2009b12a084450e577b626bc","sha1":"e81efbe96f87de932bde8ff3c97c27e28ebec458","sha256":"0a81e191f85ff1c1b840ceec9d7fe38368fc8a22b0a44cba4551a10ae39690a0","sha512":"ffbcf2fc4d46ac19e249faa4d6ee1820b32ce4c45e026748f36d3df2c2b99843d43de151e4ac708c04d1b4626c1edf0e36f8c52cfc31892c4460db2dc455a1b1","ssdeep":"192:m9yqfqs1mgA/rs5LhSerrG3JRrnua9eKJaYjv/xu3EqG3823BchIc:m9TMxrKZrcTrnuageXvJ4nG33qp","tlshash":"6712c156e906c592ddb69bbd438c9e352e49864727205a1c5ff0cb4e9f3b4000997dc5","first_seen":"2025-12-26T02:48:56.576066Z","last_seen":"2025-12-26T02:48:56.576066Z","times_seen":1,"resource_available":false,"data":null}},"time_used":401,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":401,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"phgintolucky.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"phgintolucky.com/images/promo_deposit_1757140932462_jynmz5dag.webp","fqdn":"phgintolucky.com","domain":"phgintolucky.com","tld":"com"},"ip":{"addr":"104.21.50.88","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://phgintolucky.com/","date":"2025-12-26T02:48:29.697Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phgintolucky.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 19:36:53 GMT","end":"Wed, 25 Mar 2026 20:35:26 GMT"},"fingerprint":{"sha1":"4D:FD:FD:E8:57:AE:AC:19:04:4F:C7:33:B5:67:EC:5B:EE:8A:24:7E","sha256":"41:BE:75:17:86:4F:77:24:E3:5C:F4:CE:8F:62:34:AE:98:CE:A2:79:B3:88:2D:92:32:2A:87:3C:51:03:9D:84"}}},"request":{"raw":"GET /images/promo_deposit_1757140932462_jynmz5dag.webp HTTP/1.1\r\nHost: phgintolucky.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://phgintolucky.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 02:48:29 GMT\r\ncontent-type: image/webp\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=43200\r\nexpires: Fri, 26 Dec 2025 14:48:29 GMT\r\nserver: cloudflare\r\ncf-cache-status: MISS\r\nlast-modified: Fri, 26 Dec 2025 02:48:29 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aeAJ6IbX%2Bs4%2FQ89FTfuG5mw3bIEIMySj08RmkJgwJyFVXQBQ2NpmSfqRpPF2wsqNkYho%2BPUMcMhMVXfGx4QgqtX%2F4YIc9MF%2BUqapBupMehk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b3d42715928c272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4378,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 150x150, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"60d7da87eb25dc83ebf6a5fed741c8b5","sha1":"a5b9202e9705cb84c14d277cf3a9eb52ef654854","sha256":"a7a3d224680c78d2e5ba90de1e36d62c68b3e6ec32637838342067befa78151e","sha512":"5323b8c23f47dbb97f7171de83ff74a880ac1eb1fa7d412fb495331f1270a0a04709a4290ffd7b44d3241ff34f5b148b9ffabc5976469e9c867b4390596bf9d3","ssdeep":"96:aDexm0AwruA9FzY9sOBqdrYkw3R2ABPb5hwSHvTfK:aDeB5uy5Y9sOTkWBg4vu","tlshash":"c3918e99e2939a66274fbbc18d486132de0d60338798d3989c8b0eb2f1b6587133cf55","first_seen":"2025-10-18T16:38:26.929583Z","last_seen":"2026-04-05T11:16:00.41872Z","times_seen":73,"resource_available":false,"data":null}},"time_used":324,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":324,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"phgintolucky.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"phgintolucky.com/images/ux_support_1757141115982_1g6ixvjsp.webp","fqdn":"phgintolucky.com","domain":"phgintolucky.com","tld":"com"},"ip":{"addr":"104.21.50.88","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://phgintolucky.com/","date":"2025-12-26T02:48:29.724Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phgintolucky.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 19:36:53 GMT","end":"Wed, 25 Mar 2026 20:35:26 GMT"},"fingerprint":{"sha1":"4D:FD:FD:E8:57:AE:AC:19:04:4F:C7:33:B5:67:EC:5B:EE:8A:24:7E","sha256":"41:BE:75:17:86:4F:77:24:E3:5C:F4:CE:8F:62:34:AE:98:CE:A2:79:B3:88:2D:92:32:2A:87:3C:51:03:9D:84"}}},"request":{"raw":"GET /images/ux_support_1757141115982_1g6ixvjsp.webp HTTP/1.1\r\nHost: phgintolucky.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://phgintolucky.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 02:48:29 GMT\r\ncontent-type: image/webp\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=43200\r\nexpires: Fri, 26 Dec 2025 14:48:29 GMT\r\nserver: cloudflare\r\ncf-cache-status: MISS\r\nlast-modified: Fri, 26 Dec 2025 02:48:29 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TbZpjTT2tdNt3AJhSko9fZ8aE2qCJahWAEg4orzU80tdd2WUV%2B2s3ooyoI782wAKXVD1cCLycxGcKAfiuwuFHmBTSxjGggbR4mM3G3lzTRI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b3d42716938c272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2878,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 80x80, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"aa619ed1a9d6c130df850e8cdc93ac96","sha1":"e9fbbafc3331a6ef63f59b5d45bae35545ba2b2b","sha256":"4197fbc1e96ff507fb33ca3fbed05c8964ccf68bd2cfaca79f0f7681a01e5959","sha512":"11587dd04fcbd37095d33156ee78016dfab6764217429733807e39efa0d8bed881d1c508c621fea64b041dbf6779b32470580612edb32600d5ccc8620c63a5d8","ssdeep":"","tlshash":"0b517e652d57a6a8dbf3c4040afb15bcd906c141c744ea0e7480175e2a3a3bebcdc0c4","first_seen":"2025-10-18T16:38:26.947857Z","last_seen":"2026-04-05T11:16:00.412566Z","times_seen":73,"resource_available":false,"data":null}},"time_used":314,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":314,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"phgintolucky.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"phgintolucky.com/images/ux_interface_1757141080271_xnxwmimt6.webp","fqdn":"phgintolucky.com","domain":"phgintolucky.com","tld":"com"},"ip":{"addr":"104.21.50.88","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://phgintolucky.com/","date":"2025-12-26T02:48:29.720Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phgintolucky.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 19:36:53 GMT","end":"Wed, 25 Mar 2026 20:35:26 GMT"},"fingerprint":{"sha1":"4D:FD:FD:E8:57:AE:AC:19:04:4F:C7:33:B5:67:EC:5B:EE:8A:24:7E","sha256":"41:BE:75:17:86:4F:77:24:E3:5C:F4:CE:8F:62:34:AE:98:CE:A2:79:B3:88:2D:92:32:2A:87:3C:51:03:9D:84"}}},"request":{"raw":"GET /images/ux_interface_1757141080271_xnxwmimt6.webp HTTP/1.1\r\nHost: phgintolucky.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://phgintolucky.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 02:48:29 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1780\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=43200\r\nexpires: Fri, 26 Dec 2025 14:48:29 GMT\r\nserver: cloudflare\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nlast-modified: Fri, 26 Dec 2025 02:48:29 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dkT1MmYfi51P8eWyQs449i6o4mYbywj1k%2FkhiRbqX8B6r20al%2FAUFVf8%2FlsLlnPBPtMirYSIv%2F0AYHgkyoVDgJDxZIoNAx3NAOBsyo0WvsU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b3d42716937c272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1780,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 80x80, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"fd6cdef25813119377ec821dafb13887","sha1":"fce49bbb817829c59e8e8f5b3e2b2df55856a24c","sha256":"93908c449046f44cb110eccc215fdd4cd9dc0025aa211d05d694b8268b0033bc","sha512":"5c9ac365f12cd496bdcbffbbda16ada841671ee356c7cf9cfd57e85ad51e6862722279921e12d0d900074d586307d0678bc2f7f7b9536cd35aeaf902eb9674dc","ssdeep":"","tlshash":"ae310bc9087d3e9fce599607ab573139a449f056fe6d48dac0401cf215312b303c496e","first_seen":"2025-10-18T16:38:26.944035Z","last_seen":"2026-04-05T11:16:00.402627Z","times_seen":73,"resource_available":false,"data":null}},"time_used":313,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":313,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"phgintolucky.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"phgintolucky.com/exploring-rise-gaming-portals.webp","fqdn":"phgintolucky.com","domain":"phgintolucky.com","tld":"com"},"ip":{"addr":"104.21.50.88","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://phgintolucky.com/","date":"2025-12-26T02:48:29.728Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phgintolucky.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 19:36:53 GMT","end":"Wed, 25 Mar 2026 20:35:26 GMT"},"fingerprint":{"sha1":"4D:FD:FD:E8:57:AE:AC:19:04:4F:C7:33:B5:67:EC:5B:EE:8A:24:7E","sha256":"41:BE:75:17:86:4F:77:24:E3:5C:F4:CE:8F:62:34:AE:98:CE:A2:79:B3:88:2D:92:32:2A:87:3C:51:03:9D:84"}}},"request":{"raw":"GET /exploring-rise-gaming-portals.webp HTTP/1.1\r\nHost: phgintolucky.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://phgintolucky.