{"report_id":"d5699c60-276c-40bc-9d7e-2a83dbc5a08c","version":0,"status":"done","tags":[],"date":"2026-06-07T18:51:26Z","url":{"schema":"http","addr":"wezowin.com","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"172.67.153.68","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"title":"Wezowin - A Leading Online Crypto Casino Built on Blockchain","dom":{"size":516251,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (65536), with no line terminators","md5":"a5e7cd65aad3a0272b12d3486a5f2ea4","sha1":"3ca243211e7ba5d6c4dee17ec70f816bc0ed80d8","sha256":"7da97a61a5ca20b5545cd206003dfeab78849ca17950375fa821ec3079f3c265","sha512":"592776f1c1ac2d7cc97fb54f9cef1fa34696d2d0b3f65b0b84fb02ed4b3300eaf6851ec3f5dd738526c2345e02ce80d65004027f9f1ddd0e00e6ee119dd73fd7","ssdeep":"3072:ovm+yyGyWcoomKC6Wm+yyGyWcoomKC69ZEm+yyGyWcoomKC69rm+yyGyWcoomKCL:oAK25igmXHDPI","tlshash":"14b454e4c200ddaf88b55889f579dfe4d2059720fbbe4e7872888f2a33dd83746255a1","dom_hash":"domhashf8c39b2c1bfac14d0ccdbfc93f28e848","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"wezowin.com","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"172.67.153.68","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-12T18:51:26Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"wezowin.com","ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-05-21","domain_rank":0,"first_seen":"2026-06-07T18:51:29.858075Z","last_seen":"2026-06-07T18:51:29.858075Z","alert_count":178,"request_count":89,"received_data":2451888,"sent_data":48308,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1a6e1178e4bbf5730bd664a49dd3bc24","sha1":"17c3ae3273f9de6afbbdedf2e413dbb3a6722792","sha256":"3814cddd18b2095e01abb745a99e5ada90178e709c09879324c3b623f2d829ea","sha512":"cfb1aab0bf589e33fd12906f448ddbbf7163420a088de513b174304c9ba3a7abcd9b41c98bc4dd51edd0206c1fe4660db9857e3c6163d1bf50c670cefddee509","ssdeep":"","tlshash":"de9002b090c39c5890264186687100160b6c040c01080141132184d810115048e40d8e","size":43,"data":"","first_seen":"2023-03-13T01:07:12Z","last_seen":"2026-06-21T21:31:09.33262Z","times_seen":168534,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1ed179fa9ca9636c684b078ebaa609b7","sha1":"e248aa2dc27f6b8339affce7bb8e0a8c55927764","sha256":"824f9055d888eab034d55ca83557b517d89bb3c132027a517983ef7756ba04e6","sha512":"ef3570cadad06433dd28d02739320f5e81bfb518a7f442fba79e3459d50d4bfb4507cdb205ed8de0d7241ccc8adad5b638d28711d27f0d73ef53c57638bf0216","ssdeep":"48:LttePFteGVWCNnKjLc6v/dG77OUiVrs6FolqteXteQteGBtecyteGVWCNnKjLc6V:LcXPyDawPyDC2nPyD6PyDEFR","tlshash":"2d91ca1bdd0efd103d21ceae546e0f32aad1dc33a4761a2ca62dd9dc41219b657ee8c1","size":4344,"data":"","first_seen":"2026-06-07T18:51:36.812694Z","last_seen":"2026-06-10T16:06:19.473074Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"87789c15d6b3dbb94b28bdcd672aed2f","sha1":"267b3e13eb236b374b5bd0721ef281d09e11343b","sha256":"d7e0d2e507dc8a5b9f31fdca10292e8bfa29a891d12606e4bea729a276d15973","sha512":"704db0010823ebe2f2a5b47362edd06109e8e4d21f5a53659e6291890c8f920778012d13f5ec1dae00bf9ebb55361baa9fe5c1c7646b49e629498bf1c8979075","ssdeep":"48:LQGVWCNnKjLc6v/dG77OUiVXoteGVWCNnKjLc6v/dG77OUiVXqyWtec9tec9teGq:LVPyDUPyDsLPyDoPyD3PyDE","tlshash":"7991981bcd0afd203d20ceae507e0f32aac1dc37a4761a2ca76cd9dc5121a7657e98c1","size":4338,"data":"","first_seen":"2026-06-07T18:51:36.814076Z","last_seen":"2026-06-10T16:06:19.473953Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"48a30c28630a8a067f292126301ea9ee","sha1":"3fa2deb03cd70a67d2df76d4dd6f88b49bd27d40","sha256":"a9ad092323596b2a9e3398af288fa451853c98ccb3679f01ffe71b9b6678949e","sha512":"943d9167d02627cbb63b88cd18198ff22bb03ede001f4d502d44d5fd44a1dbe0a23afe7484e1a8cdaeab3489b046e071a2cab6d54a85d12512aba9e98f3cc59f","ssdeep":"","tlshash":"0841001ace0efd113d21ceae542e0f36aec0cc379176552db66cda9c522297617de8c1","size":2194,"data":"","first_seen":"2026-06-07T18:51:36.815728Z","last_seen":"2026-06-10T16:06:19.474837Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"db11281163971d1811c3be69a8138f95","sha1":"be9cfab67ffe3e1f417b3e8688852d89f27b11a1","sha256":"9398beecae8166f0eab4480be040f205b93c712bcedfe1f0478fe42cf5eeea37","sha512":"d3e9f134f23b8620034b49edc1cb68a557417498ff1f00a62165ea8915b1101a05b69eecd4bef6c3e16d79c08c3bf2b5060dbf60f48295990d01928719bd8703","ssdeep":"48:LZMAb/+qjSu3OD2Zi/+uj7QnW1Va9Hkk6BpRuLwSD7th0O8RiDEdpDg65p9s6z/N:LT17hp4Ugp+jvO","tlshash":"0a917f0fbc15df02dc3a6c7d113e8e7a14ccce778760d9b9819ecd491a066b22bd9881","size":4351,"data":"","first_seen":"2026-06-07T18:51:36.816751Z","last_seen":"2026-06-08T09:16:09.133816Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"401a08438867eb1f9f192503d7380b0d","sha1":"76b25fd246e5cf25c759d3a4ecccf8af2f8c4bfd","sha256":"2fd1dee253e88f2ed9db03b081ff9a69ed4fbca3f4eac0326b299e12f914f6ca","sha512":"5d48a3e0b8854660fd3791c71b6ce9bbb9257a9cd3af905a9edfd25836ae7bc290e1dc724ee40af3097bbf643dfaefec4454bead6c080cadfc0d2903521b3027","ssdeep":"","tlshash":"b24126ae6409de5aec6e7c1d083e6c36008d897b4ba4df75c2ddce101a4247d7be68c1","size":2157,"data":"","first_seen":"2026-06-07T18:51:36.817743Z","last_seen":"2026-06-07T18:52:00.147114Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"9c29bdf6e7e2467871737559f1979066","sha1":"ff6b201340c60a7309bc5d86ca2e91f608ea31e3","sha256":"7b024e5a84280f1092dad66c46f642b7a2976054b1e1e7081406d44f4cbff25e","sha512":"884d8b274599f0dcdfb8968fbeb69fa5c3007ff13ea8f4ef0ed0ad54e0974cd9b95e5ee134212520546eb9004c218de4bbdae25346b2c99a9a0abc48056c3300","ssdeep":"1536:rKI7C5+3//yU8fmuAaN1yGNkptBgGOZ8hZFQIxZ+:+2C5+3/6HmufgRtBzHFQIxZ+","tlshash":"4e73f80fa628d66bc5c35d4bb9bf6d7b756c804402d180bc6cfec11c02998bcd6bba94","size":75330,"data":"","first_seen":"2026-05-30T10:48:25.673218Z","last_seen":"2026-06-08T09:16:09.136838Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1579bdf15f121d614ee265bc92ffe4c5","sha1":"98f298c8e9242b97d4878f311d0a32ef2913e465","sha256":"98f9473b555f3ad547d04818a2bf4faf2bcbc8059db14fde9c88fcec054e5ce1","sha512":"e814deca83548ba7904a56e9d23751d99716b9b4eb9455a5e2ef846699e10180001aecc349d17766c7752c6113af43397937ce3f1ae63b21e62e295595f35402","ssdeep":"","tlshash":"b831133d3408d54ffdad781d127e6d3650d9457b07e49a7c9bc8df0148820bd6ba6d81","size":1581,"data":"","first_seen":"2026-05-30T10:48:25.674198Z","last_seen":"2026-06-10T16:06:19.479293Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"20f6029226c5906f47a991dd1b2ccc14","sha1":"32f55f3dbd5e29aab6d8ff2f1834205824fba801","sha256":"f8688629b858b53d50bdc465e6db3686e2669619d4435b93df8115dfd1d58a3c","sha512":"6f66b9a1939a5c4671476865b51374c31e6af2a31e9f6da1cac90e41aecddb2bb1de1f6f58dc5a18bcf0fa4046d5435b68da9ba77d1b515f26cc1e07615a48f2","ssdeep":"","tlshash":"58c0c090dc42cc1cc3660f221c3b0c3921ccc56403854106ddc6ce280d81b300db1ec9","size":185,"data":"","first_seen":"2026-01-04T13:03:57.379578Z","last_seen":"2026-06-20T03:27:53.752735Z","times_seen":74,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ceee8730945e5d972afd3f4cfa29a618","sha1":"da54e15ef1e05e77d7b1fb88d72b3887a2077535","sha256":"1dc66398c54bad9970282e54bf7f95d2a6afccde525ff62e80d782cc641ab3df","sha512":"cf35db9b630a7c0bf00b1c5c419782f89a0810116970c46e2f27697f08b08daf104632bef2823388afe93e5b47921c3f4bac3b3ec3b9b8aac013d26496a727bc","ssdeep":"","tlshash":"8c41c0637c28fd05cb82de0d197b7cb850c9ca92876199baf284cc0040abc346bf0e85","size":2209,"data":"","first_seen":"2026-06-07T18:51:36.820476Z","last_seen":"2026-06-07T18:52:00.149457Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1a6e1178e4bbf5730bd664a49dd3bc24","sha1":"17c3ae3273f9de6afbbdedf2e413dbb3a6722792","sha256":"3814cddd18b2095e01abb745a99e5ada90178e709c09879324c3b623f2d829ea","sha512":"cfb1aab0bf589e33fd12906f448ddbbf7163420a088de513b174304c9ba3a7abcd9b41c98bc4dd51edd0206c1fe4660db9857e3c6163d1bf50c670cefddee509","ssdeep":"","tlshash":"de9002b090c39c5890264186687100160b6c040c01080141132184d810115048e40d8e","size":43,"data":"","first_seen":"2023-03-13T01:07:12Z","last_seen":"2026-06-21T21:31:09.33262Z","times_seen":168534,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1ed179fa9ca9636c684b078ebaa609b7","sha1":"e248aa2dc27f6b8339affce7bb8e0a8c55927764","sha256":"824f9055d888eab034d55ca83557b517d89bb3c132027a517983ef7756ba04e6","sha512":"ef3570cadad06433dd28d02739320f5e81bfb518a7f442fba79e3459d50d4bfb4507cdb205ed8de0d7241ccc8adad5b638d28711d27f0d73ef53c57638bf0216","ssdeep":"48:LttePFteGVWCNnKjLc6v/dG77OUiVrs6FolqteXteQteGBtecyteGVWCNnKjLc6V:LcXPyDawPyDC2nPyD6PyDEFR","tlshash":"2d91ca1bdd0efd103d21ceae546e0f32aad1dc33a4761a2ca62dd9dc41219b657ee8c1","size":4344,"data":"","first_seen":"2026-06-07T18:51:36.812694Z","last_seen":"2026-06-10T16:06:19.473074Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"87789c15d6b3dbb94b28bdcd672aed2f","sha1":"267b3e13eb236b374b5bd0721ef281d09e11343b","sha256":"d7e0d2e507dc8a5b9f31fdca10292e8bfa29a891d12606e4bea729a276d15973","sha512":"704db0010823ebe2f2a5b47362edd06109e8e4d21f5a53659e6291890c8f920778012d13f5ec1dae00bf9ebb55361baa9fe5c1c7646b49e629498bf1c8979075","ssdeep":"48:LQGVWCNnKjLc6v/dG77OUiVXoteGVWCNnKjLc6v/dG77OUiVXqyWtec9tec9teGq:LVPyDUPyDsLPyDoPyD3PyDE","tlshash":"7991981bcd0afd203d20ceae507e0f32aac1dc37a4761a2ca76cd9dc5121a7657e98c1","size":4338,"data":"","first_seen":"2026-06-07T18:51:36.814076Z","last_seen":"2026-06-10T16:06:19.473953Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"48a30c28630a8a067f292126301ea9ee","sha1":"3fa2deb03cd70a67d2df76d4dd6f88b49bd27d40","sha256":"a9ad092323596b2a9e3398af288fa451853c98ccb3679f01ffe71b9b6678949e","sha512":"943d9167d02627cbb63b88cd18198ff22bb03ede001f4d502d44d5fd44a1dbe0a23afe7484e1a8cdaeab3489b046e071a2cab6d54a85d12512aba9e98f3cc59f","ssdeep":"","tlshash":"0841001ace0efd113d21ceae542e0f36aec0cc379176552db66cda9c522297617de8c1","size":2194,"data":"","first_seen":"2026-06-07T18:51:36.815728Z","last_seen":"2026-06-10T16:06:19.474837Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"db11281163971d1811c3be69a8138f95","sha1":"be9cfab67ffe3e1f417b3e8688852d89f27b11a1","sha256":"9398beecae8166f0eab4480be040f205b93c712bcedfe1f0478fe42cf5eeea37","sha512":"d3e9f134f23b8620034b49edc1cb68a557417498ff1f00a62165ea8915b1101a05b69eecd4bef6c3e16d79c08c3bf2b5060dbf60f48295990d01928719bd8703","ssdeep":"48:LZMAb/+qjSu3OD2Zi/+uj7QnW1Va9Hkk6BpRuLwSD7th0O8RiDEdpDg65p9s6z/N:LT17hp4Ugp+jvO","tlshash":"0a917f0fbc15df02dc3a6c7d113e8e7a14ccce778760d9b9819ecd491a066b22bd9881","size":4351,"data":"","first_seen":"2026-06-07T18:51:36.816751Z","last_seen":"2026-06-08T09:16:09.133816Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"401a08438867eb1f9f192503d7380b0d","sha1":"76b25fd246e5cf25c759d3a4ecccf8af2f8c4bfd","sha256":"2fd1dee253e88f2ed9db03b081ff9a69ed4fbca3f4eac0326b299e12f914f6ca","sha512":"5d48a3e0b8854660fd3791c71b6ce9bbb9257a9cd3af905a9edfd25836ae7bc290e1dc724ee40af3097bbf643dfaefec4454bead6c080cadfc0d2903521b3027","ssdeep":"","tlshash":"b24126ae6409de5aec6e7c1d083e6c36008d897b4ba4df75c2ddce101a4247d7be68c1","size":2157,"data":"","first_seen":"2026-06-07T18:51:36.817743Z","last_seen":"2026-06-07T18:52:00.147114Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"9c29bdf6e7e2467871737559f1979066","sha1":"ff6b201340c60a7309bc5d86ca2e91f608ea31e3","sha256":"7b024e5a84280f1092dad66c46f642b7a2976054b1e1e7081406d44f4cbff25e","sha512":"884d8b274599f0dcdfb8968fbeb69fa5c3007ff13ea8f4ef0ed0ad54e0974cd9b95e5ee134212520546eb9004c218de4bbdae25346b2c99a9a0abc48056c3300","ssdeep":"1536:rKI7C5+3//yU8fmuAaN1yGNkptBgGOZ8hZFQIxZ+:+2C5+3/6HmufgRtBzHFQIxZ+","tlshash":"4e73f80fa628d66bc5c35d4bb9bf6d7b756c804402d180bc6cfec11c02998bcd6bba94","size":75330,"data":"","first_seen":"2026-05-30T10:48:25.673218Z","last_seen":"2026-06-08T09:16:09.136838Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1579bdf15f121d614ee265bc92ffe4c5","sha1":"98f298c8e9242b97d4878f311d0a32ef2913e465","sha256":"98f9473b555f3ad547d04818a2bf4faf2bcbc8059db14fde9c88fcec054e5ce1","sha512":"e814deca83548ba7904a56e9d23751d99716b9b4eb9455a5e2ef846699e10180001aecc349d17766c7752c6113af43397937ce3f1ae63b21e62e295595f35402","ssdeep":"","tlshash":"b831133d3408d54ffdad781d127e6d3650d9457b07e49a7c9bc8df0148820bd6ba6d81","size":1581,"data":"","first_seen":"2026-05-30T10:48:25.674198Z","last_seen":"2026-06-10T16:06:19.479293Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"20f6029226c5906f47a991dd1b2ccc14","sha1":"32f55f3dbd5e29aab6d8ff2f1834205824fba801","sha256":"f8688629b858b53d50bdc465e6db3686e2669619d4435b93df8115dfd1d58a3c","sha512":"6f66b9a1939a5c4671476865b51374c31e6af2a31e9f6da1cac90e41aecddb2bb1de1f6f58dc5a18bcf0fa4046d5435b68da9ba77d1b515f26cc1e07615a48f2","ssdeep":"","tlshash":"58c0c090dc42cc1cc3660f221c3b0c3921ccc56403854106ddc6ce280d81b300db1ec9","size":185,"data":"","first_seen":"2026-01-04T13:03:57.379578Z","last_seen":"2026-06-20T03:27:53.752735Z","times_seen":74,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ceee8730945e5d972afd3f4cfa29a618","sha1":"da54e15ef1e05e77d7b1fb88d72b3887a2077535","sha256":"1dc66398c54bad9970282e54bf7f95d2a6afccde525ff62e80d782cc641ab3df","sha512":"cf35db9b630a7c0bf00b1c5c419782f89a0810116970c46e2f27697f08b08daf104632bef2823388afe93e5b47921c3f4bac3b3ec3b9b8aac013d26496a727bc","ssdeep":"","tlshash":"8c41c0637c28fd05cb82de0d197b7cb850c9ca92876199baf284cc0040abc346bf0e85","size":2209,"data":"","first_seen":"2026-06-07T18:51:36.820476Z","last_seen":"2026-06-07T18:52:00.149457Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0t1et0tty8o9s.