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 02:48:30 GMT\r\ncontent-type: image/webp\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=43200\r\nexpires: Fri, 26 Dec 2025 14:48:30 GMT\r\nserver: cloudflare\r\ncf-cache-status: MISS\r\nlast-modified: Fri, 26 Dec 2025 02:48:30 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=N2N9qs0nyJm42RSrLrNtsNSgIaKFl0x8RZTCTx%2FlcYL68dUSXPm1KxSA30zjgmPu%2F8bQdckczNpUEM6m%2FzO6DIjL0UaXL2OAKDTXVwdoHik%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b3d4271793ac272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21026,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 512x512, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"b31a2d04c6b105c33d390c7478646d51","sha1":"596ce90cf3ebfcdbd5be59161b54fe6f6b795893","sha256":"0d3c435004e58d1cd2acbe338bdf6eff9009e02ffb5ff6504ddd5612ff427913","sha512":"fdcc3f5b3b39e6bc196e5367d07685dc1331e1666af42095b0145bc08cd3d6293f0165690fcb0284036ab5a5c830c00f4796e577ee1f210910b749196a5f6ff6","ssdeep":"384:rs41rKoQNLT2N9GELmdgOFyD5lKgfzLnjAoqZ/nBDpqu8+GR5VmNW3wadzAgcKYN:QnF2NHm1gdlKOznqJnBdqBF+WgGDYG3C","tlshash":"1492d1cb43c250a175611d85dafd781a620c06658ed3ca915f331f28e2dcfc789c8b75","first_seen":"2025-12-26T02:48:56.581962Z","last_seen":"2025-12-26T02:48:56.581962Z","times_seen":1,"resource_available":false,"data":null}},"time_used":677,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":525,"receive":152,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"phgintolucky.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"phgintolucky.com/","fqdn":"phgintolucky.com","domain":"phgintolucky.com","tld":"com"},"ip":{"addr":"104.21.50.88","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-26T02:48:29.017Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phgintolucky.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 19:36:53 GMT","end":"Wed, 25 Mar 2026 20:35:26 GMT"},"fingerprint":{"sha1":"4D:FD:FD:E8:57:AE:AC:19:04:4F:C7:33:B5:67:EC:5B:EE:8A:24:7E","sha256":"41:BE:75:17:86:4F:77:24:E3:5C:F4:CE:8F:62:34:AE:98:CE:A2:79:B3:88:2D:92:32:2A:87:3C:51:03:9D:84"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: phgintolucky.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 26 Dec 2025 02:48:29 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sM2YfD3snWZ8DxPvjGMxCD9O%2FRSakSEHMo0QsqIc63Y4tvt2c1cb1Y1OdyYCRf9yh6%2BBhSlNlrpNuLrGDmXxlvykkuYhVsdm1F0zynkz\"}]}\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9b3d426d7871b517-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":30225,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (581), with CRLF, LF line terminators","md5":"813a95db88a84c25869d55de2e9a9144","sha1":"2efba491d4f7a4ee7821cef8e5c821308c4f2ffb","sha256":"b59dcc069ade349b3d20c2a3895e3769c7e1e09bb554ed165dd1045c5128cbd3","sha512":"a7b90ea254cb2e55cacd3f7cf3a36f34c423a5a4ee8ea29e976f663d630d982518d4bbe6a9ab24f8fa490ae4f62f32716eb82e775d0eae99b8ef616f7117706f","ssdeep":"384:25Xn2XKsWZg4a2kLma4j8g34/1z6cDVDoVAwLKxVhnrynv:A32alZg4iOjWMpanPnOv","tlshash":"1cd23f226cd41a73553343d66d6abfa4f9a7528382860b02f8bc469f0ff4d64c53b25d","first_seen":"2025-12-26T02:48:56.588657Z","last_seen":"2025-12-26T02:48:56.588657Z","times_seen":1,"resource_available":false,"data":null}},"time_used":397,"timings":{"blocked":21,"dns":0,"connect":1,"send":0,"wait":355,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"phgintolucky.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"phgintolucky.com/img/logo.webp","fqdn":"phgintolucky.com","domain":"phgintolucky.com","tld":"com"},"ip":{"addr":"104.21.50.88","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://phgintolucky.com/","date":"2025-12-26T02:48:29.684Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phgintolucky.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 19:36:53 GMT","end":"Wed, 25 Mar 2026 20:35:26 GMT"},"fingerprint":{"sha1":"4D:FD:FD:E8:57:AE:AC:19:04:4F:C7:33:B5:67:EC:5B:EE:8A:24:7E","sha256":"41:BE:75:17:86:4F:77:24:E3:5C:F4:CE:8F:62:34:AE:98:CE:A2:79:B3:88:2D:92:32:2A:87:3C:51:03:9D:84"}}},"request":{"raw":"GET /img/logo.webp HTTP/1.1\r\nHost: phgintolucky.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://phgintolucky.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 02:48:30 GMT\r\ncontent-type: image/webp\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=43200\r\nexpires: Fri, 26 Dec 2025 14:48:30 GMT\r\nserver: cloudflare\r\ncf-cache-status: MISS\r\nlast-modified: Fri, 26 Dec 2025 02:48:30 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CkKX9K5JWZsR7oB9Cqr%2Bpzwvv9PC1zx4NN473rePE3gp1RS4WR0QTVhFkX9HPa%2FlbusBNAVcbkVwvlnqSU3BQ7H%2FpGsw2MlJZpnFBFjZh%2Bg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b3d42714924c272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22008,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 512x512, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"d1bf9ece034a987753b5966ea742b5a1","sha1":"6eb022d5fb5a061a5a5fe5099e965d591d5e115f","sha256":"f3377b9249ddf48c89f5a8e2d9c928cfb56cf976a5d7d86fda146cac34a31ae3","sha512":"1bd9d207142bd23b753e3b21472e6c6d36a9d53d56a873f5c85a5a156b6f380196974fe2cbe191b2da567fd030af4560668a5d42bd88d23decb03e6ac423c4b6","ssdeep":"384:QpwHuit42nv+qxVzbsqhSJVCKdvkLo43N/L4tTyb7s4w8XRWZlqkOZ0:r2QfhSZCLo2jsqDwURwAZ0","tlshash":"c3a2e1468f55035fdd04ab6d280b4994f9a672ad53a314bd3cb04ab090efc432eb1eb4","first_seen":"2025-12-26T02:48:56.603798Z","last_seen":"2025-12-26T02:48:56.603798Z","times_seen":1,"resource_available":false,"data":null}},"time_used":725,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":570,"receive":155,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"phgintolucky.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mifengyyds6688.com/phgx/phgx2-800-60.gif","fqdn":"mifengyyds6688.com","domain":"mifengyyds6688.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://phgintolucky.com/","date":"2025-12-26T02:48:29.700Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cc78c670.sni.cloudflaressl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 08 Nov 2025 11:41:04 GMT","end":"Fri, 06 Feb 2026 12:40:56 GMT"},"fingerprint":{"sha1":"E6:9A:56:D6:3E:1D:39:9A:BF:DA:93:EA:C7:BF:E3:8E:C1:5C:AC:2B","sha256":"EC:FA:DD:93:C1:EC:D2:D7:33:10:B3:EA:57:B7:95:96:DF:C5:0B:FA:1D:F9:C9:61:D1:4E:37:69:75:57:7D:A5"}}},"request":{"raw":"GET /phgx/phgx2-800-60.gif HTTP/1.1\r\nHost: mifengyyds6688.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://phgintolucky.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 26 Dec 2025 02:48:29 GMT\r\ncontent-type: image/gif\r\ncontent-length: 44106\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6B9F2WgA0ECROWwuBrKv1HkoIPS5xZDMnjQEhCQV46SZwX5NzqK0zyPq%2FgrkK58ExcIdKA0Q82ia9cbyGqlOSGiyDAO90%2FdemIYdbyk52q0%3D\"}]}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\naccept-ranges: bytes\r\netag: \"fd1197366b2e05375ea7fbb53d45a3bd\"\r\nlast-modified: Fri, 17 Oct 2025 14:00:47 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nage: 6370\r\ncache-control: max-age=14400\r\ncf-ray: 9b3d42718b3a56a9-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":44106,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 800 x 60","md5":"fd1197366b2e05375ea7fbb53d45a3bd","sha1":"502096637a09ae67a4a05af4039e1c5a8eb2162b","sha256":"de7f783b56f8bacb8b80f0cebc4304833f0c1ba132ec92d371acec6ba9ee33a5","sha512":"cfa78b3de5249ac5daca729bae5bdf52477dcabf22438cdb936ff638cc962176aecc9510bd3b1883b984307034ef75707a9e3613816ab67bf755eaf8c5a1e7bd","ssdeep":"768:efAYgcoIiGjpiaytHe2rHmWYPSUhBjbsifm5Knpsk5i56M2KFy7g0fCWKEn:XHdSJytHjnYaCWca6M1FTEn","tlshash":"d6130262511f05b4e07669f35b4422651c606a718a15ecfd3e2f83f0b9bf419bce8af0","first_seen":"2025-10-18T16:38:27.017256Z","last_seen":"2026-03-30T00:04:44.052102Z","times_seen":236,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":10,"receive":4,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"phgintolucky.com/educational.webp","fqdn":"phgintolucky.com","domain":"phgintolucky.com","tld":"com"},"ip":{"addr":"104.21.50.88","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://phgintolucky.com/","date":"2025-12-26T02:48:29.708Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phgintolucky.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 19:36:53 GMT","end":"Wed, 25 Mar 2026 20:35:26 GMT"},"fingerprint":{"sha1":"4D:FD:FD:E8:57:AE:AC:19:04:4F:C7:33:B5:67:EC:5B:EE:8A:24:7E","sha256":"41:BE:75:17:86:4F:77:24:E3:5C:F4:CE:8F:62:34:AE:98:CE:A2:79:B3:88:2D:92:32:2A:87:3C:51:03:9D:84"}}},"request":{"raw":"GET /educational.webp HTTP/1.1\r\nHost: phgintolucky.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://phgintolucky.