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9f98ed0ceae346d9771b94a6cacbf831","sha1":"9293e23647479836c9d6369352495c8bfe66dca0","sha256":"317b6e438c77d4bfd1e1d9143827405545e7753c7ea3cb8027bd01328b5da3e0","sha512":"97c4a69947e37b3f02d4fcfef1ce0e61c36cc8ead53781b2693f9914bf66ecf99ddf966eea7e45494c3a929279f975aceffb77f3e72dfb2d7cfe5ef9664a05ea","ssdeep":"96:PVQigpuv2J/HG52j45y5Iie0RES0/0QPf5v2ZA7sa6Rbxmqv2P:dQigp5lDhEB/0IMZAZox2P","tlshash":"b5d1d820f385e89b775a00985477a00ef214382a9bb8f87177dd54f21bc05f67d6abe8","size":6546,"data":"","first_seen":"2026-03-20T18:36:46.34169Z","last_seen":"2026-06-21T20:04:41.271238Z","times_seen":882,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/04ju1lilzr~yq.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"be7efdd73ae6b08f606c4e507a02a490","sha1":"f87a1432bcb30ac2d13adbfe57fe549bcad93d8d","sha256":"03d5bf51e580a0801ee37a2fbf5b7f44d38f5b467905f251d50fb1cf2abf31d0","sha512":"0be32c9ba10fa282937a740447bcb7be686ca2426fb4e71dea26e78b896b004f9fd50aec7a7e77c18370da2f2daaac2b240030b3ca99fca129b97333e16051eb","ssdeep":"192:10ZAcqvhX35laDNvhahXeb+dT2ZNb89/xzGz1pC6aH+N6pGO4W:XV5X35cDB0huS2ZNCqat9pGO4W","tlshash":"39021bd7b69ef831567a41a06937c20ab63d3937344d9090bbba4ce83165c8f8462fdd","size":8891,"data":"","first_seen":"2026-05-30T10:48:25.64876Z","last_seen":"2026-06-10T16:06:19.453631Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0n.i~zwc.kwvj.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3426fb79588c083a595c664962857e5b","sha1":"c8f47e2976b96307c0bbaeb405acd4d9d83e54fd","sha256":"e7441830d2e0ef1091043d1960ec038f8d1fdf7095227cc755c317183459f4ca","sha512":"902a6534082abe30a8c77585dfb533b453fe37215224503b9bcb1e5ad9f1ab07498514fedf7e4ce8af7b6ec8f5cef6fac68621b904a3af1037e79c8a89f840b1","ssdeep":"384:f+FjBRxz/akqleEZQKZTd961CHSW+uLf8J6otgG4uaFQW9Uiet6eIup1NqBYjYvN:f8j5/aZlKUd961Cz+uZcNqBq71/5Mt","tlshash":"1fe294a971d5f4910b9354b5803f501bf23e0db6286da0a4e3e2dceab9b054dd133f9a","size":31396,"data":"","first_seen":"2026-06-07T18:51:36.778355Z","last_seen":"2026-06-08T09:16:09.103772Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/11e2zymdqw9hq.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d5029cfdb2f976359020ea468734ec14","sha1":"567169760f3e3d8b5dddc68d82d2139e4390d894","sha256":"6cba14141d496048a160ca02ac420a8c34aad243dcc038eda4153da00d4ebea2","sha512":"fe143ef775ed5ce402038f75ff244dd8de0a8608dcda0bb9bb2a114a2f234c23646d8b842eed3e9bc5865548db107aae5e82d5a1ef17c02775d81335ba91209d","ssdeep":"1536:Peicyr1C7R+G6HQeiIo0PO7PZ7zbQGBBHCgEudrUu9qaAVCBA:PZrJQ8o0mbh/XBBHuuC","tlshash":"38233ae9b39070b89b47d3e5c5bb50057a3e11783945c82cd3ed2cfc68149cea1aabd6","size":49702,"data":"","first_seen":"2026-06-07T18:51:36.782932Z","last_seen":"2026-06-10T16:06:19.425079Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0epz-.xtep6ek.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a8a7359756f62b3abc4693f1f43bf88b","sha1":"b11c2a5fcfbda447adfaf6412a621d228132f5b0","sha256":"6ed18c99b0ea0198a2eb2c2aab1ffbe07ffd05b84fdc5e07d308abdbcea64f3b","sha512":"3315cf9d46616007c35d8153d6b8bdd0664468a6316a3adf0fd7d7387b67ef8cd9a50dcca7e758be8ac49cbf4ea67adf0f2e16326b6aea89d6222e7a8271130f","ssdeep":"384:z93fT2HDJyrTzyDSSH0ZymskZvQ55LQP6RrY7T8t6iW:l3r3yDSSUHvQ55LQP1/8ty","tlshash":"90923c743295fcd5525bc5c0e83f400ef7292d75a57db0a4b3fc54956aa0884b0a2fba","size":19856,"data":"","first_seen":"2026-05-30T10:48:25.662111Z","last_seen":"2026-06-10T16:06:19.47076Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0sq6ukp44ft65.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2923caefa3b359f7b1aef1c47ee6bfca","sha1":"535411f08c5fc62552aa8a1ec5a7e7dafd85ea6f","sha256":"6610c3e592394553273e15c035372152c119ab2bcc63d32b75397712fc79236b","sha512":"2cf20662b65aa5c7adaadb47cdb4306e5b7a4aab40e603e22e4b9674c3c53965a30dca0ad473ffab48a721776262481d7043e1dec2efba5f7f7e077e5240d99d","ssdeep":"1536:FP481StV+Y+To58AjIXpelO25DIv6mdv8RO9/woLehwRgXRktwOm3RO9yfhXfHFS:1O03arwYzkbV+ZdjYnsUvQ4ql6KmdV7x","tlshash":"c983d986fa21df9cbc311ac4adab084c941f6e18db7e4874f1f8f4952b591d8361ab4c","size":82131,"data":"","first_seen":"2026-06-06T04:29:58.935061Z","last_seen":"2026-06-10T16:06:19.429476Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1a6e1178e4bbf5730bd664a49dd3bc24","sha1":"17c3ae3273f9de6afbbdedf2e413dbb3a6722792","sha256":"3814cddd18b2095e01abb745a99e5ada90178e709c09879324c3b623f2d829ea","sha512":"cfb1aab0bf589e33fd12906f448ddbbf7163420a088de513b174304c9ba3a7abcd9b41c98bc4dd51edd0206c1fe4660db9857e3c6163d1bf50c670cefddee509","ssdeep":"","tlshash":"de9002b090c39c5890264186687100160b6c040c01080141132184d810115048e40d8e","size":43,"data":"","first_seen":"2023-03-13T01:07:12Z","last_seen":"2026-06-21T21:31:09.33262Z","times_seen":168534,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1ed179fa9ca9636c684b078ebaa609b7","sha1":"e248aa2dc27f6b8339affce7bb8e0a8c55927764","sha256":"824f9055d888eab034d55ca83557b517d89bb3c132027a517983ef7756ba04e6","sha512":"ef3570cadad06433dd28d02739320f5e81bfb518a7f442fba79e3459d50d4bfb4507cdb205ed8de0d7241ccc8adad5b638d28711d27f0d73ef53c57638bf0216","ssdeep":"48:LttePFteGVWCNnKjLc6v/dG77OUiVrs6FolqteXteQteGBtecyteGVWCNnKjLc6V:LcXPyDawPyDC2nPyD6PyDEFR","tlshash":"2d91ca1bdd0efd103d21ceae546e0f32aad1dc33a4761a2ca62dd9dc41219b657ee8c1","size":4344,"data":"","first_seen":"2026-06-07T18:51:36.812694Z","last_seen":"2026-06-10T16:06:19.473074Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"87789c15d6b3dbb94b28bdcd672aed2f","sha1":"267b3e13eb236b374b5bd0721ef281d09e11343b","sha256":"d7e0d2e507dc8a5b9f31fdca10292e8bfa29a891d12606e4bea729a276d15973","sha512":"704db0010823ebe2f2a5b47362edd06109e8e4d21f5a53659e6291890c8f920778012d13f5ec1dae00bf9ebb55361baa9fe5c1c7646b49e629498bf1c8979075","ssdeep":"48:LQGVWCNnKjLc6v/dG77OUiVXoteGVWCNnKjLc6v/dG77OUiVXqyWtec9tec9teGq:LVPyDUPyDsLPyDoPyD3PyDE","tlshash":"7991981bcd0afd203d20ceae507e0f32aac1dc37a4761a2ca76cd9dc5121a7657e98c1","size":4338,"data":"","first_seen":"2026-06-07T18:51:36.814076Z","last_seen":"2026-06-10T16:06:19.473953Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"48a30c28630a8a067f292126301ea9ee","sha1":"3fa2deb03cd70a67d2df76d4dd6f88b49bd27d40","sha256":"a9ad092323596b2a9e3398af288fa451853c98ccb3679f01ffe71b9b6678949e","sha512":"943d9167d02627cbb63b88cd18198ff22bb03ede001f4d502d44d5fd44a1dbe0a23afe7484e1a8cdaeab3489b046e071a2cab6d54a85d12512aba9e98f3cc59f","ssdeep":"","tlshash":"0841001ace0efd113d21ceae542e0f36aec0cc379176552db66cda9c522297617de8c1","size":2194,"data":"","first_seen":"2026-06-07T18:51:36.815728Z","last_seen":"2026-06-10T16:06:19.474837Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"db11281163971d1811c3be69a8138f95","sha1":"be9cfab67ffe3e1f417b3e8688852d89f27b11a1","sha256":"9398beecae8166f0eab4480be040f205b93c712bcedfe1f0478fe42cf5eeea37","sha512":"d3e9f134f23b8620034b49edc1cb68a557417498ff1f00a62165ea8915b1101a05b69eecd4bef6c3e16d79c08c3bf2b5060dbf60f48295990d01928719bd8703","ssdeep":"48:LZMAb/+qjSu3OD2Zi/+uj7QnW1Va9Hkk6BpRuLwSD7th0O8RiDEdpDg65p9s6z/N:LT17hp4Ugp+jvO","tlshash":"0a917f0fbc15df02dc3a6c7d113e8e7a14ccce778760d9b9819ecd491a066b22bd9881","size":4351,"data":"","first_seen":"2026-06-07T18:51:36.816751Z","last_seen":"2026-06-08T09:16:09.133816Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"401a08438867eb1f9f192503d7380b0d","sha1":"76b25fd246e5cf25c759d3a4ecccf8af2f8c4bfd","sha256":"2fd1dee253e88f2ed9db03b081ff9a69ed4fbca3f4eac0326b299e12f914f6ca","sha512":"5d48a3e0b8854660fd3791c71b6ce9bbb9257a9cd3af905a9edfd25836ae7bc290e1dc724ee40af3097bbf643dfaefec4454bead6c080cadfc0d2903521b3027","ssdeep":"","tlshash":"b24126ae6409de5aec6e7c1d083e6c36008d897b4ba4df75c2ddce101a4247d7be68c1","size":2157,"data":"","first_seen":"2026-06-07T18:51:36.817743Z","last_seen":"2026-06-07T18:52:00.147114Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"9c29bdf6e7e2467871737559f1979066","sha1":"ff6b201340c60a7309bc5d86ca2e91f608ea31e3","sha256":"7b024e5a84280f1092dad66c46f642b7a2976054b1e1e7081406d44f4cbff25e","sha512":"884d8b274599f0dcdfb8968fbeb69fa5c3007ff13ea8f4ef0ed0ad54e0974cd9b95e5ee134212520546eb9004c218de4bbdae25346b2c99a9a0abc48056c3300","ssdeep":"1536:rKI7C5+3//yU8fmuAaN1yGNkptBgGOZ8hZFQIxZ+:+2C5+3/6HmufgRtBzHFQIxZ+","tlshash":"4e73f80fa628d66bc5c35d4bb9bf6d7b756c804402d180bc6cfec11c02998bcd6bba94","size":75330,"data":"","first_seen":"2026-05-30T10:48:25.673218Z","last_seen":"2026-06-08T09:16:09.136838Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1579bdf15f121d614ee265bc92ffe4c5","sha1":"98f298c8e9242b97d4878f311d0a32ef2913e465","sha256":"98f9473b555f3ad547d04818a2bf4faf2bcbc8059db14fde9c88fcec054e5ce1","sha512":"e814deca83548ba7904a56e9d23751d99716b9b4eb9455a5e2ef846699e10180001aecc349d17766c7752c6113af43397937ce3f1ae63b21e62e295595f35402","ssdeep":"","tlshash":"b831133d3408d54ffdad781d127e6d3650d9457b07e49a7c9bc8df0148820bd6ba6d81","size":1581,"data":"","first_seen":"2026-05-30T10:48:25.674198Z","last_seen":"2026-06-10T16:06:19.479293Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"20f6029226c5906f47a991dd1b2ccc14","sha1":"32f55f3dbd5e29aab6d8ff2f1834205824fba801","sha256":"f8688629b858b53d50bdc465e6db3686e2669619d4435b93df8115dfd1d58a3c","sha512":"6f66b9a1939a5c4671476865b51374c31e6af2a31e9f6da1cac90e41aecddb2bb1de1f6f58dc5a18bcf0fa4046d5435b68da9ba77d1b515f26cc1e07615a48f2","ssdeep":"","tlshash":"58c0c090dc42cc1cc3660f221c3b0c3921ccc56403854106ddc6ce280d81b300db1ec9","size":185,"data":"","first_seen":"2026-01-04T13:03:57.379578Z","last_seen":"2026-06-20T03:27:53.752735Z","times_seen":74,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ceee8730945e5d972afd3f4cfa29a618","sha1":"da54e15ef1e05e77d7b1fb88d72b3887a2077535","sha256":"1dc66398c54bad9970282e54bf7f95d2a6afccde525ff62e80d782cc641ab3df","sha512":"cf35db9b630a7c0bf00b1c5c419782f89a0810116970c46e2f27697f08b08daf104632bef2823388afe93e5b47921c3f4bac3b3ec3b9b8aac013d26496a727bc","ssdeep":"","tlshash":"8c41c0637c28fd05cb82de0d197b7cb850c9ca92876199baf284cc0040abc346bf0e85","size":2209,"data":"","first_seen":"2026-06-07T18:51:36.820476Z","last_seen":"2026-06-07T18:52:00.149457Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0yctg.lbns7cx.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5e6dbb6417918d8de79010d13e28fbf1","sha1":"8d926f69f47578659c3ae8ea3c589528929a4213","sha256":"aa5317a27d957e71923c4392130129f7c923e87425e5e3f21d807cb8363ed1a2","sha512":"50869f8be5514ae913b4a0ed859fa74ee053cf7c1b825e5407f9c11a5d2d98948231e2f682817b450ea04a19e9edf78e263b38f168ebe632bc3de45397bf8e0c","ssdeep":"1536:3sLL/gHFrNd1XoZaP4o7K09tFt0pfIrMv9sN0wywCu:3sLLaL","tlshash":"d5433b0893909bf8ad8cc7f49b71749972a3b8b6f970c2d8f66e0818de150d461fc5a7","size":59047,"data":"","first_seen":"2026-05-30T10:48:25.569032Z","last_seen":"2026-06-10T16:06:19.465725Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/turbopack-0je_qrls.5nbx.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ee2092d9285145e3c4d7fe83e3455685","sha1":"6b8aad716bfbc32795c0a7dac827df2ccf0d82d0","sha256":"4f22fbfa6087537ece331ed76882e9f07161ec8c64bf9a7c42818baf5769a4d2","sha512":"61dbe37f61663f764fe9b1014cd0f099f51581c59013e4b938dbbfb8e3e6cbb5fcf184bf1de60f72cece30c0fdd1b3819bdfb58d51d7858b8114b201fd7d6e55","ssdeep":"192:g4gM6B68gEsg6d2hE7oGElpETND+S3sBT4fCT3cXX6hfH2:g4gM6VLsElWyssqCTMD","tlshash":"8622c6da37a6f07343afa4ebd06f4004f17984a9145d141cd3aca8eb2c354aa85e7f76","size":10613,"data":"","first_seen":"2026-06-07T18:51:36.779161Z","last_seen":"2026-06-08T09:16:09.123687Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0w78rogic0u2a.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0f6bbaa04c94fdbe2bc427fd9e61d49e","sha1":"54cad14d4efed529b0e4691382f86ebdc8fdd3f3","sha256":"f30a3fef8ff0374bfe189f748cb3f98daed3f1ddef335f276040a3506799c467","sha512":"c99a16b7b22a63c005b2fe2f9644ddfd287a84eaff4793e2d4fd8a177dfe56612a522d55e44ea0c8a6759b5eb6d324bda4c79ff9187cadf9f677778a50382f81","ssdeep":"768:cCZH2Kny+wUF+Kr1VZGsa8YXd53LbMM/7:9WKniUzZGsa88M8","tlshash":"64e22b7131a5f8d1939a8284447f440df2392e75642eb064b3fd5ce967a58c8b0b2fb7","size":31247,"data":"","first_seen":"2026-06-07T18:51:36.759756Z","last_seen":"2026-06-10T16:06:19.434348Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/17wxa0ux09ny6.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b912834505fce72251b99d5414a023a3","sha1":"0a10f121db58d490c36ad5f9c747a73e37d8c22f","sha256":"12e7d3d495d8fcbec41b61a0a9e6613eff05162ebe2cfb87b6234e881764b953","sha512":"9f6f468fe42317801c358bdcadceb576076bad76c1a6d161565848f07e163942c651c5874c47fbe3ff281596e98776c2c8d5899942040cb22dbb8a246fc5526d","ssdeep":"1536:VTWOdo9UswedK+vdVdH8oeYP5tatNZgfkjEloNdYJGeg8TgtHzKS4ymNNdk4TO6+:V/dGdV4rZKAmNbH3Xu","tlshash":"cfb31954a061beecaa6705d8645fc00cb11e6e5ccf0ec878f2fc7c252d99484ba97b8d","size":116138,"data":"","first_seen":"2026-06-06T04:29:59.005821Z","last_seen":"2026-06-10T16:06:19.440017Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0ox_03ak_i_jh.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"088ec40a4965e44ad568004a525ccf3c","sha1":"9302d3ced48402fda69c170d88f6adc78151c57f","sha256":"2525f70ff99ff3c4f736e3f317f5b6d687c61882342856c347b63b90a6eef11a","sha512":"2be90eafcaa61440ca8e042ef3de439fb7fce4bb295460136ce4b1f6bdbf76c3bf5b1b9d9f306e39d4e50a670221d383ca4e0afe5228c7e153519f34ed26f1ca","ssdeep":"","tlshash":"ac4134c5e590a6389cc807b44b254812693966ff70dde5f987ae0ce05b43dccf29648e","size":1930,"data":"","first_seen":"2026-05-30T10:48:25.551671Z","last_seen":"2026-06-10T16:06:19.47001Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0hm6zy2pl-aww.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3942850788b440a40c6c42d0a1367c7f","sha1":"1ea2998a9fa91747e4f2baf9889ff7d80727aa75","sha256":"77d77e60f693904bd965d55cb6e862c7cb50d123ea929c01306ad5e5aa98336e","sha512":"0c2431fb6961fec582821303f2525f0ea48974529dbdd69bb6d181a48efbf8fea8f0dca649423a87230207c90c918dd7a465fd338e3db2892dcb4c6bce8bcb51","ssdeep":"384:wyhE/WJ72vvRHeTSdz9HQkTBV8GUYssccRSvj+jixwZsM5m:wyQWJ72xHeTSDHQKBV8PqcASvq4E5m","tlshash":"bbe20ae532817a30e7df469a517f811c773e2689640e0410f5799c983abcd85f2b3faa","size":32833,"data":"","first_seen":"2026-05-30T10:48:25.661128Z","last_seen":"2026-06-10T16:06:19.469158Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1a6e1178e4bbf5730bd664a49dd3bc24","sha1":"17c3ae3273f9de6afbbdedf2e413dbb3a6722792","sha256":"3814cddd18b2095e01abb745a99e5ada90178e709c09879324c3b623f2d829ea","sha512":"cfb1aab0bf589e33fd12906f448ddbbf7163420a088de513b174304c9ba3a7abcd9b41c98bc4dd51edd0206c1fe4660db9857e3c6163d1bf50c670cefddee509","ssdeep":"","tlshash":"de9002b090c39c5890264186687100160b6c040c01080141132184d810115048e40d8e","size":43,"data":"","first_seen":"2023-03-13T01:07:12Z","last_seen":"2026-06-21T21:31:09.33262Z","times_seen":168534,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1ed179fa9ca9636c684b078ebaa609b7","sha1":"e248aa2dc27f6b8339affce7bb8e0a8c55927764","sha256":"824f9055d888eab034d55ca83557b517d89bb3c132027a517983ef7756ba04e6","sha512":"ef3570cadad06433dd28d02739320f5e81bfb518a7f442fba79e3459d50d4bfb4507cdb205ed8de0d7241ccc8adad5b638d28711d27f0d73ef53c57638bf0216","ssdeep":"48:LttePFteGVWCNnKjLc6v/dG77OUiVrs6FolqteXteQteGBtecyteGVWCNnKjLc6V:LcXPyDawPyDC2nPyD6PyDEFR","tlshash":"2d91ca1bdd0efd103d21ceae546e0f32aad1dc33a4761a2ca62dd9dc41219b657ee8c1","size":4344,"data":"","first_seen":"2026-06-07T18:51:36.812694Z","last_seen":"2026-06-10T16:06:19.473074Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"87789c15d6b3dbb94b28bdcd672aed2f","sha1":"267b3e13eb236b374b5bd0721ef281d09e11343b","sha256":"d7e0d2e507dc8a5b9f31fdca10292e8bfa29a891d12606e4bea729a276d15973","sha512":"704db0010823ebe2f2a5b47362edd06109e8e4d21f5a53659e6291890c8f920778012d13f5ec1dae00bf9ebb55361baa9fe5c1c7646b49e629498bf1c8979075","ssdeep":"48:LQGVWCNnKjLc6v/dG77OUiVXoteGVWCNnKjLc6v/dG77OUiVXqyWtec9tec9teGq:LVPyDUPyDsLPyDoPyD3PyDE","tlshash":"7991981bcd0afd203d20ceae507e0f32aac1dc37a4761a2ca76cd9dc5121a7657e98c1","size":4338,"data":"","first_seen":"2026-06-07T18:51:36.814076Z","last_seen":"2026-06-10T16:06:19.473953Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"48a30c28630a8a067f292126301ea9ee","sha1":"3fa2deb03cd70a67d2df76d4dd6f88b49bd27d40","sha256":"a9ad092323596b2a9e3398af288fa451853c98ccb3679f01ffe71b9b6678949e","sha512":"943d9167d02627cbb63b88cd18198ff22bb03ede001f4d502d44d5fd44a1dbe0a23afe7484e1a8cdaeab3489b046e071a2cab6d54a85d12512aba9e98f3cc59f","ssdeep":"","tlshash":"0841001ace0efd113d21ceae542e0f36aec0cc379176552db66cda9c522297617de8c1","size":2194,"data":"","first_seen":"2026-06-07T18:51:36.815728Z","last_seen":"2026-06-10T16:06:19.474837Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"db11281163971d1811c3be69a8138f95","sha1":"be9cfab67ffe3e1f417b3e8688852d89f27b11a1","sha256":"9398beecae8166f0eab4480be040f205b93c712bcedfe1f0478fe42cf5eeea37","sha512":"d3e9f134f23b8620034b49edc1cb68a557417498ff1f00a62165ea8915b1101a05b69eecd4bef6c3e16d79c08c3bf2b5060dbf60f48295990d01928719bd8703","ssdeep":"48:LZMAb/+qjSu3OD2Zi/+uj7QnW1Va9Hkk6BpRuLwSD7th0O8RiDEdpDg65p9s6z/N:LT17hp4Ugp+jvO","tlshash":"0a917f0fbc15df02dc3a6c7d113e8e7a14ccce778760d9b9819ecd491a066b22bd9881","size":4351,"data":"","first_seen":"2026-06-07T18:51:36.816751Z","last_seen":"2026-06-08T09:16:09.133816Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"401a08438867eb1f9f192503d7380b0d","sha1":"76b25fd246e5cf25c759d3a4ecccf8af2f8c4bfd","sha256":"2fd1dee253e88f2ed9db03b081ff9a69ed4fbca3f4eac0326b299e12f914f6ca","sha512":"5d48a3e0b8854660fd3791c71b6ce9bbb9257a9cd3af905a9edfd25836ae7bc290e1dc724ee40af3097bbf643dfaefec4454bead6c080cadfc0d2903521b3027","ssdeep":"","tlshash":"b24126ae6409de5aec6e7c1d083e6c36008d897b4ba4df75c2ddce101a4247d7be68c1","size":2157,"data":"","first_seen":"2026-06-07T18:51:36.817743Z","last_seen":"2026-06-07T18:52:00.147114Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"9c29bdf6e7e2467871737559f1979066","sha1":"ff6b201340c60a7309bc5d86ca2e91f608ea31e3","sha256":"7b024e5a84280f1092dad66c46f642b7a2976054b1e1e7081406d44f4cbff25e","sha512":"884d8b274599f0dcdfb8968fbeb69fa5c3007ff13ea8f4ef0ed0ad54e0974cd9b95e5ee134212520546eb9004c218de4bbdae25346b2c99a9a0abc48056c3300","ssdeep":"1536:rKI7C5+3//yU8fmuAaN1yGNkptBgGOZ8hZFQIxZ+:+2C5+3/6HmufgRtBzHFQIxZ+","tlshash":"4e73f80fa628d66bc5c35d4bb9bf6d7b756c804402d180bc6cfec11c02998bcd6bba94","size":75330,"data":"","first_seen":"2026-05-30T10:48:25.673218Z","last_seen":"2026-06-08T09:16:09.136838Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1579bdf15f121d614ee265bc92ffe4c5","sha1":"98f298c8e9242b97d4878f311d0a32ef2913e465","sha256":"98f9473b555f3ad547d04818a2bf4faf2bcbc8059db14fde9c88fcec054e5ce1","sha512":"e814deca83548ba7904a56e9d23751d99716b9b4eb9455a5e2ef846699e10180001aecc349d17766c7752c6113af43397937ce3f1ae63b21e62e295595f35402","ssdeep":"","tlshash":"b831133d3408d54ffdad781d127e6d3650d9457b07e49a7c9bc8df0148820bd6ba6d81","size":1581,"data":"","first_seen":"2026-05-30T10:48:25.674198Z","last_seen":"2026-06-10T16:06:19.479293Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"20f6029226c5906f47a991dd1b2ccc14","sha1":"32f55f3dbd5e29aab6d8ff2f1834205824fba801","sha256":"f8688629b858b53d50bdc465e6db3686e2669619d4435b93df8115dfd1d58a3c","sha512":"6f66b9a1939a5c4671476865b51374c31e6af2a31e9f6da1cac90e41aecddb2bb1de1f6f58dc5a18bcf0fa4046d5435b68da9ba77d1b515f26cc1e07615a48f2","ssdeep":"","tlshash":"58c0c090dc42cc1cc3660f221c3b0c3921ccc56403854106ddc6ce280d81b300db1ec9","size":185,"data":"","first_seen":"2026-01-04T13:03:57.379578Z","last_seen":"2026-06-20T03:27:53.752735Z","times_seen":74,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ceee8730945e5d972afd3f4cfa29a618","sha1":"da54e15ef1e05e77d7b1fb88d72b3887a2077535","sha256":"1dc66398c54bad9970282e54bf7f95d2a6afccde525ff62e80d782cc641ab3df","sha512":"cf35db9b630a7c0bf00b1c5c419782f89a0810116970c46e2f27697f08b08daf104632bef2823388afe93e5b47921c3f4bac3b3ec3b9b8aac013d26496a727bc","ssdeep":"","tlshash":"8c41c0637c28fd05cb82de0d197b7cb850c9ca92876199baf284cc0040abc346bf0e85","size":2209,"data":"","first_seen":"2026-06-07T18:51:36.820476Z","last_seen":"2026-06-07T18:52:00.149457Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1a6e1178e4bbf5730bd664a49dd3bc24","sha1":"17c3ae3273f9de6afbbdedf2e413dbb3a6722792","sha256":"3814cddd18b2095e01abb745a99e5ada90178e709c09879324c3b623f2d829ea","sha512":"cfb1aab0bf589e33fd12906f448ddbbf7163420a088de513b174304c9ba3a7abcd9b41c98bc4dd51edd0206c1fe4660db9857e3c6163d1bf50c670cefddee509","ssdeep":"","tlshash":"de9002b090c39c5890264186687100160b6c040c01080141132184d810115048e40d8e","size":43,"data":"","first_seen":"2023-03-13T01:07:12Z","last_seen":"2026-06-21T21:31:09.33262Z","times_seen":168534,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1ed179fa9ca9636c684b078ebaa609b7","sha1":"e248aa2dc27f6b8339affce7bb8e0a8c55927764","sha256":"824f9055d888eab034d55ca83557b517d89bb3c132027a517983ef7756ba04e6","sha512":"ef3570cadad06433dd28d02739320f5e81bfb518a7f442fba79e3459d50d4bfb4507cdb205ed8de0d7241ccc8adad5b638d28711d27f0d73ef53c57638bf0216","ssdeep":"48:LttePFteGVWCNnKjLc6v/dG77OUiVrs6FolqteXteQteGBtecyteGVWCNnKjLc6V:LcXPyDawPyDC2nPyD6PyDEFR","tlshash":"2d91ca1bdd0efd103d21ceae546e0f32aad1dc33a4761a2ca62dd9dc41219b657ee8c1","size":4344,"data":"","first_seen":"2026-06-07T18:51:36.812694Z","last_seen":"2026-06-10T16:06:19.473074Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"87789c15d6b3dbb94b28bdcd672aed2f","sha1":"267b3e13eb236b374b5bd0721ef281d09e11343b","sha256":"d7e0d2e507dc8a5b9f31fdca10292e8bfa29a891d12606e4bea729a276d15973","sha512":"704db0010823ebe2f2a5b47362edd06109e8e4d21f5a53659e6291890c8f920778012d13f5ec1dae00bf9ebb55361baa9fe5c1c7646b49e629498bf1c8979075","ssdeep":"48:LQGVWCNnKjLc6v/dG77OUiVXoteGVWCNnKjLc6v/dG77OUiVXqyWtec9tec9teGq:LVPyDUPyDsLPyDoPyD3PyDE","tlshash":"7991981bcd0afd203d20ceae507e0f32aac1dc37a4761a2ca76cd9dc5121a7657e98c1","size":4338,"data":"","first_seen":"2026-06-07T18:51:36.814076Z","last_seen":"2026-06-10T16:06:19.473953Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"48a30c28630a8a067f292126301ea9ee","sha1":"3fa2deb03cd70a67d2df76d4dd6f88b49bd27d40","sha256":"a9ad092323596b2a9e3398af288fa451853c98ccb3679f01ffe71b9b6678949e","sha512":"943d9167d02627cbb63b88cd18198ff22