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 02:48:30 GMT\r\ncontent-type: image/webp\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=43200\r\nexpires: Fri, 26 Dec 2025 14:48:29 GMT\r\nserver: cloudflare\r\ncf-cache-status: MISS\r\nlast-modified: Fri, 26 Dec 2025 02:48:30 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hqCWPIKUKGXIRXbyOGHdJ0PUkZykM6yT7GrefuaktExNWR0MzYeL0ZdLeg8mYz7iI1Iwc2p%2FcHXEZznN3unosxcIFIWIXoWZ%2B6O%2BpHIoAlI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b3d42716931c272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22282,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 512x512, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"260641bcb2cb9bb7631c98423e648575","sha1":"6a7d6af4c01b6e54f285a85d2bac973b95eb9a5d","sha256":"53ce0acff2df22936d79f917fc4edca192a4c7e4b5cc73bca4736c83529ac3a1","sha512":"a51ffe50e957a66d764623bc0d6a07dd43b28005e574032e03b0545aa4082c6f14a798e0fce8798498ca173ac54c4580f14adc085a3969da66b6a09fc0f46304","ssdeep":"384:oolMi2/dbT7CIfnGJ6d8ApnXI7nNRGcBiF57nNLW80pI1R+SK0fHpDOU6iN8gMLO:oolH6fd/ZXI7nNPsF57nNLZ0pI7+uw7y","tlshash":"42a2c0598c485d1ca1fc2fd096d42cb6e47aca90af1e7265733901ce94a76314a08fdb","first_seen":"2025-12-26T02:48:56.609116Z","last_seen":"2025-12-26T02:48:56.609116Z","times_seen":1,"resource_available":false,"data":null}},"time_used":668,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":518,"receive":150,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"phgintolucky.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"phgintolucky.com/multiplayer.webp","fqdn":"phgintolucky.com","domain":"phgintolucky.com","tld":"com"},"ip":{"addr":"104.21.50.88","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://phgintolucky.com/","date":"2025-12-26T02:48:29.709Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phgintolucky.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 19:36:53 GMT","end":"Wed, 25 Mar 2026 20:35:26 GMT"},"fingerprint":{"sha1":"4D:FD:FD:E8:57:AE:AC:19:04:4F:C7:33:B5:67:EC:5B:EE:8A:24:7E","sha256":"41:BE:75:17:86:4F:77:24:E3:5C:F4:CE:8F:62:34:AE:98:CE:A2:79:B3:88:2D:92:32:2A:87:3C:51:03:9D:84"}}},"request":{"raw":"GET /multiplayer.webp HTTP/1.1\r\nHost: phgintolucky.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://phgintolucky.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 02:48:30 GMT\r\ncontent-type: image/webp\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=43200\r\nexpires: Fri, 26 Dec 2025 14:48:29 GMT\r\nserver: cloudflare\r\ncf-cache-status: MISS\r\nlast-modified: Fri, 26 Dec 2025 02:48:30 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=a64enS9FVTdO8rAtsgusleD3IvFm9uHSppvtthX9UoRKcEBYRnrl14l36jneTEB1BbbieQqVAlqBTJos7CIuLlucuSkzjwO%2FWdrnQ1XWDvE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b3d42716932c272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21640,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 512x512, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"ee7888e553e882fcb45b0b4c7f7db2fc","sha1":"9312ed179040793f7eb985a7853ab57ba84fbc95","sha256":"bb2764538b5a5e7ea18846ca9601591942687818291ba75137fc808eee8d53c1","sha512":"ccb670473b536a03224100280a63f3ae59b28d1970ed776451a7ee8a9ef4679258507661ebc26bdd305ad94daa6c1a68c81a075e2acb659f8f8329fa7019918f","ssdeep":"384:tydiTXjSAtIzRnQpBOMk5xmkbQGv9GOgf5OPvVM2/jgAgpnigrqgl2jJL04g:tdjSA0nG6xmkber8vVMy2qE2NLg","tlshash":"40a2e1c9c1d08bfcf2660a20993c92a75ea1a616c10baf9fab5d75c8334c5d80fd7742","first_seen":"2025-12-26T02:48:56.612395Z","last_seen":"2025-12-26T02:48:56.612395Z","times_seen":1,"resource_available":false,"data":null}},"time_used":631,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":482,"receive":149,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"phgintolucky.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"phgintolucky.com/images/promo_cashback_1757140950807_jfisex257.webp","fqdn":"phgintolucky.com","domain":"phgintolucky.com","tld":"com"},"ip":{"addr":"104.21.50.88","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://phgintolucky.com/","date":"2025-12-26T02:48:29.698Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phgintolucky.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 19:36:53 GMT","end":"Wed, 25 Mar 2026 20:35:26 GMT"},"fingerprint":{"sha1":"4D:FD:FD:E8:57:AE:AC:19:04:4F:C7:33:B5:67:EC:5B:EE:8A:24:7E","sha256":"41:BE:75:17:86:4F:77:24:E3:5C:F4:CE:8F:62:34:AE:98:CE:A2:79:B3:88:2D:92:32:2A:87:3C:51:03:9D:84"}}},"request":{"raw":"GET /images/promo_cashback_1757140950807_jfisex257.webp HTTP/1.1\r\nHost: phgintolucky.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://phgintolucky.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 02:48:29 GMT\r\ncontent-type: image/webp\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=43200\r\nexpires: Fri, 26 Dec 2025 14:48:29 GMT\r\nserver: cloudflare\r\ncf-cache-status: MISS\r\nlast-modified: Fri, 26 Dec 2025 02:48:29 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ton5UqrELTRULXzT4arFKG2%2Fm%2BwrouFfe640qFjwF7pdK4P59g9Lss62hK4Y7xcYyaDvtQOh5FSI%2Fy5TWX%2FszDDeMCqwh3pMN%2FQoriMTw%2B0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b3d4271692ec272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4088,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 150x150, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"2944a76d37bf71ebbbef2c19afe8fa47","sha1":"5abf817fc7464772dd129ddfaab83000c6ea8ac7","sha256":"2b771b95c11d6920d75b005e4922a430b07ba2fcb26f99f6a8ddef84cc1fb35c","sha512":"37e6f03a692c0a308b32a23abd207f9383c3626e7632a780302ba5c64d79da9aa029e8fb55c3d1bde8bda79c5cba638bf041e86db9431cfbab535a358de5c850","ssdeep":"","tlshash":"df815b1b08643a67c7a6e035b438d3647289d2838213ef120fd3e82cd15a1d8f5e1b89","first_seen":"2025-10-18T16:38:27.013447Z","last_seen":"2026-04-05T11:16:00.429267Z","times_seen":73,"resource_available":false,"data":null}},"time_used":322,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":322,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"phgintolucky.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"phgintolucky.com/roleplay.webp","fqdn":"phgintolucky.com","domain":"phgintolucky.com","tld":"com"},"ip":{"addr":"104.21.50.88","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://phgintolucky.com/","date":"2025-12-26T02:48:29.718Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phgintolucky.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 19:36:53 GMT","end":"Wed, 25 Mar 2026 20:35:26 GMT"},"fingerprint":{"sha1":"4D:FD:FD:E8:57:AE:AC:19:04:4F:C7:33:B5:67:EC:5B:EE:8A:24:7E","sha256":"41:BE:75:17:86:4F:77:24:E3:5C:F4:CE:8F:62:34:AE:98:CE:A2:79:B3:88:2D:92:32:2A:87:3C:51:03:9D:84"}}},"request":{"raw":"GET /roleplay.webp HTTP/1.1\r\nHost: phgintolucky.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://phgintolucky.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 02:48:30 GMT\r\ncontent-type: image/webp\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=43200\r\nexpires: Fri, 26 Dec 2025 14:48:30 GMT\r\nserver: cloudflare\r\ncf-cache-status: MISS\r\nlast-modified: Fri, 26 Dec 2025 02:48:30 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EK9SWoCSi3GPU13D%2Fl39ImAsivkKkqG%2BAaYekblFdJIO%2BGyql2gFwcouOdYQXXXfZ8di9v1nnu%2BXM5iUGwEIQ1s%2BmacnYKr0ad9FhbS%2FGDs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b3d42716934c272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17762,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 512x512, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"8ce477bd65f02d9b5b0b07bb886da0b9","sha1":"6c623e84f0850927a43f6e96e1603da74fb1100d","sha256":"061b1e75edd8cf22b5413ad88a339592d7520cb85482f654505072f022ec761e","sha512":"0d721a844f5c72d76b07d4e0f098fcb20c45596cad1d38a26eabda0b05cfe44ccf6eda349ae945053376fde92f736dbcd5f2e934489c0fbb3647ac8291149a91","ssdeep":"384:IWi2qSvyh3fbG4bWhJ5FU4h/wuXiQcdvH4+O83va4Ix:IWicGPS5WSmvHlal","tlshash":"2082e0bce5a9fed00ac47e770fbfd00195b244e834389a76e6640995932cdb3931c22c","first_seen":"2025-12-26T02:48:56.617548Z","last_seen":"2025-12-26T02:48:56.617548Z","times_seen":1,"resource_available":false,"data":null}},"time_used":695,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":527,"receive":168,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"phgintolucky.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"phgintolucky.com/phginto-game-trends.webp","fqdn":"phgintolucky.com","domain":"phgintolucky.com","tld":"com"},"ip":{"addr":"104.21.50.88","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://phgintolucky.com/","date":"2025-12-26T02:48:29.727Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phgintolucky.