bb03ede001f4d502d44d5fd44a1dbe0a23afe7484e1a8cdaeab3489b046e071a2cab6d54a85d12512aba9e98f3cc59f","ssdeep":"","tlshash":"0841001ace0efd113d21ceae542e0f36aec0cc379176552db66cda9c522297617de8c1","size":2194,"data":"","first_seen":"2026-06-07T18:51:36.815728Z","last_seen":"2026-06-10T16:06:19.474837Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"db11281163971d1811c3be69a8138f95","sha1":"be9cfab67ffe3e1f417b3e8688852d89f27b11a1","sha256":"9398beecae8166f0eab4480be040f205b93c712bcedfe1f0478fe42cf5eeea37","sha512":"d3e9f134f23b8620034b49edc1cb68a557417498ff1f00a62165ea8915b1101a05b69eecd4bef6c3e16d79c08c3bf2b5060dbf60f48295990d01928719bd8703","ssdeep":"48:LZMAb/+qjSu3OD2Zi/+uj7QnW1Va9Hkk6BpRuLwSD7th0O8RiDEdpDg65p9s6z/N:LT17hp4Ugp+jvO","tlshash":"0a917f0fbc15df02dc3a6c7d113e8e7a14ccce778760d9b9819ecd491a066b22bd9881","size":4351,"data":"","first_seen":"2026-06-07T18:51:36.816751Z","last_seen":"2026-06-08T09:16:09.133816Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"401a08438867eb1f9f192503d7380b0d","sha1":"76b25fd246e5cf25c759d3a4ecccf8af2f8c4bfd","sha256":"2fd1dee253e88f2ed9db03b081ff9a69ed4fbca3f4eac0326b299e12f914f6ca","sha512":"5d48a3e0b8854660fd3791c71b6ce9bbb9257a9cd3af905a9edfd25836ae7bc290e1dc724ee40af3097bbf643dfaefec4454bead6c080cadfc0d2903521b3027","ssdeep":"","tlshash":"b24126ae6409de5aec6e7c1d083e6c36008d897b4ba4df75c2ddce101a4247d7be68c1","size":2157,"data":"","first_seen":"2026-06-07T18:51:36.817743Z","last_seen":"2026-06-07T18:52:00.147114Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"9c29bdf6e7e2467871737559f1979066","sha1":"ff6b201340c60a7309bc5d86ca2e91f608ea31e3","sha256":"7b024e5a84280f1092dad66c46f642b7a2976054b1e1e7081406d44f4cbff25e","sha512":"884d8b274599f0dcdfb8968fbeb69fa5c3007ff13ea8f4ef0ed0ad54e0974cd9b95e5ee134212520546eb9004c218de4bbdae25346b2c99a9a0abc48056c3300","ssdeep":"1536:rKI7C5+3//yU8fmuAaN1yGNkptBgGOZ8hZFQIxZ+:+2C5+3/6HmufgRtBzHFQIxZ+","tlshash":"4e73f80fa628d66bc5c35d4bb9bf6d7b756c804402d180bc6cfec11c02998bcd6bba94","size":75330,"data":"","first_seen":"2026-05-30T10:48:25.673218Z","last_seen":"2026-06-08T09:16:09.136838Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1579bdf15f121d614ee265bc92ffe4c5","sha1":"98f298c8e9242b97d4878f311d0a32ef2913e465","sha256":"98f9473b555f3ad547d04818a2bf4faf2bcbc8059db14fde9c88fcec054e5ce1","sha512":"e814deca83548ba7904a56e9d23751d99716b9b4eb9455a5e2ef846699e10180001aecc349d17766c7752c6113af43397937ce3f1ae63b21e62e295595f35402","ssdeep":"","tlshash":"b831133d3408d54ffdad781d127e6d3650d9457b07e49a7c9bc8df0148820bd6ba6d81","size":1581,"data":"","first_seen":"2026-05-30T10:48:25.674198Z","last_seen":"2026-06-10T16:06:19.479293Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"20f6029226c5906f47a991dd1b2ccc14","sha1":"32f55f3dbd5e29aab6d8ff2f1834205824fba801","sha256":"f8688629b858b53d50bdc465e6db3686e2669619d4435b93df8115dfd1d58a3c","sha512":"6f66b9a1939a5c4671476865b51374c31e6af2a31e9f6da1cac90e41aecddb2bb1de1f6f58dc5a18bcf0fa4046d5435b68da9ba77d1b515f26cc1e07615a48f2","ssdeep":"","tlshash":"58c0c090dc42cc1cc3660f221c3b0c3921ccc56403854106ddc6ce280d81b300db1ec9","size":185,"data":"","first_seen":"2026-01-04T13:03:57.379578Z","last_seen":"2026-06-20T03:27:53.752735Z","times_seen":74,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ceee8730945e5d972afd3f4cfa29a618","sha1":"da54e15ef1e05e77d7b1fb88d72b3887a2077535","sha256":"1dc66398c54bad9970282e54bf7f95d2a6afccde525ff62e80d782cc641ab3df","sha512":"cf35db9b630a7c0bf00b1c5c419782f89a0810116970c46e2f27697f08b08daf104632bef2823388afe93e5b47921c3f4bac3b3ec3b9b8aac013d26496a727bc","ssdeep":"","tlshash":"8c41c0637c28fd05cb82de0d197b7cb850c9ca92876199baf284cc0040abc346bf0e85","size":2209,"data":"","first_seen":"2026-06-07T18:51:36.820476Z","last_seen":"2026-06-07T18:52:00.149457Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0a51q.65l43cu.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2c0d856260355cfe6e19dab13b192253","sha1":"fc7c5cdd08547a8a5a0f5951bfd676c8ba2a5fc9","sha256":"9ba6c6863a08f538a8fda2430d04b9f3fda5947f14ef606946c1004b416c5073","sha512":"78aa643104ae793488b923b3c73b38fc4798eb2407bad247e7946a87ce27ff9f2c78668ce111c39161a562eb31cbadd99d1fa8d93d2efc43e41608b97850714a","ssdeep":"768:juzhHJNPkOsCH71yZ8ATNTOYlTvLmHXG3v5aCmJG5LqKaBtl5N269Bx3jpIYYsHO:juzhHJNPkOsMI9Tthp3v5aCm/v5RzHeT","tlshash":"5c03b561e28672260e4343d9542903096fbe78b4678c541fb76c5ed72d22c8a4bbdff2","size":40906,"data":"","first_seen":"2026-04-23T10:08:30.775038Z","last_seen":"2026-06-21T17:03:09.423171Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0nh8v~7ip8our.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8b5292b96bb875cc8a420df88a5178b","sha1":"14278e64cd16cad54ede3c81acceb66defc82bd2","sha256":"186311357d3cc801cefa61cfcb3d285ab5675622d6556f5e69aad00a9a80ecec","sha512":"266fa6af18c2187121ec46d999fa91304c94be82fff0721503af81a6a73dcef5fa630dc0cf80fbd2ddcc0e1c32a1fc760c2dfb27431818860e70c2d1e4e0f909","ssdeep":"96:XKlThyvcYNmheMr4RfRlr0OhBQsNvfOOEZcDfg1DX2o+:65gvcYNmhej0OhBxfOyiLM","tlshash":"50b14368e76c62bda84206d8463344212b5f057fb3ca5476cc5dc7f4f64b928cae3c9a","size":5433,"data":"","first_seen":"2026-05-30T10:48:25.557094Z","last_seen":"2026-06-10T16:06:19.439523Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0n4z.7yu76je-.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a648f088ad544148210ae070401800cd","sha1":"283e51ae1715ff82a698d38a370dff4af2976884","sha256":"91fec54ca6bfa97c9bc4fefe9576b9a76aac47ed9f0009090ddf6a60030d55d3","sha512":"045b41574a3600911e4d65a734aa6ca8091609f954bfea447bc0a03d9ae0516d56e91c15679393ae4d732a2dbafc403ad56e6ec376c11288be04e198c9b3b653","ssdeep":"384:2sUWst5gWTnrYV3uXeqbkJdeUtdaVmzlhjuNf9zXYpDuYNb4x2pk81FZTDxJRiGV:vUWstOoS3HSqD95hdFQcCDFZ1dqF6SV","tlshash":"1933da753295faa303db91d9c0370012f2780d7130ad64b4b395d8af399dd8a92faf69","size":54646,"data":"","first_seen":"2026-03-20T07:59:15.953955Z","last_seen":"2026-06-21T16:00:36.480188Z","times_seen":642,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1a6e1178e4bbf5730bd664a49dd3bc24","sha1":"17c3ae3273f9de6afbbdedf2e413dbb3a6722792","sha256":"3814cddd18b2095e01abb745a99e5ada90178e709c09879324c3b623f2d829ea","sha512":"cfb1aab0bf589e33fd12906f448ddbbf7163420a088de513b174304c9ba3a7abcd9b41c98bc4dd51edd0206c1fe4660db9857e3c6163d1bf50c670cefddee509","ssdeep":"","tlshash":"de9002b090c39c5890264186687100160b6c040c01080141132184d810115048e40d8e","size":43,"data":"","first_seen":"2023-03-13T01:07:12Z","last_seen":"2026-06-21T21:31:09.33262Z","times_seen":168534,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1ed179fa9ca9636c684b078ebaa609b7","sha1":"e248aa2dc27f6b8339affce7bb8e0a8c55927764","sha256":"824f9055d888eab034d55ca83557b517d89bb3c132027a517983ef7756ba04e6","sha512":"ef3570cadad06433dd28d02739320f5e81bfb518a7f442fba79e3459d50d4bfb4507cdb205ed8de0d7241ccc8adad5b638d28711d27f0d73ef53c57638bf0216","ssdeep":"48:LttePFteGVWCNnKjLc6v/dG77OUiVrs6FolqteXteQteGBtecyteGVWCNnKjLc6V:LcXPyDawPyDC2nPyD6PyDEFR","tlshash":"2d91ca1bdd0efd103d21ceae546e0f32aad1dc33a4761a2ca62dd9dc41219b657ee8c1","size":4344,"data":"","first_seen":"2026-06-07T18:51:36.812694Z","last_seen":"2026-06-10T16:06:19.473074Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"87789c15d6b3dbb94b28bdcd672aed2f","sha1":"267b3e13eb236b374b5bd0721ef281d09e11343b","sha256":"d7e0d2e507dc8a5b9f31fdca10292e8bfa29a891d12606e4bea729a276d15973","sha512":"704db0010823ebe2f2a5b47362edd06109e8e4d21f5a53659e6291890c8f920778012d13f5ec1dae00bf9ebb55361baa9fe5c1c7646b49e629498bf1c8979075","ssdeep":"48:LQGVWCNnKjLc6v/dG77OUiVXoteGVWCNnKjLc6v/dG77OUiVXqyWtec9tec9teGq:LVPyDUPyDsLPyDoPyD3PyDE","tlshash":"7991981bcd0afd203d20ceae507e0f32aac1dc37a4761a2ca76cd9dc5121a7657e98c1","size":4338,"data":"","first_seen":"2026-06-07T18:51:36.814076Z","last_seen":"2026-06-10T16:06:19.473953Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"48a30c28630a8a067f292126301ea9ee","sha1":"3fa2deb03cd70a67d2df76d4dd6f88b49bd27d40","sha256":"a9ad092323596b2a9e3398af288fa451853c98ccb3679f01ffe71b9b6678949e","sha512":"943d9167d02627cbb63b88cd18198ff22bb03ede001f4d502d44d5fd44a1dbe0a23afe7484e1a8cdaeab3489b046e071a2cab6d54a85d12512aba9e98f3cc59f","ssdeep":"","tlshash":"0841001ace0efd113d21ceae542e0f36aec0cc379176552db66cda9c522297617de8c1","size":2194,"data":"","first_seen":"2026-06-07T18:51:36.815728Z","last_seen":"2026-06-10T16:06:19.474837Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"db11281163971d1811c3be69a8138f95","sha1":"be9cfab67ffe3e1f417b3e8688852d89f27b11a1","sha256":"9398beecae8166f0eab4480be040f205b93c712bcedfe1f0478fe42cf5eeea37","sha512":"d3e9f134f23b8620034b49edc1cb68a557417498ff1f00a62165ea8915b1101a05b69eecd4bef6c3e16d79c08c3bf2b5060dbf60f48295990d01928719bd8703","ssdeep":"48:LZMAb/+qjSu3OD2Zi/+uj7QnW1Va9Hkk6BpRuLwSD7th0O8RiDEdpDg65p9s6z/N:LT17hp4Ugp+jvO","tlshash":"0a917f0fbc15df02dc3a6c7d113e8e7a14ccce778760d9b9819ecd491a066b22bd9881","size":4351,"data":"","first_seen":"2026-06-07T18:51:36.816751Z","last_seen":"2026-06-08T09:16:09.133816Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"401a08438867eb1f9f192503d7380b0d","sha1":"76b25fd246e5cf25c759d3a4ecccf8af2f8c4bfd","sha256":"2fd1dee253e88f2ed9db03b081ff9a69ed4fbca3f4eac0326b299e12f914f6ca","sha512":"5d48a3e0b8854660fd3791c71b6ce9bbb9257a9cd3af905a9edfd25836ae7bc290e1dc724ee40af3097bbf643dfaefec4454bead6c080cadfc0d2903521b3027","ssdeep":"","tlshash":"b24126ae6409de5aec6e7c1d083e6c36008d897b4ba4df75c2ddce101a4247d7be68c1","size":2157,"data":"","first_seen":"2026-06-07T18:51:36.817743Z","last_seen":"2026-06-07T18:52:00.147114Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"9c29bdf6e7e2467871737559f1979066","sha1":"ff6b201340c60a7309bc5d86ca2e91f608ea31e3","sha256":"7b024e5a84280f1092dad66c46f642b7a2976054b1e1e7081406d44f4cbff25e","sha512":"884d8b274599f0dcdfb8968fbeb69fa5c3007ff13ea8f4ef0ed0ad54e0974cd9b95e5ee134212520546eb9004c218de4bbdae25346b2c99a9a0abc48056c3300","ssdeep":"1536:rKI7C5+3//yU8fmuAaN1yGNkptBgGOZ8hZFQIxZ+:+2C5+3/6HmufgRtBzHFQIxZ+","tlshash":"4e73f80fa628d66bc5c35d4bb9bf6d7b756c804402d180bc6cfec11c02998bcd6bba94","size":75330,"data":"","first_seen":"2026-05-30T10:48:25.673218Z","last_seen":"2026-06-08T09:16:09.136838Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1579bdf15f121d614ee265bc92ffe4c5","sha1":"98f298c8e9242b97d4878f311d0a32ef2913e465","sha256":"98f9473b555f3ad547d04818a2bf4faf2bcbc8059db14fde9c88fcec054e5ce1","sha512":"e814deca83548ba7904a56e9d23751d99716b9b4eb9455a5e2ef846699e10180001aecc349d17766c7752c6113af43397937ce3f1ae63b21e62e295595f35402","ssdeep":"","tlshash":"b831133d3408d54ffdad781d127e6d3650d9457b07e49a7c9bc8df0148820bd6ba6d81","size":1581,"data":"","first_seen":"2026-05-30T10:48:25.674198Z","last_seen":"2026-06-10T16:06:19.479293Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"20f6029226c5906f47a991dd1b2ccc14","sha1":"32f55f3dbd5e29aab6d8ff2f1834205824fba801","sha256":"f8688629b858b53d50bdc465e6db3686e2669619d4435b93df8115dfd1d58a3c","sha512":"6f66b9a1939a5c4671476865b51374c31e6af2a31e9f6da1cac90e41aecddb2bb1de1f6f58dc5a18bcf0fa4046d5435b68da9ba77d1b515f26cc1e07615a48f2","ssdeep":"","tlshash":"58c0c090dc42cc1cc3660f221c3b0c3921ccc56403854106ddc6ce280d81b300db1ec9","size":185,"data":"","first_seen":"2026-01-04T13:03:57.379578Z","last_seen":"2026-06-20T03:27:53.752735Z","times_seen":74,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ceee8730945e5d972afd3f4cfa29a618","sha1":"da54e15ef1e05e77d7b1fb88d72b3887a2077535","sha256":"1dc66398c54bad9970282e54bf7f95d2a6afccde525ff62e80d782cc641ab3df","sha512":"cf35db9b630a7c0bf00b1c5c419782f89a0810116970c46e2f27697f08b08daf104632bef2823388afe93e5b47921c3f4bac3b3ec3b9b8aac013d26496a727bc","ssdeep":"","tlshash":"8c41c0637c28fd05cb82de0d197b7cb850c9ca92876199baf284cc0040abc346bf0e85","size":2209,"data":"","first_seen":"2026-06-07T18:51:36.820476Z","last_seen":"2026-06-07T18:52:00.149457Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0gq5us0dathdz.