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 19:36:53 GMT","end":"Wed, 25 Mar 2026 20:35:26 GMT"},"fingerprint":{"sha1":"4D:FD:FD:E8:57:AE:AC:19:04:4F:C7:33:B5:67:EC:5B:EE:8A:24:7E","sha256":"41:BE:75:17:86:4F:77:24:E3:5C:F4:CE:8F:62:34:AE:98:CE:A2:79:B3:88:2D:92:32:2A:87:3C:51:03:9D:84"}}},"request":{"raw":"GET /phginto-game-trends.webp HTTP/1.1\r\nHost: phgintolucky.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://phgintolucky.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 02:48:30 GMT\r\ncontent-type: image/webp\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=43200\r\nexpires: Fri, 26 Dec 2025 14:48:29 GMT\r\nserver: cloudflare\r\ncf-cache-status: MISS\r\nlast-modified: Fri, 26 Dec 2025 02:48:30 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=osyl6ZvBzv5XKK4WE4tUIcSpB9gRPeU%2BQmRTgSXC0S4d3e8egL3d4HjyU0oMgICdxUCxaN69JTXcwjkdG81YRlegaabIfeu%2BpeOEENnXz3A%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b3d4271793bc272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21920,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 512x512, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"cc03532a07186e5d13781f5c58dec395","sha1":"7e8f8d1e55a4790bf00d8c5191cdc3d039e16c88","sha256":"ffbb4de2e587acd80dd11c39df52d883b31ec7a747044f57fade78743877d0a1","sha512":"9cf08f038880aa8d0d7833702715223d3370ce5efec6f028c8d15538c7cbdb07f7705d518fd96a6e6ff47174b73ff6d01fd12d8bc45481c9f57e0aa68526b7e0","ssdeep":"384:v6HkN9r+ce+/OfjElUFJtW5+6SbCxjM6XrKBOmdzh32LcENjBAu3Ue:wkv6cJ/O4CFJcc6txAMryrwcc2A","tlshash":"72a2d01518c83477d47b569f69af0c7a70c97a3cee2dc89639be2f80b0960613792192","first_seen":"2025-12-26T02:48:56.620521Z","last_seen":"2025-12-26T02:48:56.620521Z","times_seen":1,"resource_available":false,"data":null}},"time_used":620,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":471,"receive":149,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"phgintolucky.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"phgintolucky.com/rise-phginto-gaming.webp","fqdn":"phgintolucky.com","domain":"phgintolucky.com","tld":"com"},"ip":{"addr":"104.21.50.88","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://phgintolucky.com/","date":"2025-12-26T02:48:29.735Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phgintolucky.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 19:36:53 GMT","end":"Wed, 25 Mar 2026 20:35:26 GMT"},"fingerprint":{"sha1":"4D:FD:FD:E8:57:AE:AC:19:04:4F:C7:33:B5:67:EC:5B:EE:8A:24:7E","sha256":"41:BE:75:17:86:4F:77:24:E3:5C:F4:CE:8F:62:34:AE:98:CE:A2:79:B3:88:2D:92:32:2A:87:3C:51:03:9D:84"}}},"request":{"raw":"GET /rise-phginto-gaming.webp HTTP/1.1\r\nHost: phgintolucky.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://phgintolucky.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 02:48:30 GMT\r\ncontent-type: image/webp\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=43200\r\nexpires: Fri, 26 Dec 2025 14:48:30 GMT\r\nserver: cloudflare\r\ncf-cache-status: MISS\r\nlast-modified: Fri, 26 Dec 2025 02:48:30 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YERmLGIdlbzH2yBP0GPYCDxC6JJKIuHziuc4fywEzMD28bZGSitWy%2F1iKg6s09dPlJ2%2B3WU3kQMeysUBKdZJyEHA%2BL%2Bvq5trx%2Blcu4oWZNA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b3d42717940c272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":23136,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 512x512, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"cce773dd3327f7c53574fd4d5adada38","sha1":"9274b5d5eb7026378666eaa2db90b49fc646e019","sha256":"127505b28ef7497a66a344c7c6b4ab6b6b00dcd1da4cc107213da4ea8d8a40bc","sha512":"492304281087e965532a67fd74a861854c3e81f34478bf5d96674d4deb621ddd14aa24b173024adc3d6bac0cdf5baab467d8a46f975b1d4410364023c750455b","ssdeep":"384:KzIoFEjs2lVfDbQAwt0j7+IV/9djWyU9pXV/Q/oDYXVS63OjiaDq4Tnr:hoZq9QAwA+I8fD/eRjOjimHTnr","tlshash":"6ca2e07cf771b056aa20d9716f20b8111ee73829ad887a4e2b9e54170db6780c3b3c68","first_seen":"2025-12-26T02:48:56.622764Z","last_seen":"2025-12-26T02:48:56.622764Z","times_seen":1,"resource_available":false,"data":null}},"time_used":669,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":503,"receive":166,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"phgintolucky.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"phgintolucky.com/images/about_us_1757140892253_vdqkggeqo.webp","fqdn":"phgintolucky.com","domain":"phgintolucky.com","tld":"com"},"ip":{"addr":"104.21.50.88","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://phgintolucky.com/","date":"2025-12-26T02:48:29.692Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phgintolucky.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 19:36:53 GMT","end":"Wed, 25 Mar 2026 20:35:26 GMT"},"fingerprint":{"sha1":"4D:FD:FD:E8:57:AE:AC:19:04:4F:C7:33:B5:67:EC:5B:EE:8A:24:7E","sha256":"41:BE:75:17:86:4F:77:24:E3:5C:F4:CE:8F:62:34:AE:98:CE:A2:79:B3:88:2D:92:32:2A:87:3C:51:03:9D:84"}}},"request":{"raw":"GET /images/about_us_1757140892253_vdqkggeqo.webp HTTP/1.1\r\nHost: phgintolucky.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://phgintolucky.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 02:48:30 GMT\r\ncontent-type: image/webp\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=43200\r\nexpires: Fri, 26 Dec 2025 14:48:29 GMT\r\nserver: cloudflare\r\ncf-cache-status: MISS\r\nlast-modified: Fri, 26 Dec 2025 02:48:29 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HJjWq1s34e5rScfnbUnPDEEfg2olWYm%2B66ui8Eiy73QspUiniCN7y3BPag3SxMJqydiTQM4wkhlA5IanS1DZtUGdIhbvjlOQdlIvUkNIRDc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b3d42715926c272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":37554,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"12b7ee107767b368258d86493716c6f6","sha1":"28af79ca777e842985ecacd6efddf05858e2823d","sha256":"6579c9d6e9406177ff7d6cfc387d4a8ef3882672efabbe7875d077d00b996d2a","sha512":"5d0171069f0c25d7bcb1eae266b735efb19f9f1a66970367607ad40a1139edea7e6fe95fee531bedd979eef29f3b1438218a52b1b0f1ace7fff5e1c8221a458c","ssdeep":"768:SjOfGdUO86EcAeDKqa7Cpl34k1or1k+pBIlFPBjsPj0HFCr:SSGdU6EuKqACp14ioy+iPBQUw","tlshash":"21f2f1a1e9308b3cddd528372d8161b7677c34e0b4b7cf9100560b93bb4e185b9db2aa","first_seen":"2025-10-18T16:38:26.978545Z","last_seen":"2026-04-05T11:16:00.427381Z","times_seen":73,"resource_available":false,"data":null}},"time_used":514,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":347,"receive":167,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"phgintolucky.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"phgintolucky.com/adventure.webp","fqdn":"phgintolucky.com","domain":"phgintolucky.com","tld":"com"},"ip":{"addr":"104.21.50.88","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://phgintolucky.com/","date":"2025-12-26T02:48:29.704Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phgintolucky.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 19:36:53 GMT","end":"Wed, 25 Mar 2026 20:35:26 GMT"},"fingerprint":{"sha1":"4D:FD:FD:E8:57:AE:AC:19:04:4F:C7:33:B5:67:EC:5B:EE:8A:24:7E","sha256":"41:BE:75:17:86:4F:77:24:E3:5C:F4:CE:8F:62:34:AE:98:CE:A2:79:B3:88:2D:92:32:2A:87:3C:51:03:9D:84"}}},"request":{"raw":"GET /adventure.webp HTTP/1.1\r\nHost: phgintolucky.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://phgintolucky.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 02:48:30 GMT\r\ncontent-type: image/webp\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=43200\r\nexpires: Fri, 26 Dec 2025 14:48:30 GMT\r\nserver: cloudflare\r\ncf-cache-status: MISS\r\nlast-modified: Fri, 26 Dec 2025 02:48:30 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zJYnqSCfxD4luE6Y1vzTh5gGmmx5Zw0%2Br82gQogt%2B%2FgHU9wsXoMY9t15I9ZLoAYFZMecaw3GB6WlkmHpKa6ldoZ%2B%2FH6RD6meyEtxednCetw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b3d4271692fc272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":33806,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 512x512, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"0252fff39284291b2f36cce5ad31f04b","sha1":"a0b018d8c7ee31e92c99cc8afee46c42b7ab144a","sha256":"794904bfd5aaa49bb98a368b9918510ab25da0f14c71ded313e930a26875a51e","sha512":"c1883de1ef9f309f8c14a062e208c18d114d6916a5870976f460b062236cc1c6025eb473e987d5e36073cad0e494b8af5fb62d4987a7e410ef3135bf3869690e","ssdeep":"768:sJnXa7gU1xo8oPIQD2v9PmxO3rfRIxKQgvaUh2GY:yXKx5oQQS1OxO3rOWY","tlshash":"bde2012aad46fc98adf8b9b061704ec85d7f17e40908dd699f81bc6d21e61723388470","first_seen":"2025-12-26T02:48:56.625673Z","last_seen":"2025-12-26T02:48:56.625673Z","times_seen":1,"resource_available":false,"data":null}},"time_used":651,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":502,"receive":149,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"phgintolucky.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"phgintolucky.com/puzzle.webp","fqdn":"phgintolucky.com","domain":"phgintolucky.com","tld":"com"},"ip":{"addr":"104.21.50.88","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://phgintolucky.com/","date":"2025-12-26T02:48:29.710Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phgintolucky.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 19:36:53 GMT","end":"Wed, 25 Mar 2026 20:35:26 GMT"},"fingerprint":{"sha1":"4D:FD:FD:E8:57:AE:AC:19:04:4F:C7:33:B5:67:EC:5B:EE:8A:24:7E","sha256":"41:BE:75:17:86:4F:77:24:E3:5C:F4:CE:8F:62:34:AE:98:CE:A2:79:B3:88:2D:92:32:2A:87:3C:51:03:9D:84"}}},"request":{"raw":"GET /puzzle.webp HTTP/1.1\r\nHost: phgintolucky.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://phgintolucky.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 02:48:30 GMT\r\ncontent-type: image/webp\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=43200\r\nexpires: Fri, 26 Dec 2025 14:48:30 GMT\r\nserver: cloudflare\r\ncf-cache-status: MISS\r\nlast-modified: Fri, 26 Dec 2025 02:48:30 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5sT1bTLhNwM1iQkL7PBiG1QG2nH%2BHsS6NmUj0cQArj4cOLkfxL8xt9mG%2Fb%2BXHd6ygnISdKXbDayhL96rWGm3MnycfcXKWf8dU%2BU4lW2YxDA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b3d42716933c272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16564,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 512x512, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"4cda791b907023ba4547835441ef9c7d","sha1":"681662fc594e598bfb7fd4736be0544d5a2cd7a5","sha256":"c0352c6af231ddcbb621773159d4b037cb786685a3130877e329a039b2a126ad","sha512":"e85661cb0d8077e9a878a7028a1498940504015babeea09d0a5c81fba5f97daf60a054445af2aeae43657564561faee9f4fe30a3ec3a61ce7d5cf5c0f25b858e","ssdeep":"384:gOlzLeWdh9MAnx/hWNWfCmIQ7Q6ylGUgWL:eSHQWfVhQRgWL","tlshash":"3772c04bc4ee96727796ea427897f6d2d2334e7cbce72423771a10621b91012faed052","first_seen":"2025-12-26T02:48:56.628033Z","last_seen":"2025-12-26T02:48:56.628033Z","times_seen":1,"resource_available":false,"data":null}},"time_used":674,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":524,"receive":150,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"phgintolucky.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"phgintolucky.com/images/ux_mobile_1757141097928_5p8p9wxem.webp","fqdn":"phgintolucky.com","domain":"phgintolucky.com","tld":"com"},"ip":{"addr":"104.21.50.88","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://phgintolucky.com/","date":"2025-12-26T02:48:29.722Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phgintolucky.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 19:36:53 GMT","end":"Wed, 25 Mar 2026 20:35:26 GMT"},"fingerprint":{"sha1":"4D:FD:FD:E8:57:AE:AC:19:04:4F:C7:33:B5:67:EC:5B:EE:8A:24:7E","sha256":"41:BE:75:17:86:4F:77:24:E3:5C:F4:CE:8F:62:34:AE:98:CE:A2:79:B3:88:2D:92:32:2A:87:3C:51:03:9D:84"}}},"request":{"raw":"GET /images/ux_mobile_1757141097928_5p8p9wxem.webp HTTP/1.1\r\nHost: phgintolucky.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://phgintolucky.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 02:48:29 GMT\r\ncontent-type: image/webp\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=43200\r\nexpires: Fri, 26 Dec 2025 14:48:29 GMT\r\nserver: cloudflare\r\ncf-cache-status: MISS\r\nlast-modified: Fri, 26 Dec 2025 02:48:29 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6nP0wecPW2vPQ3V5JqTVkCi2lLBKIfwN2XCgEpQa9eGS5ELspVZ7reGIO2SF%2F7Df2SS8r1mMWJn83Vrsz7ckyK6wk0Wpfkq7xf137tfFvQY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b3d42716936c272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2108,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 80x80, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"788afc70fead01383760d04ed3d9948a","sha1":"d0c58060fe2beb4f6f5a45a74edb550d098739fa","sha256":"1ab4326898a15e3d0a43897ae36526c18ae5d111fb55785585ecf2fd6bc6f45e","sha512":"2675f3d49bbd241f6b429db86e7549c99fddbc3202c92b5590b6f0fcf297719df37049635fd14ae77d0aea54becd106621c09a282aa19c0f87c47f91646f5403","ssdeep":"","tlshash":"61414c01071f589dc0045e727de49aa5a9e34c6bc27c98d4234f043214f26eb93437f8","first_seen":"2025-10-18T16:38:26.986123Z","last_seen":"2026-04-05T11:16:00.423152Z","times_seen":73,"resource_available":false,"data":null}},"time_used":317,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":317,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"phgintolucky.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"phgintolucky.com/rise-of-online-gaming-7.webp","fqdn":"phgintolucky.com","domain":"phgintolucky.com","tld":"com"},"ip":{"addr":"104.21.50.88","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://phgintolucky.com/","date":"2025-12-26T02:48:29.729Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phgintolucky.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 19:36:53 GMT","end":"Wed, 25 Mar 2026 20:35:26 GMT"},"fingerprint":{"sha1":"4D:FD:FD:E8:57:AE:AC:19:04:4F:C7:33:B5:67:EC:5B:EE:8A:24:7E","sha256":"41:BE:75:17:86:4F:77:24:E3:5C:F4:CE:8F:62:34:AE:98:CE:A2:79:B3:88:2D:92:32:2A:87:3C:51:03:9D:84"}}},"request":{"raw":"GET /rise-of-online-gaming-7.webp HTTP/1.1\r\nHost: phgintolucky.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://phgintolucky.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 02:48:30 GMT\r\ncontent-type: image/webp\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=43200\r\nexpires: Fri, 26 Dec 2025 14:48:30 GMT\r\nserver: cloudflare\r\ncf-cache-status: MISS\r\nlast-modified: Fri, 26 Dec 2025 02:48:30 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=F0Rm8unGYtmICljW9dBwZuYP%2F0Nts6yUZbbBj3c3ehMRGKxQ755yNQFcDihc3Hb%2Fd7fErrolz9b9GDEBy6dFY32DTX7edY%2BM1yXaN5J%2FqUs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b3d4271793dc272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15810,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 512x512, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"00af52facc4d6e5e00be55ba5dc742d7","sha1":"a41e00158739573dff8c95a5772370877275fcd0","sha256":"646bb7e090fa4bbdf7c104f34596c4f1b983275cd8295f3cbc76b87c01894837","sha512":"f046fe0658abb76ca9fd1a8b4e01cf2660d6d704d4e11070dfce85da30e2a2b1de0706f8ed79f00fdc13d089a8dcb634dde3287824e5c08852babab821bc4b6d","ssdeep":"384:fZ7ZLirYjoPzPVVdP8FTBvzGV4bGcI59Rpno:fZGYC8FTB7GAUzo","tlshash":"5862d1e1d40db84aa35196e67e26c70783b09fcaf0a18c7ad1f50f99f993558054d047","first_seen":"2025-12-26T02:48:56.631277Z","last_seen":"2025-12-26T02:48:56.631277Z","times_seen":1,"resource_available":false,"data":null}},"time_used":681,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":514,"receive":167,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"phgintolucky.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"phgintolucky.com/gaming-evolutions-2020s.webp","fqdn":"phgintolucky.com","domain":"phgintolucky.com","tld":"com"},"ip":{"addr":"104.21.50.88","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://phgintolucky.com/","date":"2025-12-26T02:48:29.732Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phgintolucky.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 19:36:53 GMT","end":"Wed, 25 Mar 2026 20:35:26 GMT"},"fingerprint":{"sha1":"4D:FD:FD:E8:57:AE:AC:19:04:4F:C7:33:B5:67:EC:5B:EE:8A:24:7E","sha256":"41:BE:75:17:86:4F:77:24:E3:5C:F4:CE:8F:62:34:AE:98:CE:A2:79:B3:88:2D:92:32:2A:87:3C:51:03:9D:84"}}},"request":{"raw":"GET /gaming-evolutions-2020s.webp HTTP/1.1\r\nHost: phgintolucky.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://phgintolucky.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 02:48:30 GMT\r\ncontent-type: image/webp\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=43200\r\nexpires: Fri, 26 Dec 2025 14:48:29 GMT\r\nserver: cloudflare\r\ncf-cache-status: MISS\r\nlast-modified: Fri, 26 Dec 2025 02:48:30 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UANw95wtxf7Y1m4YTiZ51WuIEX680N82eQtXnmtRTqjU4W77hhoThx43At%2FiEU8WkR%2BH0WqSPUnYSbJwjlV7%2BmL%2BcX807xALaUT8TehHDBg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b3d4271793ec272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16954,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 512x512, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"1f544dabbfe5be6d1a2df748b10e7508","sha1":"e39ebabd83fbc876b56ea8868e58f7a0551ae4d7","sha256":"2f109cd9f56f68374aa9038ccfeba365e39bfcea701fe5de268d7c38726526af","sha512":"786ae57910f4c043df92aaffe67b566519de0fe203e0c2322dc159af47e73181ac9db1a3ea6a81e379cafc33f5185e1fdc05ecaac3272b47c062b3519e98be1b","ssdeep":"384:bC9k5UQUzbHlHMrHE6aoE8QFl65IK4In8QjrH/LDlra7uLKa5:kRzbt0HE6E8mYH4iPRa7Yj","tlshash":"ea72c08358c63cf5fbf41835835ceeda74ada4b212915c18d1e9c1919afb4ba104ba45","first_seen":"2025-12-26T02:48:56.633536Z","last_seen":"2025-12-26T02:48:56.633536Z","times_seen":1,"resource_available":false,"data":null}},"time_used":666,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":509,"receive":157,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"phgintolucky.