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"41b9c6444110cb618b6c927b4a2e4283","sha1":"5a25259c11f58e44a76a9bf294c26ddc02f8c12b","sha256":"2aebb627a94ef516e0481423c93daefe9a99c3d3b6b2ff73c5f8cc07fef1a16b","sha512":"90c33c45c0ccbcd0d503ecdf90263d29c010d74a3227d637eec984a7b209ed7afbd9b84c38b1f306c77ff9285fa8df676d3418c89b1fa16635c6e25f9763336c","ssdeep":"96:JF6z0LATueN1153FHjLW0CpmFVshMh+VzaIzg63Xr:LoXz17201ehMYVB93Xr","tlshash":"9ea166b51b1c63ecbc43d1382726605b536fa6bfb1da94704f9e9ba084e3488f393455","size":4975,"data":"","first_seen":"2026-05-30T10:48:25.62592Z","last_seen":"2026-06-10T16:06:19.461892Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0_b~x.6tnok...js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e65bcef28863f0d239038919e2e6e2f7","sha1":"717493888e7524bc285a7ecf735f74663ab7af6b","sha256":"6f8a314eb5b954968fbbac836c9d912749db226e2670bce62a43011b2646d724","sha512":"4056be2ddfcda58c4bd9c924b1daab4360ef321ba1aa8bd5ee60a801c7c0928868cdb2fb1b98b54dfaa7638be758c30528faafb415fe9f87904a3c58ab9486d1","ssdeep":"","tlshash":"f47164c9b2e2f8bb83675091403f205bf27e0ce1481e9594e7a564ebb96065d81f2f68","size":3551,"data":"","first_seen":"2026-05-09T23:27:51.106594Z","last_seen":"2026-06-10T16:06:19.416456Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/07font_ji0u27.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"844ca04584c3d6199ccaa3d3710e04b7","sha1":"bf5cd90422a77983d1d2a50435d7c0d0366b9db3","sha256":"7a9a9ff9a898c5653c9e174e4376a0de420d683f366082d804cdb33ffe608173","sha512":"b70a5ad58a34cc6bd06f110f703c63967b2c6bfe8d2c63bfc8b507b8557daa641f3c073d70d4294121c7d36c44fc8edf977af7e72dfa841e9a4f5e41b48be7ff","ssdeep":"1536:j1A+g9MEnjxzsYoyWZCYC3zWxvOcyN+PYApz0Hpsv6aYcafemr/WSeS0K6j8EknR:YTjxlofZrLvOcyN+HNYcammSSF0JjMXB","tlshash":"9bd3f6f935d2f482076b50aac03f0006f22c4d77189e6860e3e5edda756465de1b3faa","size":137449,"data":"","first_seen":"2026-05-13T14:24:18.078197Z","last_seen":"2026-06-19T19:10:17.360725Z","times_seen":73,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1a6e1178e4bbf5730bd664a49dd3bc24","sha1":"17c3ae3273f9de6afbbdedf2e413dbb3a6722792","sha256":"3814cddd18b2095e01abb745a99e5ada90178e709c09879324c3b623f2d829ea","sha512":"cfb1aab0bf589e33fd12906f448ddbbf7163420a088de513b174304c9ba3a7abcd9b41c98bc4dd51edd0206c1fe4660db9857e3c6163d1bf50c670cefddee509","ssdeep":"","tlshash":"de9002b090c39c5890264186687100160b6c040c01080141132184d810115048e40d8e","size":43,"data":"","first_seen":"2023-03-13T01:07:12Z","last_seen":"2026-06-21T21:31:09.33262Z","times_seen":168534,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1ed179fa9ca9636c684b078ebaa609b7","sha1":"e248aa2dc27f6b8339affce7bb8e0a8c55927764","sha256":"824f9055d888eab034d55ca83557b517d89bb3c132027a517983ef7756ba04e6","sha512":"ef3570cadad06433dd28d02739320f5e81bfb518a7f442fba79e3459d50d4bfb4507cdb205ed8de0d7241ccc8adad5b638d28711d27f0d73ef53c57638bf0216","ssdeep":"48:LttePFteGVWCNnKjLc6v/dG77OUiVrs6FolqteXteQteGBtecyteGVWCNnKjLc6V:LcXPyDawPyDC2nPyD6PyDEFR","tlshash":"2d91ca1bdd0efd103d21ceae546e0f32aad1dc33a4761a2ca62dd9dc41219b657ee8c1","size":4344,"data":"","first_seen":"2026-06-07T18:51:36.812694Z","last_seen":"2026-06-10T16:06:19.473074Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"87789c15d6b3dbb94b28bdcd672aed2f","sha1":"267b3e13eb236b374b5bd0721ef281d09e11343b","sha256":"d7e0d2e507dc8a5b9f31fdca10292e8bfa29a891d12606e4bea729a276d15973","sha512":"704db0010823ebe2f2a5b47362edd06109e8e4d21f5a53659e6291890c8f920778012d13f5ec1dae00bf9ebb55361baa9fe5c1c7646b49e629498bf1c8979075","ssdeep":"48:LQGVWCNnKjLc6v/dG77OUiVXoteGVWCNnKjLc6v/dG77OUiVXqyWtec9tec9teGq:LVPyDUPyDsLPyDoPyD3PyDE","tlshash":"7991981bcd0afd203d20ceae507e0f32aac1dc37a4761a2ca76cd9dc5121a7657e98c1","size":4338,"data":"","first_seen":"2026-06-07T18:51:36.814076Z","last_seen":"2026-06-10T16:06:19.473953Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"48a30c28630a8a067f292126301ea9ee","sha1":"3fa2deb03cd70a67d2df76d4dd6f88b49bd27d40","sha256":"a9ad092323596b2a9e3398af288fa451853c98ccb3679f01ffe71b9b6678949e","sha512":"943d9167d02627cbb63b88cd18198ff22bb03ede001f4d502d44d5fd44a1dbe0a23afe7484e1a8cdaeab3489b046e071a2cab6d54a85d12512aba9e98f3cc59f","ssdeep":"","tlshash":"0841001ace0efd113d21ceae542e0f36aec0cc379176552db66cda9c522297617de8c1","size":2194,"data":"","first_seen":"2026-06-07T18:51:36.815728Z","last_seen":"2026-06-10T16:06:19.474837Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"db11281163971d1811c3be69a8138f95","sha1":"be9cfab67ffe3e1f417b3e8688852d89f27b11a1","sha256":"9398beecae8166f0eab4480be040f205b93c712bcedfe1f0478fe42cf5eeea37","sha512":"d3e9f134f23b8620034b49edc1cb68a557417498ff1f00a62165ea8915b1101a05b69eecd4bef6c3e16d79c08c3bf2b5060dbf60f48295990d01928719bd8703","ssdeep":"48:LZMAb/+qjSu3OD2Zi/+uj7QnW1Va9Hkk6BpRuLwSD7th0O8RiDEdpDg65p9s6z/N:LT17hp4Ugp+jvO","tlshash":"0a917f0fbc15df02dc3a6c7d113e8e7a14ccce778760d9b9819ecd491a066b22bd9881","size":4351,"data":"","first_seen":"2026-06-07T18:51:36.816751Z","last_seen":"2026-06-08T09:16:09.133816Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"401a08438867eb1f9f192503d7380b0d","sha1":"76b25fd246e5cf25c759d3a4ecccf8af2f8c4bfd","sha256":"2fd1dee253e88f2ed9db03b081ff9a69ed4fbca3f4eac0326b299e12f914f6ca","sha512":"5d48a3e0b8854660fd3791c71b6ce9bbb9257a9cd3af905a9edfd25836ae7bc290e1dc724ee40af3097bbf643dfaefec4454bead6c080cadfc0d2903521b3027","ssdeep":"","tlshash":"b24126ae6409de5aec6e7c1d083e6c36008d897b4ba4df75c2ddce101a4247d7be68c1","size":2157,"data":"","first_seen":"2026-06-07T18:51:36.817743Z","last_seen":"2026-06-07T18:52:00.147114Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"9c29bdf6e7e2467871737559f1979066","sha1":"ff6b201340c60a7309bc5d86ca2e91f608ea31e3","sha256":"7b024e5a84280f1092dad66c46f642b7a2976054b1e1e7081406d44f4cbff25e","sha512":"884d8b274599f0dcdfb8968fbeb69fa5c3007ff13ea8f4ef0ed0ad54e0974cd9b95e5ee134212520546eb9004c218de4bbdae25346b2c99a9a0abc48056c3300","ssdeep":"1536:rKI7C5+3//yU8fmuAaN1yGNkptBgGOZ8hZFQIxZ+:+2C5+3/6HmufgRtBzHFQIxZ+","tlshash":"4e73f80fa628d66bc5c35d4bb9bf6d7b756c804402d180bc6cfec11c02998bcd6bba94","size":75330,"data":"","first_seen":"2026-05-30T10:48:25.673218Z","last_seen":"2026-06-08T09:16:09.136838Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1579bdf15f121d614ee265bc92ffe4c5","sha1":"98f298c8e9242b97d4878f311d0a32ef2913e465","sha256":"98f9473b555f3ad547d04818a2bf4faf2bcbc8059db14fde9c88fcec054e5ce1","sha512":"e814deca83548ba7904a56e9d23751d99716b9b4eb9455a5e2ef846699e10180001aecc349d17766c7752c6113af43397937ce3f1ae63b21e62e295595f35402","ssdeep":"","tlshash":"b831133d3408d54ffdad781d127e6d3650d9457b07e49a7c9bc8df0148820bd6ba6d81","size":1581,"data":"","first_seen":"2026-05-30T10:48:25.674198Z","last_seen":"2026-06-10T16:06:19.479293Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"20f6029226c5906f47a991dd1b2ccc14","sha1":"32f55f3dbd5e29aab6d8ff2f1834205824fba801","sha256":"f8688629b858b53d50bdc465e6db3686e2669619d4435b93df8115dfd1d58a3c","sha512":"6f66b9a1939a5c4671476865b51374c31e6af2a31e9f6da1cac90e41aecddb2bb1de1f6f58dc5a18bcf0fa4046d5435b68da9ba77d1b515f26cc1e07615a48f2","ssdeep":"","tlshash":"58c0c090dc42cc1cc3660f221c3b0c3921ccc56403854106ddc6ce280d81b300db1ec9","size":185,"data":"","first_seen":"2026-01-04T13:03:57.379578Z","last_seen":"2026-06-20T03:27:53.752735Z","times_seen":74,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ceee8730945e5d972afd3f4cfa29a618","sha1":"da54e15ef1e05e77d7b1fb88d72b3887a2077535","sha256":"1dc66398c54bad9970282e54bf7f95d2a6afccde525ff62e80d782cc641ab3df","sha512":"cf35db9b630a7c0bf00b1c5c419782f89a0810116970c46e2f27697f08b08daf104632bef2823388afe93e5b47921c3f4bac3b3ec3b9b8aac013d26496a727bc","ssdeep":"","tlshash":"8c41c0637c28fd05cb82de0d197b7cb850c9ca92876199baf284cc0040abc346bf0e85","size":2209,"data":"","first_seen":"2026-06-07T18:51:36.820476Z","last_seen":"2026-06-07T18:52:00.149457Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1a6e1178e4bbf5730bd664a49dd3bc24","sha1":"17c3ae3273f9de6afbbdedf2e413dbb3a6722792","sha256":"3814cddd18b2095e01abb745a99e5ada90178e709c09879324c3b623f2d829ea","sha512":"cfb1aab0bf589e33fd12906f448ddbbf7163420a088de513b174304c9ba3a7abcd9b41c98bc4dd51edd0206c1fe4660db9857e3c6163d1bf50c670cefddee509","ssdeep":"","tlshash":"de9002b090c39c5890264186687100160b6c040c01080141132184d810115048e40d8e","size":43,"data":"","first_seen":"2023-03-13T01:07:12Z","last_seen":"2026-06-21T21:31:09.33262Z","times_seen":168534,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1ed179fa9ca9636c684b078ebaa609b7","sha1":"e248aa2dc27f6b8339affce7bb8e0a8c55927764","sha256":"824f9055d888eab034d55ca83557b517d89bb3c132027a517983ef7756ba04e6","sha512":"ef3570cadad06433dd28d02739320f5e81bfb518a7f442fba79e3459d50d4bfb4507cdb205ed8de0d7241ccc8adad5b638d28711d27f0d73ef53c57638bf0216","ssdeep":"48:LttePFteGVWCNnKjLc6v/dG77OUiVrs6FolqteXteQteGBtecyteGVWCNnKjLc6V:LcXPyDawPyDC2nPyD6PyDEFR","tlshash":"2d91ca1bdd0efd103d21ceae546e0f32aad1dc33a4761a2ca62dd9dc41219b657ee8c1","size":4344,"data":"","first_seen":"2026-06-07T18:51:36.812694Z","last_seen":"2026-06-10T16:06:19.473074Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"87789c15d6b3dbb94b28bdcd672aed2f","sha1":"267b3e13eb236b374b5bd0721ef281d09e11343b","sha256":"d7e0d2e507dc8a5b9f31fdca10292e8bfa29a891d12606e4bea729a276d15973","sha512":"704db0010823ebe2f2a5b47362edd06109e8e4d21f5a53659e6291890c8f920778012d13f5ec1dae00bf9ebb55361baa9fe5c1c7646b49e629498bf1c8979075","ssdeep":"48:LQGVWCNnKjLc6v/dG77OUiVXoteGVWCNnKjLc6v/dG77OUiVXqyWtec9tec9teGq:LVPyDUPyDsLPyDoPyD3PyDE","tlshash":"7991981bcd0afd203d20ceae507e0f32aac1dc37a4761a2ca76cd9dc5121a7657e98c1","size":4338,"data":"","first_seen":"2026-06-07T18:51:36.814076Z","last_seen":"2026-06-10T16:06:19.473953Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"48a30c28630a8a067f292126301ea9ee","sha1":"3fa2deb03cd70a67d2df76d4dd6f88b49bd27d40","sha256":"a9ad092323596b2a9e3398af288fa451853c98ccb3679f01ffe71b9b6678949e","sha512":"943d9167d02627cbb63b88cd18198ff22bb03ede001f4d502d44d5fd44a1dbe0a23afe7484e1a8cdaeab3489b046e071a2cab6d54a85d12512aba9e98f3cc59f","ssdeep":"","tlshash":"0841001ace0efd113d21ceae542e0f36aec0cc379176552db66cda9c522297617de8c1","size":2194,"data":"","first_seen":"2026-06-07T18:51:36.815728Z","last_seen":"2026-06-10T16:06:19.474837Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"db11281163971d1811c3be69a8138f95","sha1":"be9cfab67ffe3e1f417b3e8688852d89f27b11a1","sha256":"9398beecae8166f0eab4480be040f205b93c712bcedfe1f0478fe42cf5eeea37","sha512":"d3e9f134f23b8620034b49edc1cb68a557417498ff1f00a62165ea8915b1101a05b69eecd4bef6c3e16d79c08c3bf2b5060dbf60f48295990d01928719bd8703","ssdeep":"48:LZMAb/+qjSu3OD2Zi/+uj7QnW1Va9Hkk6BpRuLwSD7th0O8RiDEdpDg65p9s6z/N:LT17hp4Ugp+jvO","tlshash":"0a917f0fbc15df02dc3a6c7d113e8e7a14ccce778760d9b9819ecd491a066b22bd9881","size":4351,"data":"","first_seen":"2026-06-07T18:51:36.816751Z","last_seen":"2026-06-08T09:16:09.133816Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"401a08438867eb1f9f192503d7380b0d","sha1":"76b25fd246e5cf25c759d3a4ecccf8af2f8c4bfd","sha256":"2fd1dee253e88f2ed9db03b081ff9a69ed4fbca3f4eac0326b299e12f914f6ca","sha512":"5d48a3e0b8854660fd3791c71b6ce9bbb9257a9cd3af905a9edfd25836ae7bc290e1dc724ee40af3097bbf643dfaefec4454bead6c080cadfc0d2903521b3027","ssdeep":"","tlshash":"b24126ae6409de5aec6e7c1d083e6c36008d897b4ba4df75c2ddce101a4247d7be68c1","size":2157,"data":"","first_seen":"2026-06-07T18:51:36.817743Z","last_seen":"2026-06-07T18:52:00.147114Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"9c29bdf6e7e2467871737559f1979066","sha1":"ff6b201340c60a7309bc5d86ca2e91f608ea31e3","sha256":"7b024e5a84280f1092dad66c46f642b7a2976054b1e1e7081406d44f4cbff25e","sha512":"884d8b274599f0dcdfb8968fbeb69fa5c3007ff13ea8f4ef0ed0ad54e0974cd9b95e5ee134212520546eb9004c218de4bbdae25346b2c99a9a0abc48056c3300","ssdeep":"1536:rKI7C5+3//yU8fmuAaN1yGNkptBgGOZ8hZFQIxZ+:+2C5+3/6HmufgRtBzHFQIxZ+","tlshash":"4e73f80fa628d66bc5c35d4bb9bf6d7b756c804402d180bc6cfec11c02998bcd6bba94","size":75330,"data":"","first_seen":"2026-05-30T10:48:25.673218Z","last_seen":"2026-06-08T09:16:09.136838Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1579bdf15f121d614ee265bc92ffe4c5","sha1":"98f298c8e9242b97d4878f311d0a32ef2913e465","sha256":"98f9473b555f3ad547d04818a2bf4faf2bcbc8059db14fde9c88fcec054e5ce1","sha512":"e814deca83548ba7904a56e9d23751d99716b9b4eb9455a5e2ef846699e10180001aecc349d17766c7752c6113af43397937ce3f1ae63b21e62e295595f35402","ssdeep":"","tlshash":"b831133d3408d54ffdad781d127e6d3650d9457b07e49a7c9bc8df0148820bd6ba6d81","size":1581,"data":"","first_seen":"2026-05-30T10:48:25.674198Z","last_seen":"2026-06-10T16:06:19.479293Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"20f6029226c5906f47a991dd1b2ccc14","sha1":"32f55f3dbd5e29aab6d8ff2f1834205824fba801","sha256":"f8688629b858b53d50bdc465e6db3686e2669619d4435b93df8115dfd1d58a3c","sha512":"6f66b9a1939a5c4671476865b51374c31e6af2a31e9f6da1cac90e41aecddb2bb1de1f6f58dc5a18bcf0fa4046d5435b68da9ba77d1b515f26cc1e07615a48f2","ssdeep":"","tlshash":"58c0c090dc42cc1cc3660f221c3b0c3921ccc56403854106ddc6ce280d81b300db1ec9","size":185,"data":"","first_seen":"2026-01-04T13:03:57.379578Z","last_seen":"2026-06-20T03:27:53.752735Z","times_seen":74,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ceee8730945e5d972afd3f4cfa29a618","sha1":"da54e15ef1e05e77d7b1fb88d72b3887a2077535","sha256":"1dc66398c54bad9970282e54bf7f95d2a6afccde525ff62e80d782cc641ab3df","sha512":"cf35db9b630a7c0bf00b1c5c419782f89a0810116970c46e2f27697f08b08daf104632bef2823388afe93e5b47921c3f4bac3b3ec3b9b8aac013d26496a727bc","ssdeep":"","tlshash":"8c41c0637c28fd05cb82de0d197b7cb850c9ca92876199baf284cc0040abc346bf0e85","size":2209,"data":"","first_seen":"2026-06-07T18:51:36.820476Z","last_seen":"2026-06-07T18:52:00.149457Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0jxg8u~p~fktx.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"75afc5935939d782a0f7de52aac4148d","sha1":"a7294862e84b97610510e09c6aaacf525a9ea366","sha256":"ede8f2f9998b003ec8186f039e3d961276792494ca4e6328fd950ba34a200ce6","sha512":"fc94a7e49443e0ed6101a72949634ffba0474fb5c8ccaabc1cb17fd8954689ef503c0b6864d3d98a38b81fe6ca1f6a81d17d583105bac5e19cc553f05ddb4d0c","ssdeep":"","tlshash":"b23145752b0c11fd988dd1a45b2bb103103db15770ff04305a9c5e88ebd35c9f0a669b","size":1703,"data":"","first_seen":"2026-05-30T10:48:25.558247Z","last_seen":"2026-06-10T16:06:19.462917Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/02qk0mar43-vc.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"298fb813395c5ba1d4b30b6300d77dd6","sha1":"6d1ea78ded9c061a8992617742e851bc67a4150c","sha256":"c51a4a2f29ee139968322f3117df0f7114f03502ab5123c48829c087461f84b7","sha512":"f0b7062c18d373b57861cad81997999a388c193d83cf06b5c7752f2c71fb3d784d9d5ba894fb0910cd336bd23333ea28693ec93d3059706577dd9dcd6b26cb9a","ssdeep":"1536:uOSyXFaRNRdXvrZFFecIJKchan/bv+IgHeCnndWhqwqjXQl37/l+VByHBBlUNGH:uOSAsRNPZFFecia/bv+IBCndWhqwqjX2","tlshash":"5953f9edd3e8a6e8a60adbf4c963545c3e6f34f9ab85895843d4a950e8740c8790dfc0","size":61859,"data":"","first_seen":"2026-05-30T10:48:25.602136Z","last_seen":"2026-06-10T16:06:19.428944Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0pqt~8bl3ukh4.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c621d697f789f9a625e80384da50359c","sha1":"21b6e9613cc917a5fa984be427364d03e5757cbc","sha256":"5261101892e2476e4346e19e86fd5f19cbcf7c765ff76e92eb9cefcc86b6db6a","sha512":"59a0ad4d3270e18ccc1178b7a1c8902793a70e88a518f01ce894d1d3335251953289630dcaa26b4c6d9a3b6bb5563b8845d5fabfc521878c382c7d2a56957ffa","ssdeep":"384:p7/A2dkTd93jBT0diRTRIpowbIBqjac/s+rPYjDExpCkKMny1V0U5+wQhKHAlwe4:BN8pcowkpc/s+zYXExp7ly1V0UVD","tlshash":"4513e7b132d4faa3539341e0e43f2016f2780d7520ad6470a7e89c9f754d88da6befa5","size":44414,"data":"","first_seen":"2026-03-18T18:55:57.705164Z","last_seen":"2026-06-21T21:28:06.299184Z","times_seen":7077,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0.c8994ibbdin.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"195c9cf17d38b49ab75468414bd618d7","sha1":"1b4489bc379bc5337669c307d29ddf19143ac790","sha256":"a8d5209f7e6e5f2fb2d3b3ac6cf661ffc2309bb78c402a395eae4c35cf5d00d8","sha512":"6990aee5eea92094ea4fa3711f43910aef1e56450ebd0861751e50670d28422d5ca93a26ee4dc73b36e00753f3a6c34459d59aa49135a0f55a6ee8e9c62513ff","ssdeep":"384:z93fT2HDJyrTzyDSSH0ZymskZvQ55LQP6RrY7T8t6YLI:l3r3yDSSUHvQ55LQP1/8tpI","tlshash":"b2923c743295fcd5525fc5c0e83f400ef7292d75a57db0a4b3fc58956aa0884b0a2fba","size":19847,"data":"","first_seen":"2026-05-30T10:48:25.558987Z","last_seen":"2026-06-10T16:06:19.430925Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/05eld2k6f.g~h.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a33d59ce9b2d6252018b01e2556207e4","sha1":"09a344a998fd9e2a38db056f36eeb14bf169d0aa","sha256":"ccb9dc68f2955dfd8711e64a77244581a4fcd72e3b4a7e85f78bc93a1081ca2e","sha512":"d509a2cae2ccf47251b0982abc6d48c106901d933fb551755a1bcbdcbb2863df8d1f4b980b2eff51e060da6f608f28e3394183e2c591e01d9abf4cb91618fb43","ssdeep":"","tlshash":"116174e5db6c52ec148991d80fa77306a34d7a7f74df8490aa5dcae4d2c7c49f023819","size":3382,"data":"","first_seen":"2026-05-30T10:48:25.624729Z","last_seen":"2026-06-10T16:06:19.440942Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/14j_td4d84u8g.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c10f57f530141d7fc34c72db63f5f256","sha1":"1bfff636adf06c64efaa9f32e144788161ef5383","sha256":"4bd1bcf0431916610a5570ba8cef3702c213cc20f81dac9b355d7d0ab48ede8d","sha512":"f83d3aa9b72828755c8f8480e1b91cefa097a053ba40bd0bf3cc8f6b665ac30763a366d955aaee33dfcc4e4782b11ad10dd1c628fc719eb7ebb039dcb50c40da","ssdeep":"","tlshash":"23319d30916ce4ae320b09925d3270f8c33e5aa6356da1b0c95feee0509b0d9db17c71","size":1681,"data":"","first_seen":"2026-05-30T10:48:25.606689Z","last_seen":"2026-06-10T16:06:19.43038Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0hi-oz4wpwmvw.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3280f1129fab559adbbf78f8054e0cfd","sha1":"f6e8f41f2b06f74e6137c10f17029da183319358","sha256":"84694cc80070364cf0d9dcab44aa675c5e3c31a61590ff24d5ce1d80819a6bff","sha512":"f2c38a8463827b6546d5d80495617b84089d0031300979fe7184a331ce0ec41141728a9bb10c6d4d69f539cfd3eceb5ed699c8ed92e7981fbc3df55b1b5f07a5","ssdeep":"","tlshash":"7e21f045d9485274a8c85170a372e012d0ef366f70cf74a4d76693a8d3e7c4a9e634bf","size":1239,"data":"","first_seen":"2026-05-30T10:48:25.580068Z","last_seen":"2026-06-10T16:06:19.459676Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/10s19bi1jo.gk.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d23ac5cc87d807c1ed706df398b147c7","sha1":"da31da2e6a01ffeda3278ce92d37e143bb7a1938","sha256":"4172eba18b5e5e644872f4926457cd9adf5a75a1f0bca00308ce4d41d89c942f","sha512":"5d2541f98e8aa0a01ade90896a52a769fc0571a1df30bb498bba46777c2c28f0ab0e0c98410e2c161a8cf3ff60df0e36a89ccb57695d03ddcc36eb4f49c69157","ssdeep":"1536:fx8OMBLvOv9rJEVYzcjRt9rQzsK1vE1sXFNAumTflef5GrBAUmBQ:fHfQaAOdNAuWZ","tlshash":"c6342258b3e4c2e94a88623b0dbb2509bdeb765dd0ba751862c4cd6cfa24fc45d1c7b0","size":251848,"data":"","first_seen":"2026-05-30T10:48:25.617642Z","last_seen":"2026-06-10T16:06:19.425563Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0m_p1bxtorv5i.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1206d27e928d82532620c2c2ebfc59e4","sha1":"87d795e244967699726115c25f142297f5e77be0","sha256":"204f4020f37e64c94f21ba40ef389e0658974451943f325cd5e8ff9a4fab90bb","sha512":"1a352e837c2948d57b763bda2f5fbadd34139da35cc240eddadeb22406d9abfbbf99df503bbe604090310b7c9a8a14b45b202813db485d3a5e8203b72065ea7e","ssdeep":"3072:cFJtqqM4OGLOg/VNqfxMtmcvlBibQBTGQHyXs0Mug98n+d0+w/:cFJtZxOGLOgNMMQQy8mO8n+d0+w/","tlshash":"c324fbe83955f662aab302b710af18037338252b280d4d60a251fdddb57845fb17bf9e","size":226355,"data":"","first_seen":"2026-05-08T23:34:30.397578Z","last_seen":"2026-06-21T21:41:44.693255Z","times_seen":428,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1a6e1178e4bbf5730bd664a49dd3bc24","sha1":"17c3ae3273f9de6afbbdedf2e413dbb3a6722792","sha256":"3814cddd18b2095e01abb745a99e5ada90178e709c09879324c3b623f2d829ea","sha512":"cfb1aab0bf589e33fd12906f448ddbbf7163420a088de513b174304c9ba3a7abcd9b41c98bc4dd51edd0206c1fe4660db9857e3c6163d1bf50c670cefddee509","ssdeep":"","tlshash":"de9002b090c39c5890264186687100160b6c040c01080141132184d810115048e40d8e","size":43,"data":"","first_seen":"2023-03-13T01:07:12Z","last_seen":"2026-06-21T21:31:09.33262Z","times_seen":168534,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1ed179fa9ca9636c684b078ebaa609b7","sha1":"e248aa2dc27f6b8339affce7bb8e0a8c55927764","sha256":"824f9055d888eab034d55ca83557b517d89bb3c132027a517983ef7756ba04e6","sha512":"ef3570cadad06433dd28d02739320f5e81bfb518a7f442fba79e3459d50d4bfb4507cdb205ed8de0d7241ccc8adad5b638d28711d27f0d73ef53c57638bf0216","ssdeep":"48:LttePFteGVWCNnKjLc6v/dG77OUiVrs6FolqteXteQteGBtecyteGVWCNnKjLc6V:LcXPyDawPyDC2nPyD6PyDEFR","tlshash":"2d91ca1bdd0efd103d21ceae546e0f32aad1dc33a4761a2ca62dd9dc41219b657ee8c1","size":4344,"data":"","first_seen":"2026-06-07T18:51:36.812694Z","last_seen":"2026-06-10T16:06:19.473074Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"87789c15d6b3dbb94b28bdcd672aed2f","sha1":"267b3e13eb236b374b5bd0721ef281d09e11343b","sha256":"d7e0d2e507dc8a5b9f31fdca10292e8bfa29a891d12606e4bea729a276d15973","sha512":"704db0010823ebe2f2a5b47362edd06109e8e4d21f5a53659e6291890c8f920778012d13f5ec1dae00bf9ebb55361baa9fe5c1c7646b49e629498bf1c8979075","ssdeep":"48:LQGVWCNnKjLc6v/dG77OUiVXoteGVWCNnKjLc6v/dG77OUiVXqyWtec9tec9teGq:LVPyDUPyDsLPyDoPyD3PyDE","tlshash":"7991981bcd0afd203d20ceae507e0f32aac1dc37a4761a2ca76cd9dc5121a7657e98c1","size":4338,"data":"","first_seen":"2026-06-07T18:51:36.814076Z","last_seen":"2026-06-10T16:06:19.473953Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"48a30c28630a8a067f292126301ea9ee","sha1":"3fa2deb03cd70a67d2df76d4dd6f88b49bd27d40","sha256":"a9ad092323596b2a9e3398af288fa451853c98ccb3679f01ffe71b9b6678949e","sha512":"943d9167d02627cbb63b88cd18198ff22bb03ede001f4d502d44d5fd44a1dbe0a23afe7484e1a8cdaeab3489b046e071a2cab6d54a85d12512aba9e98f3cc59f","ssdeep":"","tlshash":"0841001ace0efd113d21ceae542e0f36aec0cc379176552db66cda9c522297617de8c1","size":2194,"data":"","first_seen":"2026-06-07T18:51:36.815728Z","last_seen":"2026-06-10T16:06:19.474837Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"db11281163971d1811c3be69a8138f95","sha1":"be9cfab67ffe3e1f417b3e8688852d89f27b11a1","sha256":"9398beecae8166f0eab4480be040f205b93c712bcedfe1f0478fe42cf5eeea37","sha512":"d3e9f134f23b8620034b49edc1cb68a557417498ff1f00a62165ea8915b1101a05b69eecd4bef6c3e16d79c08c3bf2b5060dbf60f48295990d01928719bd8703","ssdeep":"48:LZMAb/+qjSu3OD2Zi/+uj7QnW1Va9Hkk6BpRuLwSD7th0O8RiDEdpDg65p9s6z/N:LT17hp4Ugp+jvO","tlshash":"0a917f0fbc15df02dc3a6c7d113e8e7a14ccce778760d9b9819ecd491a066b22bd9881","size":4351,"data":"","first_seen":"2026-06-07T18:51:36.816751Z","last_seen":"2026-06-08T09:16:09.133816Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"401a08438867eb1f9f192503d7380b0d","sha1":"76b25fd246e5cf25c759d3a4ecccf8af2f8c4bfd","sha256":"2fd1dee253e88f2ed9db03b081ff9a69ed4fbca3f4eac0326b299e12f914f6ca","sha512":"5d48a3e0b8854660fd3791c71b6ce9bbb9257a9cd3af905a9edfd25836ae7bc290e1dc724ee40af3097bbf643dfaefec4454bead6c080cadfc0d2903521b3027","ssdeep":"","tlshash":"b24126ae6409de5aec6e7c1d083e6c36008d897b4ba4df75c2ddce101a4247d7be68c1","size":2157,"data":"","first_seen":"2026-06-07T18:51:36.817743Z","last_seen":"2026-06-07T18:52:00.147114Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"9c29bdf6e7e2467871737559f1979066","sha1":"ff6b201340c60a7309bc5d86ca2e91f608ea31e3","sha256":"7b024e5a84280f1092dad66c46f642b7a2976054b1e1e7081406d44f4cbff25e","sha