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"phgintolucky.com/css/common.css","fqdn":"phgintolucky.com","domain":"phgintolucky.com","tld":"com"},"ip":{"addr":"104.21.50.88","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://phgintolucky.com/","date":"2025-12-26T02:48:29.682Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phgintolucky.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 19:36:53 GMT","end":"Wed, 25 Mar 2026 20:35:26 GMT"},"fingerprint":{"sha1":"4D:FD:FD:E8:57:AE:AC:19:04:4F:C7:33:B5:67:EC:5B:EE:8A:24:7E","sha256":"41:BE:75:17:86:4F:77:24:E3:5C:F4:CE:8F:62:34:AE:98:CE:A2:79:B3:88:2D:92:32:2A:87:3C:51:03:9D:84"}}},"request":{"raw":"GET /css/common.css HTTP/1.1\r\nHost: phgintolucky.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://phgintolucky.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 02:48:29 GMT\r\ncontent-type: text/css\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\ncache-control: public, max-age=43200\r\nexpires: Fri, 26 Dec 2025 14:48:29 GMT\r\nserver: cloudflare\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nlast-modified: Fri, 26 Dec 2025 02:48:29 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=y7Do%2Fsynd%2B0ZoKCauXQ2mzVmymAPO5mYOEJZ9tbG0nYOBm0NFgvKfvv7h%2BkrQXAkjIuYQc4D8NhJz5Ja21WlNx6gkPQ5cLlJkutkohvQHOU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b3d42714923c272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5829,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"e98644903980bea5a4363b7d9c4b913d","sha1":"d6b16788c3c5782d014313b50744d76507244376","sha256":"06d69b2b134631c0d8485875bc9a385fda50cb572618e1e9f3928a128677eceb","sha512":"8968cc429a76cb958646b266fde5e2553201364b9be00eff98429b8eaa41a39b1f31fbe56d041f0665d5139f2017a15b7a6f68b49ddd9b99effd4b87a21a52b5","ssdeep":"96:MYZKvGP55PHVeRykLRNrr6dUb2bmWY2S2ZPs8ngIighutuHp/ysf5ql+sPDtEA+u:rSI55PHURykLRNrr6dUbLWY2S2xs8gIi","tlshash":"e8c1d005aab31555681f956d77fbc34823bcc0438e4ece6c3ace57548f8b2a5a052f8d","first_seen":"2025-10-18T16:38:27.006433Z","last_seen":"2026-04-05T11:16:00.411335Z","times_seen":73,"resource_available":false,"data":null}},"time_used":351,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":351,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"phgintolucky.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"phgintolucky.com/action.webp","fqdn":"phgintolucky.com","domain":"phgintolucky.com","tld":"com"},"ip":{"addr":"104.21.50.88","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://phgintolucky.com/","date":"2025-12-26T02:48:29.703Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phgintolucky.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 19:36:53 GMT","end":"Wed, 25 Mar 2026 20:35:26 GMT"},"fingerprint":{"sha1":"4D:FD:FD:E8:57:AE:AC:19:04:4F:C7:33:B5:67:EC:5B:EE:8A:24:7E","sha256":"41:BE:75:17:86:4F:77:24:E3:5C:F4:CE:8F:62:34:AE:98:CE:A2:79:B3:88:2D:92:32:2A:87:3C:51:03:9D:84"}}},"request":{"raw":"GET /action.webp HTTP/1.1\r\nHost: phgintolucky.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://phgintolucky.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 02:48:30 GMT\r\ncontent-type: image/webp\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=43200\r\nexpires: Fri, 26 Dec 2025 14:48:30 GMT\r\nserver: cloudflare\r\ncf-cache-status: MISS\r\nlast-modified: Fri, 26 Dec 2025 02:48:30 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ymghx0p%2BzE5vaBDdc1zS96%2B4UWTfdwALlDfzRLRdOxKAvMvQ4jyX2ahUuD267vG1MEfl%2FzUxy0h1WtikClyNZGxzaBgmVD8G7OGHUJJJ0hw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b3d4271692dc272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":28442,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 512x512, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"3aef8e15ba5cbc13eff47bb156b0376f","sha1":"12bbc3f388fe514efaee67529f5d18334eea25cb","sha256":"d28e5ffa991b674529323416b5a40b33af0574661e6c70545ed2d357b03cc475","sha512":"919d6127f0fb35965361030f750a42d24c6da3b7b2c93be4d5758991c007d8680f52f38e1859ff8370af5e6159ddd94994760ba06342258a78780613133e2a57","ssdeep":"768:iKCF9T0qjlJKFOuL00codNid6PNsglxWOzo/WHrKs:TCFppjlmOuL9dw6FsQWPWH2s","tlshash":"a2d2f11d9155be2eb8f4748da6a330bef2e73c11d8516d0c37624a0a5c364a813fa32f","first_seen":"2025-12-26T02:48:56.636256Z","last_seen":"2025-12-26T02:48:56.636256Z","times_seen":1,"resource_available":false,"data":null}},"time_used":648,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":499,"receive":149,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"phgintolucky.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"phgintolucky.com/arcade.webp","fqdn":"phgintolucky.com","domain":"phgintolucky.com","tld":"com"},"ip":{"addr":"104.21.50.88","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://phgintolucky.com/","date":"2025-12-26T02:48:29.706Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phgintolucky.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 19:36:53 GMT","end":"Wed, 25 Mar 2026 20:35:26 GMT"},"fingerprint":{"sha1":"4D:FD:FD:E8:57:AE:AC:19:04:4F:C7:33:B5:67:EC:5B:EE:8A:24:7E","sha256":"41:BE:75:17:86:4F:77:24:E3:5C:F4:CE:8F:62:34:AE:98:CE:A2:79:B3:88:2D:92:32:2A:87:3C:51:03:9D:84"}}},"request":{"raw":"GET /arcade.webp HTTP/1.1\r\nHost: phgintolucky.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://phgintolucky.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 02:48:30 GMT\r\ncontent-type: image/webp\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=43200\r\nexpires: Fri, 26 Dec 2025 14:48:29 GMT\r\nserver: cloudflare\r\ncf-cache-status: MISS\r\nlast-modified: Fri, 26 Dec 2025 02:48:30 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xmSiLIxRHIVICNHe%2BrhMwe8bMSmNJc%2FjLSgDoLxkZMRKDheLguisBkGUTQNQP1H0zBlGwunlw6QhVsAct9LapTM6Bta6VSr4YOrd1z3vS0w%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b3d42716930c272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10002,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 512x512, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"5ca9760f5ec3567b62d7ab9d39012ced","sha1":"3bcbcc043bb8b28e7f1d715cc12490cbaa2476e6","sha256":"dd16f5583d678f7141965cab07ad2bc177a0bef622d1f4507a7d971789196fb2","sha512":"bb07fde588d156cb97eb64a58f36ec7034df7692fbe2f6cb31b3f65ce693340a82274d195755e4cf1a11012db4eb9da684f877e194a189c7eb388f6362a319ad","ssdeep":"192:iGD+cGVigzIS2vGINy0qZ/iYPwQKc40eVpAFtOe4/Vx1:ic2OS2TNy0wgoeVuOeU","tlshash":"bd22c0c86ca7baf71c72671a1ec45bc5a44341c0056ca2f6bf83738a0bb436724c1dca","first_seen":"2025-12-26T02:48:56.637993Z","last_seen":"2025-12-26T02:48:56.637993Z","times_seen":1,"resource_available":false,"data":null}},"time_used":494,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":493,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"phgintolucky.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"phgintolucky.com/rise-of-gaming-0.webp","fqdn":"phgintolucky.com","domain":"phgintolucky.com","tld":"com"},"ip":{"addr":"104.21.50.88","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://phgintolucky.com/","date":"2025-12-26T02:48:29.737Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phgintolucky.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 19:36:53 GMT","end":"Wed, 25 Mar 2026 20:35:26 GMT"},"fingerprint":{"sha1":"4D:FD:FD:E8:57:AE:AC:19:04:4F:C7:33:B5:67:EC:5B:EE:8A:24:7E","sha256":"41:BE:75:17:86:4F:77:24:E3:5C:F4:CE:8F:62:34:AE:98:CE:A2:79:B3:88:2D:92:32:2A:87:3C:51:03:9D:84"}}},"request":{"raw":"GET /rise-of-gaming-0.webp HTTP/1.1\r\nHost: phgintolucky.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://phgintolucky.