512":"884d8b274599f0dcdfb8968fbeb69fa5c3007ff13ea8f4ef0ed0ad54e0974cd9b95e5ee134212520546eb9004c218de4bbdae25346b2c99a9a0abc48056c3300","ssdeep":"1536:rKI7C5+3//yU8fmuAaN1yGNkptBgGOZ8hZFQIxZ+:+2C5+3/6HmufgRtBzHFQIxZ+","tlshash":"4e73f80fa628d66bc5c35d4bb9bf6d7b756c804402d180bc6cfec11c02998bcd6bba94","size":75330,"data":"","first_seen":"2026-05-30T10:48:25.673218Z","last_seen":"2026-06-08T09:16:09.136838Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1579bdf15f121d614ee265bc92ffe4c5","sha1":"98f298c8e9242b97d4878f311d0a32ef2913e465","sha256":"98f9473b555f3ad547d04818a2bf4faf2bcbc8059db14fde9c88fcec054e5ce1","sha512":"e814deca83548ba7904a56e9d23751d99716b9b4eb9455a5e2ef846699e10180001aecc349d17766c7752c6113af43397937ce3f1ae63b21e62e295595f35402","ssdeep":"","tlshash":"b831133d3408d54ffdad781d127e6d3650d9457b07e49a7c9bc8df0148820bd6ba6d81","size":1581,"data":"","first_seen":"2026-05-30T10:48:25.674198Z","last_seen":"2026-06-10T16:06:19.479293Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"20f6029226c5906f47a991dd1b2ccc14","sha1":"32f55f3dbd5e29aab6d8ff2f1834205824fba801","sha256":"f8688629b858b53d50bdc465e6db3686e2669619d4435b93df8115dfd1d58a3c","sha512":"6f66b9a1939a5c4671476865b51374c31e6af2a31e9f6da1cac90e41aecddb2bb1de1f6f58dc5a18bcf0fa4046d5435b68da9ba77d1b515f26cc1e07615a48f2","ssdeep":"","tlshash":"58c0c090dc42cc1cc3660f221c3b0c3921ccc56403854106ddc6ce280d81b300db1ec9","size":185,"data":"","first_seen":"2026-01-04T13:03:57.379578Z","last_seen":"2026-06-20T03:27:53.752735Z","times_seen":74,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ceee8730945e5d972afd3f4cfa29a618","sha1":"da54e15ef1e05e77d7b1fb88d72b3887a2077535","sha256":"1dc66398c54bad9970282e54bf7f95d2a6afccde525ff62e80d782cc641ab3df","sha512":"cf35db9b630a7c0bf00b1c5c419782f89a0810116970c46e2f27697f08b08daf104632bef2823388afe93e5b47921c3f4bac3b3ec3b9b8aac013d26496a727bc","ssdeep":"","tlshash":"8c41c0637c28fd05cb82de0d197b7cb850c9ca92876199baf284cc0040abc346bf0e85","size":2209,"data":"","first_seen":"2026-06-07T18:51:36.820476Z","last_seen":"2026-06-07T18:52:00.149457Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1a6e1178e4bbf5730bd664a49dd3bc24","sha1":"17c3ae3273f9de6afbbdedf2e413dbb3a6722792","sha256":"3814cddd18b2095e01abb745a99e5ada90178e709c09879324c3b623f2d829ea","sha512":"cfb1aab0bf589e33fd12906f448ddbbf7163420a088de513b174304c9ba3a7abcd9b41c98bc4dd51edd0206c1fe4660db9857e3c6163d1bf50c670cefddee509","ssdeep":"","tlshash":"de9002b090c39c5890264186687100160b6c040c01080141132184d810115048e40d8e","size":43,"data":"","first_seen":"2023-03-13T01:07:12Z","last_seen":"2026-06-21T21:31:09.33262Z","times_seen":168534,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1ed179fa9ca9636c684b078ebaa609b7","sha1":"e248aa2dc27f6b8339affce7bb8e0a8c55927764","sha256":"824f9055d888eab034d55ca83557b517d89bb3c132027a517983ef7756ba04e6","sha512":"ef3570cadad06433dd28d02739320f5e81bfb518a7f442fba79e3459d50d4bfb4507cdb205ed8de0d7241ccc8adad5b638d28711d27f0d73ef53c57638bf0216","ssdeep":"48:LttePFteGVWCNnKjLc6v/dG77OUiVrs6FolqteXteQteGBtecyteGVWCNnKjLc6V:LcXPyDawPyDC2nPyD6PyDEFR","tlshash":"2d91ca1bdd0efd103d21ceae546e0f32aad1dc33a4761a2ca62dd9dc41219b657ee8c1","size":4344,"data":"","first_seen":"2026-06-07T18:51:36.812694Z","last_seen":"2026-06-10T16:06:19.473074Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"87789c15d6b3dbb94b28bdcd672aed2f","sha1":"267b3e13eb236b374b5bd0721ef281d09e11343b","sha256":"d7e0d2e507dc8a5b9f31fdca10292e8bfa29a891d12606e4bea729a276d15973","sha512":"704db0010823ebe2f2a5b47362edd06109e8e4d21f5a53659e6291890c8f920778012d13f5ec1dae00bf9ebb55361baa9fe5c1c7646b49e629498bf1c8979075","ssdeep":"48:LQGVWCNnKjLc6v/dG77OUiVXoteGVWCNnKjLc6v/dG77OUiVXqyWtec9tec9teGq:LVPyDUPyDsLPyDoPyD3PyDE","tlshash":"7991981bcd0afd203d20ceae507e0f32aac1dc37a4761a2ca76cd9dc5121a7657e98c1","size":4338,"data":"","first_seen":"2026-06-07T18:51:36.814076Z","last_seen":"2026-06-10T16:06:19.473953Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"48a30c28630a8a067f292126301ea9ee","sha1":"3fa2deb03cd70a67d2df76d4dd6f88b49bd27d40","sha256":"a9ad092323596b2a9e3398af288fa451853c98ccb3679f01ffe71b9b6678949e","sha512":"943d9167d02627cbb63b88cd18198ff22bb03ede001f4d502d44d5fd44a1dbe0a23afe7484e1a8cdaeab3489b046e071a2cab6d54a85d12512aba9e98f3cc59f","ssdeep":"","tlshash":"0841001ace0efd113d21ceae542e0f36aec0cc379176552db66cda9c522297617de8c1","size":2194,"data":"","first_seen":"2026-06-07T18:51:36.815728Z","last_seen":"2026-06-10T16:06:19.474837Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"db11281163971d1811c3be69a8138f95","sha1":"be9cfab67ffe3e1f417b3e8688852d89f27b11a1","sha256":"9398beecae8166f0eab4480be040f205b93c712bcedfe1f0478fe42cf5eeea37","sha512":"d3e9f134f23b8620034b49edc1cb68a557417498ff1f00a62165ea8915b1101a05b69eecd4bef6c3e16d79c08c3bf2b5060dbf60f48295990d01928719bd8703","ssdeep":"48:LZMAb/+qjSu3OD2Zi/+uj7QnW1Va9Hkk6BpRuLwSD7th0O8RiDEdpDg65p9s6z/N:LT17hp4Ugp+jvO","tlshash":"0a917f0fbc15df02dc3a6c7d113e8e7a14ccce778760d9b9819ecd491a066b22bd9881","size":4351,"data":"","first_seen":"2026-06-07T18:51:36.816751Z","last_seen":"2026-06-08T09:16:09.133816Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"401a08438867eb1f9f192503d7380b0d","sha1":"76b25fd246e5cf25c759d3a4ecccf8af2f8c4bfd","sha256":"2fd1dee253e88f2ed9db03b081ff9a69ed4fbca3f4eac0326b299e12f914f6ca","sha512":"5d48a3e0b8854660fd3791c71b6ce9bbb9257a9cd3af905a9edfd25836ae7bc290e1dc724ee40af3097bbf643dfaefec4454bead6c080cadfc0d2903521b3027","ssdeep":"","tlshash":"b24126ae6409de5aec6e7c1d083e6c36008d897b4ba4df75c2ddce101a4247d7be68c1","size":2157,"data":"","first_seen":"2026-06-07T18:51:36.817743Z","last_seen":"2026-06-07T18:52:00.147114Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"9c29bdf6e7e2467871737559f1979066","sha1":"ff6b201340c60a7309bc5d86ca2e91f608ea31e3","sha256":"7b024e5a84280f1092dad66c46f642b7a2976054b1e1e7081406d44f4cbff25e","sha512":"884d8b274599f0dcdfb8968fbeb69fa5c3007ff13ea8f4ef0ed0ad54e0974cd9b95e5ee134212520546eb9004c218de4bbdae25346b2c99a9a0abc48056c3300","ssdeep":"1536:rKI7C5+3//yU8fmuAaN1yGNkptBgGOZ8hZFQIxZ+:+2C5+3/6HmufgRtBzHFQIxZ+","tlshash":"4e73f80fa628d66bc5c35d4bb9bf6d7b756c804402d180bc6cfec11c02998bcd6bba94","size":75330,"data":"","first_seen":"2026-05-30T10:48:25.673218Z","last_seen":"2026-06-08T09:16:09.136838Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1579bdf15f121d614ee265bc92ffe4c5","sha1":"98f298c8e9242b97d4878f311d0a32ef2913e465","sha256":"98f9473b555f3ad547d04818a2bf4faf2bcbc8059db14fde9c88fcec054e5ce1","sha512":"e814deca83548ba7904a56e9d23751d99716b9b4eb9455a5e2ef846699e10180001aecc349d17766c7752c6113af43397937ce3f1ae63b21e62e295595f35402","ssdeep":"","tlshash":"b831133d3408d54ffdad781d127e6d3650d9457b07e49a7c9bc8df0148820bd6ba6d81","size":1581,"data":"","first_seen":"2026-05-30T10:48:25.674198Z","last_seen":"2026-06-10T16:06:19.479293Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"20f6029226c5906f47a991dd1b2ccc14","sha1":"32f55f3dbd5e29aab6d8ff2f1834205824fba801","sha256":"f8688629b858b53d50bdc465e6db3686e2669619d4435b93df8115dfd1d58a3c","sha512":"6f66b9a1939a5c4671476865b51374c31e6af2a31e9f6da1cac90e41aecddb2bb1de1f6f58dc5a18bcf0fa4046d5435b68da9ba77d1b515f26cc1e07615a48f2","ssdeep":"","tlshash":"58c0c090dc42cc1cc3660f221c3b0c3921ccc56403854106ddc6ce280d81b300db1ec9","size":185,"data":"","first_seen":"2026-01-04T13:03:57.379578Z","last_seen":"2026-06-20T03:27:53.752735Z","times_seen":74,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ceee8730945e5d972afd3f4cfa29a618","sha1":"da54e15ef1e05e77d7b1fb88d72b3887a2077535","sha256":"1dc66398c54bad9970282e54bf7f95d2a6afccde525ff62e80d782cc641ab3df","sha512":"cf35db9b630a7c0bf00b1c5c419782f89a0810116970c46e2f27697f08b08daf104632bef2823388afe93e5b47921c3f4bac3b3ec3b9b8aac013d26496a727bc","ssdeep":"","tlshash":"8c41c0637c28fd05cb82de0d197b7cb850c9ca92876199baf284cc0040abc346bf0e85","size":2209,"data":"","first_seen":"2026-06-07T18:51:36.820476Z","last_seen":"2026-06-07T18:52:00.149457Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0kp-2ej7dl~sr.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d57ad55edbed6de4ca7f974653e30a81","sha1":"80c38754f0d3253d3a88a7d069dd7080b8dc0e5f","sha256":"d68882b24cfd793dab4aa91f0eeb59419b4fdb215f69042145d666e78cef4bb0","sha512":"74380831f7c0eb1372956c5275682c80bb68b5cf912bcb377e920a710a325796af59b093e1e8ae918664c6f2e52994627aa546f0635eefe5d179170165af3817","ssdeep":"384:csBf9X7g7156bFleYoB15xmrLn7ERIWvd7//+bH4p2BGKDLc:cyX7g71ULgGLnoCWF//+ED","tlshash":"7b72846dc14473fc8dd447f445267071698e12df30d9aa6caaa988e077a30dcd6eac8b","size":17521,"data":"","first_seen":"2026-05-30T10:48:25.62983Z","last_seen":"2026-06-10T16:06:19.420959Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0tergj_hqkn7i.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"381218a60caf159c474c0371dc34029e","sha1":"0b6dd364c3fee70bf5b4c75b1e58942f4fa12cea","sha256":"aac85f662f3dcf66534bbd32a2f40f78a32b865be7f430e32af80e122cef857f","sha512":"72d25afc2094afb3e9dba7413029707a1424f712cdb28340e75c2b7bdcb122f35d69035161f76f47ed7e4ffa0be2d32485944e50babced4ff34582df19d3c099","ssdeep":"96:HVK+tlwyJK7HP8SV+Fdyt6hj3AZH4CUXSNRYXQ5RnAQoKVxIl3l0ql/wGP/2o400:4HhV+FdfFs4CUXSPAIxODl4G32o4c0","tlshash":"d7e185dbfad833f0908557745323a156b23f3c7f36cfd5d5878585c4526948ce26a80a","size":7428,"data":"","first_seen":"2026-05-30T10:48:25.590114Z","last_seen":"2026-06-10T16:06:19.426046Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fvip%2Fsapphire.png\u0026w=32\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.406Z","timestamp":1780858263406,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fvip%2Fsapphire.png\u0026w=32\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: WzWbqplCNzb4nTbHSzHz6uCt1yC40dNEvYbXWJYCKrk\r\ncontent-disposition: attachment; filename=\"sapphire.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OYHGhlP3sOmWXQqzidIC5vXhd7gxFNjA1WrOqba6rFp7gd4F4meZi6%2B6q64VwkLlARCtiZMbqmQGrsS2hQqdJSqvS%2FAWTlKIm0VGghSYhl4HrRjrmv4FOsSw2AC9iw%3D%3D\"}]}\r\ncontent-length: 1036\r\ncf-ray: a081d892485b4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1036,"size_decoded":2158,"mime_type":"image/webp","magic":"ASCII text, with very long lines (1386), with no line terminators","md5":"100eddd37791812862b88d4d994a63a7","sha1":"010ae3963f51f0c2b7f6b311841633982261f891","sha256":"205b0b328969093cc71fdb8e1e6a117dcdb46991167a9afed7924782304a9946","sha512":"ad3bd6807ac34737c12b25e32047c712e555eb3fb90dc6b868e57a8716e81be87f4597e0744752542e0afffe0f38385e27e6a25fa412d9e2840ef4335fe7ec02","ssdeep":"","tlshash":"5021e9a37b7bcdf1863b23a12a438188e1d64a4544718e27f581afe1e78ed4545002d6","first_seen":"2026-06-07T18:51:36.727876Z","last_seen":"2026-06-07T18:57:17.974876Z","times_seen":3,"resource_available":false,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0sq6ukp44ft65.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:01.677Z","timestamp":1780858261677,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/static/chunks/0sq6ukp44ft65.js HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:01 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-security-policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; object-src 'none'; img-src 'self' data: blob: https://www.facebook.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://pbs.twimg.com https://analytics.twitter.com https://t.co https: ; font-src 'self' data: https://fonts.gstatic.com https://gstatic.com https: ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https: ; script-src 'self' 'unsafe-inline' https://connect.facebook.net https://www.googletagmanager.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://static.ads-twitter.com https://analytics.twitter.com https://apis.google.com https://www.gstatic.com https://ssl.gstatic.com https://storage.googleapis.com https://*.googleapis.com https: ; connect-src 'self' wss: https://www.facebook.com https://connect.facebook.net https://www.google-analytics.com https://analytics.google.