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 02:48:30 GMT\r\ncontent-type: image/webp\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=43200\r\nexpires: Fri, 26 Dec 2025 14:48:30 GMT\r\nserver: cloudflare\r\ncf-cache-status: MISS\r\nlast-modified: Fri, 26 Dec 2025 02:48:30 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XY8DZK%2F%2FPc2Xp6cZT9q3GIht3mT11UKxSt%2B798cmt3lwmxuaIGgB72zZWzjSbCA5VjhSBZI74J%2FonPVfe4vLnMiwkGs3oB1QpOOa2u0Ur2A%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b3d42717941c272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16806,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 512x512, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"58be9cbb92615e63294515041fc9a812","sha1":"83aa8bc2844800b0eaff9714b1289c72d85bf16a","sha256":"6446d85f2b0b44cd6acbe79b33096b3c96d597fd71ef7d24226f60a11d8f84bc","sha512":"dd299afc40895f318248336f86bfdb81beac9bde3077f06071430d70e70fe872293a15cbdcc9077ece41c6d8963d963a26bb096b34482b8e994470771a3b490f","ssdeep":"384:z5u3eSuHgjNLakIltl8LwGRvZU+xmqPFI5VnLZ5j1tb4Dx:+uWNGDlgRhDmqPFI5Vnt5jzb4Dx","tlshash":"c472cfae1e1fefc47ee445bd84899381c4d9cc1d0f906b96ab42ddf734416b47e8211a","first_seen":"2025-12-26T02:48:56.639554Z","last_seen":"2025-12-26T02:48:56.639554Z","times_seen":1,"resource_available":false,"data":null}},"time_used":678,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":512,"receive":166,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"phgintolucky.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mifengyyds6688.com/phgx/phgx3-800-60.gif","fqdn":"mifengyyds6688.com","domain":"mifengyyds6688.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://phgintolucky.com/","date":"2025-12-26T02:48:29.738Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cc78c670.sni.cloudflaressl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 08 Nov 2025 11:41:04 GMT","end":"Fri, 06 Feb 2026 12:40:56 GMT"},"fingerprint":{"sha1":"E6:9A:56:D6:3E:1D:39:9A:BF:DA:93:EA:C7:BF:E3:8E:C1:5C:AC:2B","sha256":"EC:FA:DD:93:C1:EC:D2:D7:33:10:B3:EA:57:B7:95:96:DF:C5:0B:FA:1D:F9:C9:61:D1:4E:37:69:75:57:7D:A5"}}},"request":{"raw":"GET /phgx/phgx3-800-60.gif HTTP/1.1\r\nHost: mifengyyds6688.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://phgintolucky.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 26 Dec 2025 02:48:29 GMT\r\ncontent-type: image/gif\r\ncontent-length: 163201\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=26aHZ3JLRo0L%2Fr7XAqnIBayStBmWl8dxDXQVC4sdGTdLWDFV6Mu0AQl9Dwcn%2FhJwGTqY4ncLxbkP%2BcoiSc40uoruJ6NaDO9wDrJ6NbeQImg%3D\"}]}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\naccept-ranges: bytes\r\netag: \"fc6a12580a5405a8498ed488882f41e6\"\r\nlast-modified: Fri, 17 Oct 2025 14:00:47 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nage: 6435\r\ncache-control: max-age=14400\r\ncf-ray: 9b3d42717b3556a9-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":163201,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 800 x 60","md5":"fc6a12580a5405a8498ed488882f41e6","sha1":"aef8346bb9d5abe8ad4fbebec0df46b4e259d2c1","sha256":"5e369a1f6f3b1daa59bb887901b590b69ee48fe6e07114eb2548b370587c351d","sha512":"90cfd8e8329b6edc985cacba549cee92a233e7c217c6e0ea2dbedcfb6500d061664fa49bf69811e9c7fbb7a45f1dca4f247edca8f3ce16927f0e1016582c4457","ssdeep":"3072:mxZZAYnBnoOLJNYnBnoOLJNYnBnoioz2+c53zKjmjUS2BCal4qjmjUS2BCal4qja:GwYnJNYnJNYn/F53zKi4ZB34qi4ZB341","tlshash":"9ff3024bb7c3cb91995c982222db576b157520db9a77156ef9c910e2b323c1ac20f4cf","first_seen":"2025-10-18T16:38:26.990341Z","last_seen":"2026-04-05T03:56:37.516523Z","times_seen":241,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"phgintolucky.com/js/common.js","fqdn":"phgintolucky.com","domain":"phgintolucky.com","tld":"com"},"ip":{"addr":"104.21.50.88","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://phgintolucky.com/","date":"2025-12-26T02:48:29.739Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phgintolucky.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 19:36:53 GMT","end":"Wed, 25 Mar 2026 20:35:26 GMT"},"fingerprint":{"sha1":"4D:FD:FD:E8:57:AE:AC:19:04:4F:C7:33:B5:67:EC:5B:EE:8A:24:7E","sha256":"41:BE:75:17:86:4F:77:24:E3:5C:F4:CE:8F:62:34:AE:98:CE:A2:79:B3:88:2D:92:32:2A:87:3C:51:03:9D:84"}}},"request":{"raw":"GET /js/common.js HTTP/1.1\r\nHost: phgintolucky.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://phgintolucky.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 02:48:29 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\ncache-control: public, max-age=43200\r\nexpires: Fri, 26 Dec 2025 14:48:29 GMT\r\nserver: cloudflare\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nlast-modified: Fri, 26 Dec 2025 02:48:29 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1%2FIS5hRJWJ5rgPhI%2FjWiYPcgShQ%2BARkwloqar4Qztcb0Moa1xJBNYnRlCNJ%2BGtoFbFJ9bVgBqNKBdzVsHSPtDuR8y3pqMTf60RRBDI1xfps%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b3d42717942c272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2062,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with CRLF line terminators","md5":"307f58678bb3a1e748b673d7399e03bf","sha1":"16a921fa1c6da4f953e5e89f9184a4455ef2c96a","sha256":"bfcf1e4057d69835d1cebb93281e2dc0f4e1afe6622040c65c89edf579dd324e","sha512":"7ff4dc21f931c77340576368008c43cbc899b5acf672759cc0d14794f594bb940f1fe2382c6fa7dd2fcfbcc06150c39ef35a7451e35c286ccd9348bb9bbd556f","ssdeep":"","tlshash":"42410326b2006077887626e6eb8715d8fe2d50eb620241517d5edb0d0f734c45db2efe","first_seen":"2025-10-18T16:38:26.993795Z","last_seen":"2026-04-05T11:16:00.433804Z","times_seen":73,"resource_available":true,"data":null}},"time_used":314,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":314,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"phgintolucky.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"phgintolucky.com/gaming-innovations-trends.webp","fqdn":"phgintolucky.com","domain":"phgintolucky.com","tld":"com"},"ip":{"addr":"104.21.50.88","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://phgintolucky.com/","date":"2025-12-26T02:48:29.730Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phgintolucky.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 19:36:53 GMT","end":"Wed, 25 Mar 2026 20:35:26 GMT"},"fingerprint":{"sha1":"4D:FD:FD:E8:57:AE:AC:19:04:4F:C7:33:B5:67:EC:5B:EE:8A:24:7E","sha256":"41:BE:75:17:86:4F:77:24:E3:5C:F4:CE:8F:62:34:AE:98:CE:A2:79:B3:88:2D:92:32:2A:87:3C:51:03:9D:84"}}},"request":{"raw":"GET /gaming-innovations-trends.webp HTTP/1.1\r\nHost: phgintolucky.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://phgintolucky.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 02:48:30 GMT\r\ncontent-type: image/webp\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=43200\r\nexpires: Fri, 26 Dec 2025 14:48:30 GMT\r\nserver: cloudflare\r\ncf-cache-status: MISS\r\nlast-modified: Fri, 26 Dec 2025 02:48:30 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dUmg5AuJBI8Z7kz35%2Bo8NLCTz2WJg%2FZ8as6Pqm2SE8AbR4%2BvOB2FnNzXpC%2FEr78viA%2FPvna11TGwXm%2FpaY7OqF5hO69Q%2BnYsVQMuBo%2FwZww%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b3d4271793cc272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20618,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 512x512, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"56afafe2da4f3c6f479af6f9416dfc3d","sha1":"ff694638958f78aa463623ef89dc11eedce921a2","sha256":"8b168fed38f5a5d37eb6b4575284640b11749d5fbe9ece7db133f2b63e7d804e","sha512":"a4ba3bc10750de51329734af0848524056b63d2d25d09c47ed996c9f4ce403479a67d6acd67b43b38abea1380a779de1ef059456cbe17a24b26e0f01c1f5e7bb","ssdeep":"384:lg06OLvHKfxVGejIqxs12dctz0WO0ghJv7r8t/1GctqaURkPBVYmMaUe:67Oa0q6yUmhd0tNGc6R8V0le","tlshash":"d392d048112f92249b22729554738b56c01830698e00436f53baaf95fb5ef9b8afe3f5","first_seen":"2025-12-26T02:48:56.674483Z","last_seen":"2025-12-26T02:48:56.674483Z","times_seen":1,"resource_available":false,"data":null}},"time_used":684,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":518,"receive":166,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"phgintolucky.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"phgintolucky.com/images/hero_main_1757140870367_84vhfjtj7.webp","fqdn":"phgintolucky.com","domain":"phgintolucky.com","tld":"com"},"ip":{"addr":"104.21.50.88","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://phgintolucky.com/","date":"2025-12-26T02:48:29.690Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phgintolucky.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 19:36:53 GMT","end":"Wed, 25 Mar 2026 20:35:26 GMT"},"fingerprint":{"sha1":"4D:FD:FD:E8:57:AE:AC:19:04:4F:C7:33:B5:67:EC:5B:EE:8A:24:7E","sha256":"41:BE:75:17:86:4F:77:24:E3:5C:F4:CE:8F:62:34:AE:98:CE:A2:79:B3:88:2D:92:32:2A:87:3C:51:03:9D:84"}}},"request":{"raw":"GET /images/hero_main_1757140870367_84vhfjtj7.webp HTTP/1.1\r\nHost: phgintolucky.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://phgintolucky.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 02:48:29 GMT\r\ncontent-type: image/webp\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=43200\r\nexpires: Fri, 26 Dec 2025 14:48:29 GMT\r\nserver: cloudflare\r\ncf-cache-status: MISS\r\nlast-modified: Fri, 26 Dec 2025 02:48:29 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Qgps%2BWjx0xFP0PX0lZLgl9tBOVk9Z%2FxmDeUfa%2Ff5DtHikA%2Bnudo4zbZOPRa3BcN1fYXq2gegJrfBZvvmoZLkLu0VyLlzN%2Bo5x8xtRxRvy3s%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b3d42715925c272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":170812,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x800, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"f20b63db980bbfb15be4d5e2b4522984","sha1":"e1c9a9aed5502f88e9166a5a2fb11f0fda2fa9fa","sha256":"3e36805faccc41ed9d3a2d16e6989e8e5721b0d1bc35cc426caba87068f17a32","sha512":"f37bbc53babc7b7033104798877d1cae6313868bc62c4da3866853759bfc73ff04f359523f373573d13a49a0f6f69d65b86ae6a46e6e350cab19c075dd23b0d6","ssdeep":"3072:4EnVZ0MBHVEpcwadZ/RGDnvnNJu5l8JAYs/QOp8f+kuOBF8jzfZhouUbaIxni:4EZHEpc3ZsNkXoQmJDF8/Yuyjxni","tlshash":"58f3225ca1d27c01be5d034b70d74016c7f3bbb02e7747fae4929652bca9d891a68f18","first_seen":"2025-10-18T16:38:26.971655Z","last_seen":"2026-04-05T11:16:00.408873Z","times_seen":73,"resource_available":false,"data":null}},"time_used":770,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":311,"receive":459,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"phgintolucky.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"phgintolucky.com/images/promo_bonus_1757140912943_3sna8dniy.webp","fqdn":"phgintolucky.com","domain":"phgintolucky.com","tld":"com"},"ip":{"addr":"104.21.50.88","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://phgintolucky.com/","date":"2025-12-26T02:48:29.695Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phgintolucky.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 19:36:53 GMT","end":"Wed, 25 Mar 2026 20:35:26 GMT"},"fingerprint":{"sha1":"4D:FD:FD:E8:57:AE:AC:19:04:4F:C7:33:B5:67:EC:5B:EE:8A:24:7E","sha256":"41:BE:75:17:86:4F:77:24:E3:5C:F4:CE:8F:62:34:AE:98:CE:A2:79:B3:88:2D:92:32:2A:87:3C:51:03:9D:84"}}},"request":{"raw":"GET /images/promo_bonus_1757140912943_3sna8dniy.webp HTTP/1.1\r\nHost: phgintolucky.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://phgintolucky.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 02:48:29 GMT\r\ncontent-type: image/webp\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=43200\r\nexpires: Fri, 26 Dec 2025 14:48:29 GMT\r\nserver: cloudflare\r\ncf-cache-status: MISS\r\nlast-modified: Fri, 26 Dec 2025 02:48:29 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9k41upSsdKwZ1rxyG%2FkM9FQyeIvx7US5vnExIMjrlU9Q49PCFaTJecuM5igRzuxO6vpRJ7vqgtI2L07v%2BDk67RsQRwwbnsnsXA85uMs%2F5pY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b3d42715927c272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10336,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 150x150, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"9e8cf823f4b5a3ef939d962256ff452e","sha1":"ef6a9759bf3c0240345a13f819370e0560e76ad5","sha256":"ae4fd73dfed2ade4a0991957a139ff4bc53351f845dccd3c82e932dad1c8cb5c","sha512":"182e743eb4bb1dfd5e9964d208c14732ae5f6cf48875b50b35f0022f7115f2a6c5e5af0cf3a34c1223dc4a3d25b78fcb210a6179cead40967bc6215efcfa5330","ssdeep":"192:7f7lZxGNZ+CcHYd0Pj0L0T8TEojS4p5I3pvu2X73BHoAF2QLUsJGe53:z7lZx0Z+hYwy68TJS4pK3g2X73/SSGU","tlshash":"fd22ce52ac11921ff3b9741a700fdeda70a8c086be1e8b8ded620063ba3355ee4c1d49","first_seen":"2025-10-18T16:38:26.954655Z","last_seen":"2026-04-05T11:16:00.428293Z","times_seen":73,"resource_available":false,"data":null}},"time_used":317,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":317,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"phgintolucky.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"phgintolucky.com/racing.webp","fqdn":"phgintolucky.com","domain":"phgintolucky.com","tld":"com"},"ip":{"addr":"104.21.50.88","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://phgintolucky.com/","date":"2025-12-26T02:48:29.711Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phgintolucky.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 19:36:53 GMT","end":"Wed, 25 Mar 2026 20:35:26 GMT"},"fingerprint":{"sha1":"4D:FD:FD:E8:57:AE:AC:19:04:4F:C7:33:B5:67:EC:5B:EE:8A:24:7E","sha256":"41:BE:75:17:86:4F:77:24:E3:5C:F4:CE:8F:62:34:AE:98:CE:A2:79:B3:88:2D:92:32:2A:87:3C:51:03:9D:84"}}},"request":{"raw":"GET /racing.webp HTTP/1.1\r\nHost: phgintolucky.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://phgintolucky.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 02:48:30 GMT\r\ncontent-type: image/webp\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=43200\r\nexpires: Fri, 26 Dec 2025 14:48:29 GMT\r\nserver: cloudflare\r\ncf-cache-status: MISS\r\nlast-modified: Fri, 26 Dec 2025 02:48:30 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OyodRwKE78LoL2iv%2BSQsAkXDsMUW%2F54gl95g9a1fIeiVoR50dEthB%2F%2FNgcTQxymKMc3qcaMDVY2AC6g5D%2F3PtMuHk6DsHH9wu6Hb4Oqku1Y%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b3d42716935c272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18144,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 512x512, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"d920e988a14d198997d535fc01ec5a5b","sha1":"c2f7223f303d1471768a656016d1b2781b15e330","sha256":"2a337e6836f4fc7eddad6487996037ff88e53c038aa76a59c467b5ead15b7463","sha512":"d5cceb1df3d4efdef8b1bf33b1cf7f122166a1428f2e49f1954dc83cb644b1efe8b7ad4e0462318d1b6d70d8c71e9b576bd0fc73ea33c4e39d71752d63364777","ssdeep":"384:w/QlpXwjoY3NEp4NuT1oBbZFpu6+tT86a4pmNdfNrQkS8vOd6v:w/QlpX9Y3+SY5E/8kymNd1rHNvOwv","tlshash":"f682e171aeb640c17cc37f5d89ed65819fac94d3254e138f21e588f8a3cbea26c9c205","first_seen":"2025-12-26T02:48:56.693095Z","last_seen":"2025-12-26T02:48:56.693095Z","times_seen":1,"resource_available":false,"data":null}},"time_used":618,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":469,"receive":149,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"phgintolucky.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"phgintolucky.com/social-gaming-rise.webp","fqdn":"phgintolucky.com","domain":"phgintolucky.com","tld":"com"},"ip":{"addr":"104.21.50.88","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://phgintolucky.com/","date":"2025-12-26T02:48:29.733Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phgintolucky.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 19:36:53 GMT","end":"Wed, 25 Mar 2026 20:35:26 GMT"},"fingerprint":{"sha1":"4D:FD:FD:E8:57:AE:AC:19:04:4F:C7:33:B5:67:EC:5B:EE:8A:24:7E","sha256":"41:BE:75:17:86:4F:77:24:E3:5C:F4:CE:8F:62:34:AE:98:CE:A2:79:B3:88:2D:92:32:2A:87:3C:51:03:9D:84"}}},"request":{"raw":"GET /social-gaming-rise.webp HTTP/1.1\r\nHost: phgintolucky.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://phgintolucky.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 02:48:30 GMT\r\ncontent-type: image/webp\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncache-control: public, max-age=43200\r\nexpires: Fri, 26 Dec 2025 14:48:30 GMT\r\nserver: cloudflare\r\ncf-cache-status: MISS\r\nlast-modified: Fri, 26 Dec 2025 02:48:30 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=W2sct0suWkWfd8L40L12PiNyp%2Fg19A5M%2BlCoL%2FZRe%2Bslb2cJBPV9cLKpVu0htJZ9B02tPrOm2328dQXVY2FfZbtTjhhambACe5MSyAW4ZIo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b3d4271793fc272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17762,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 512x512, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"8ce477bd65f02d9b5b0b07bb886da0b9","sha1":"6c623e84f0850927a43f6e96e1603da74fb1100d","sha256":"061b1e75edd8cf22b5413ad88a339592d7520cb85482f654505072f022ec761e","sha512":"0d721a844f5c72d76b07d4e0f098fcb20c45596cad1d38a26eabda0b05cfe44ccf6eda349ae945053376fde92f736dbcd5f2e934489c0fbb3647ac8291149a91","ssdeep":"384:IWi2qSvyh3fbG4bWhJ5FU4h/wuXiQcdvH4+O83va4Ix:IWicGPS5WSmvHlal","tlshash":"2082e0bce5a9fed00ac47e770fbfd00195b244e834389a76e6640995932cdb3931c22c","first_seen":"2025-12-26T02:48:56.617548Z","last_seen":"2025-12-26T02:48:56.617548Z","times_seen":1,"resource_available":false,"data":null}},"time_used":656,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":497,"receive":159,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"phgintolucky.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}