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ads-twitter.com https://analytics.twitter.com https://api.twitter.com https://*.googleapis.com https://translate.googleapis.com https://*.gstatic.com https://storage.googleapis.com https: ; frame-src 'self' https://www.googletagmanager.com https://td.doubleclick.net https://www.google.com https://www.gstatic.com ; media-src 'self' blob: data: https://storage.googleapis.com https: ; worker-src 'self' blob: ; upgrade-insecure-requests;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Sun, 07 Jun 2026 00:48:12 GMT\r\netag: W/\"140d3-19e9f8d34e0\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1nSTfe4jTPF32bj5hjmSeBwUqultK3nLlgK9S09xoZMkHYY4zg5cuvrooKueDe%2FKF8Q3xNgU781acQqIzMpQxJHbqOZVeBuQAs%2FUBH3PGf1zcaLtrhxT8BQRLZ%2Fs5g%3D%3D\"}]}\r\ncf-ray: a081d8877d894e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":82131,"size_decoded":22239,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"2923caefa3b359f7b1aef1c47ee6bfca","sha1":"535411f08c5fc62552aa8a1ec5a7e7dafd85ea6f","sha256":"6610c3e592394553273e15c035372152c119ab2bcc63d32b75397712fc79236b","sha512":"2cf20662b65aa5c7adaadb47cdb4306e5b7a4aab40e603e22e4b9674c3c53965a30dca0ad473ffab48a721776262481d7043e1dec2efba5f7f7e077e5240d99d","ssdeep":"1536:FP481StV+Y+To58AjIXpelO25DIv6mdv8RO9/woLehwRgXRktwOm3RO9yfhXfHFS:1O03arwYzkbV+ZdjYnsUvQ4ql6KmdV7x","tlshash":"c983d986fa21df9cbc311ac4adab084c941f6e18db7e4874f1f8f4952b591d8361ab4c","first_seen":"2026-06-06T04:29:58.935061Z","last_seen":"2026-06-10T16:06:19.429476Z","times_seen":7,"resource_available":true,"data":null}},"time_used":190,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":150,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/api/user/profile","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:01.985Z","timestamp":1780858261985,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /api/user/profile HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 401 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:02 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff, nosniff\r\nx-xss-protection: 0\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-frame-options: SAMEORIGIN\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fbDlexO4Pawp0qz%2BUNJU9PrRKu7darXdbT%2FjO1ZtxIaUxaOCxd23qZG15YrjdDdvfH4MnrYh3wzCm5ukGq60xRPHzY2DnHrOPgEZoFEZfJg1eUWBdyx3OJtF%2FTKtXQ%3D%3D\"}]}\r\ncontent-length: 64\r\ncf-ray: a081d8896ded4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"401","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":64,"size_decoded":889,"mime_type":"application/json; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"5c7a264fd4075c56c30677f4d075df04","sha1":"6f876905fd04cef2c06337012edd6907a1392b93","sha256":"1675a940efb474a08ad79438dd81a714ba94329b150c732d1a6c16b33a2d36c2","sha512":"97239c8aa04ea4edf38eed949baea3a7d13cdc723af58c614953f1f2536652ec49f50384a2595797d4410582c03c043d47cfde79746a33aa68edc8de3d5635e0","ssdeep":"","tlshash":"f8a02283b380cc0af080202fabba2e3322ccc000b0002c2b8f80cb3cba03c3022c2200","first_seen":"2026-06-07T18:51:36.73017Z","last_seen":"2026-06-07T18:57:17.881565Z","times_seen":3,"resource_available":false,"data":null}},"time_used":110,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":110,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fbanners%2Fhome-banner-bb.png\u0026w=1920\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.369Z","timestamp":1780858263369,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fbanners%2Fhome-banner-bb.png\u0026w=1920\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: ikxaEaADyVJPcPjzt7cnlpFNmBlz3f5UeH7SZZh_XCI\r\ncontent-disposition: attachment; filename=\"home-banner-bb.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KWBqXX7WiIuDQC9iIBjynJEbzQQVt7U24Bm12ArPgOKv6v34gx%2FzhRld4n0zIZNQmfeZ2QtQ5zB9LxdkaB%2BxOI%2Byw%2BOoPYd2Aw%2BpacBNKttwAfW7mwOU6Ut5FLdGMA%3D%3D\"}]}\r\ncontent-length: 24858\r\ncf-ray: a081d89218394e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":24858,"size_decoded":25993,"mime_type":"image/webp","magic":"ASCII text, with very long lines (33144), with no line terminators","md5":"faa3f71525a8f5c349da28bd5786db9f","sha1":"00326a6e63a5bd36f1fe2c8c1c8f04281c1a9150","sha256":"1378a49ea6d926b645d150b1b9e6012be518233d093d847bbc2c1900d4a9f6aa","sha512":"d221aa04e5c61cafc9d76e3d8f559557c5923ee56962155100850685046c42ca2dd44891893cfa6bac20ad10490ba1cc0a0227c0438ac74f79c46eb30f2e084d","ssdeep":"768:jNMVbnTs9gtYLnyp9PnTx0SstjXjKQTqSom1Aum1ckZ/P19:hMVk9TLyTiSs5JTqSom1AX1ck/PP","tlshash":"fce2e0baea36126dc224490ba6af9bf5bf6cc663169c00114e9333da711e24fb523457","first_seen":"2026-06-07T18:51:36.731526Z","last_seen":"2026-06-07T18:57:17.951008Z","times_seen":3,"resource_available":false,"data":null}},"time_used":58,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":58,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fgames%2Ftowerrush.png\u0026w=256\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.377Z","timestamp":1780858263377,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fgames%2Ftowerrush.png\u0026w=256\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: PAGHIA4PtfSGAK0djO83mtSJIEfB5mUPqSpR5S-5gtk\r\ncontent-disposition: attachment; filename=\"towerrush.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bSupD6uEVqmjNicpPOE6xnlOXcXMT2WvvQ4Rp047UgsKG1M6mXgg5aNOBNMdiqX1NlvvvI6dskGBul65567yrsRsSugUxv6ofoYm6awWIVE%2Bx%2FNoJgSbJ3k7y71m%2BQ%3D%3D\"}]}\r\ncontent-length: 10122\r\ncf-ray: a081d89218424e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10122,"size_decoded":11248,"mime_type":"image/webp","magic":"ASCII text, with very long lines (13496), with no line terminators","md5":"ad0c59016c7a7885ec06621fef7cf10e","sha1":"ca8d6fb4a159c30bdc31105e6f2b7a0952679d32","sha256":"344cf6a3f7946eaefdc709f98748f62fbebe8c7b265a97299a0a7793801aeeae","sha512":"30a237043585cdc6f4d985541b19331f808a1f5d5ff784bae9f8d073d4610601dd6100902b4f0ad54a853ec9652e8fb3042ce6cc02ae9317bcc8e8eeb69512ed","ssdeep":"384:wVzT36nVQIyetdYi91+W8nWUvtxgyJo0lKn+F/3G:+gV1yudF91+lt5Flw+Fe","tlshash":"1352d0398d88632d4b319672ec9cc90b5fa30a96d9b2c624a75117103deefc105f7eb5","first_seen":"2026-06-07T18:51:36.732643Z","last_seen":"2026-06-07T18:57:17.889313Z","times_seen":3,"resource_available":false,"data":null}},"time_used":107,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":107,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fslots%2Fpragmatic%2FSugarRush1000.jpg\u0026w=256\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.380Z","timestamp":1780858263380,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fslots%2Fpragmatic%2FSugarRush1000.jpg\u0026w=256\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: 0JcU3LxAhITDCTRVvX1rsGvGskNATsdJ6u0Eyzr-oUg\r\ncontent-disposition: attachment; filename=\"SugarRush1000.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=msKsR%2B2B303F5RnhhWAMcJZ8sTQ36s9qlg6zVpujSG%2BnLm5VQwC6asUry3ylAYLW0HyzcA9srB2sqcGtc1ooIjy7j0wXSWTv9ZgSxJkuea4EgiyTOA7hjY77LgAB2A%3D%3D\"}]}\r\ncontent-length: 7184\r\ncf-ray: a081d89228434e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7184,"size_decoded":8311,"mime_type":"image/webp","magic":"ASCII text, with very long lines (9582), with no line terminators","md5":"95fb9a0e284aea60883d88aee4e9af32","sha1":"cbefe752d3ff02d229849f8633a6b492db19827f","sha256":"a9c839ca05db8b766d416d40783506f500a7c9c329a22f75aa1470de53e345f3","sha512":"f62e0a13bc06eb49328a08cb3e7fe42182c85391b83a27ff43cfe132092d21f78ee92e15e82e47a4216cb097c179b94ad8f93acaf0b9e201c9da6f53bc63f5f5","ssdeep":"192:oGKt25/yH5BbXPAXb/4ZfvLYHWfLHV0WQg6B+I+lDct:oGKt2lw5BSb/ofjZDHqoG","tlshash":"ac12bf1333ca79f7884d4fb6cf46fef5649406815d6262e028e80039a9d09dee072f97","first_seen":"2026-06-07T18:51:36.733731Z","last_seen":"2026-06-07T18:57:17.913635Z","times_seen":3,"resource_available":false,"data":null}},"time_used":108,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":108,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fgames%2Fminedrop.jpg\u0026w=256\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.387Z","timestamp":1780858263387,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fgames%2Fminedrop.jpg\u0026w=256\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: lyk6g7NYo6DeahtR8zsPKTlfV2PAOZrbDYPEimcPXXE\r\ncontent-disposition: attachment; filename=\"minedrop.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Y%2BgLvVw7qgpBXASC%2FYQczsyuSJMQw0BwaZUZD40jXvtpsQoDUpmsA76lcouqB52kqaNyGpHmPP5tOy0tH88Xo9Yrh49rGH4c%2FdWDWYOs3%2FUzrrxR4fR6XRxZySrO6g%3D%3D\"}]}\r\ncontent-length: 6336\r\ncf-ray: a081d892284c4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6336,"size_decoded":7462,"mime_type":"image/webp","magic":"ASCII text, with very long lines (8450), with no line terminators","md5":"0715aa9b6794b0542c83e02c64a96ab3","sha1":"a3dd5e56b5760b5051abef2aebf0f96b45416a90","sha256":"a3f86f251c817cfebaae1428f843dbe3537bb6b8bb03dc1e7cfe8dada4d1205c","sha512":"cf7e963643816b15f42023303b006f17c58902af22d281490c38ca7c9f99782f95d6260ae247de780294e67ff5bf426da3982ff72b7584cabdd5b6f242350a66","ssdeep":"192:NMsLKHGL+IVWj15ZMeMN1EjkCq/+ve4AnxLf:NjLFrUTwv/J+DAnZ","tlshash":"a202aea6c65039fc047e99c1663204cc8f399d050d699af1a2e9bb32ecdfc44922e79d","first_seen":"2026-06-07T18:51:36.734909Z","last_seen":"2026-06-07T18:57:17.921866Z","times_seen":3,"resource_available":false,"data":null}},"time_used":107,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":107,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fvipclub-home-bg.png\u0026w=640\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.478Z","timestamp":1780858263478,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fvipclub-home-bg.png\u0026w=640\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: kPs78UQj1XH_hyYAcH42oBQZtKQjxsqmV5zmCdHMUUs\r\ncontent-disposition: attachment; filename=\"vipclub-home-bg.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WYYNjOluFZ3HeV16yll6ncoYExcNtSP%2FqomFTfpKS6f333jh2EtDrB5D1Kndx1Lo05ROW1yaZ7YzRCRb%2FJXkt5A9UE2G7gN014VTz85QyJYzJLCiKynYua1CY%2FuBxA%3D%3D\"}]}\r\ncontent-length: 96086\r\ncf-ray: a081d892b88a4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":96086,"size_decoded":97218,"mime_type":"image/webp","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"1e9ad00dcc506accc301dfe90911fcb2","sha1":"16f7bb31b8ecf8964b06e642ebd87e5923a82aa5","sha256":"a71707f05a446e0a12b526cc0b74bf8d11e3f8c40b4eedca4a35f4ea57ccd504","sha512":"9045e82232ba5a90672adb059f6ac2cb167eee7b98cdb5be8e3db246703f64cbf66e3ea72b8ce04e267fd76cd391a08b4026f0faf3eddaba772b2a01f6b4e788","ssdeep":"3072:Zsiy5TSde4o62ZkVZUcF+IupzgVJ/HECqda5F:Zw9SQ4o4VZUcnuhgkCq2","tlshash":"76c312f0171b0d6e2a4caa5bbea6674988f84c946454b30fe7d570c222d9c913fbed70","first_seen":"2026-06-07T18:51:36.736079Z","last_seen":"2026-06-07T18:57:17.957136Z","times_seen":3,"resource_available":false,"data":null}},"time_used":221,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":125,"receive":96,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0fotcgy5lnz.v.css","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:01.641Z","timestamp":1780858261641,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/static/chunks/0fotcgy5lnz.v.css HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:01 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncontent-security-policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; object-src 'none'; img-src 'self' data: blob: https://www.facebook.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://pbs.twimg.com https://analytics.twitter.com https://t.co https: ; font-src 'self' data: https://fonts.gstatic.com https://gstatic.com https: ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https: ; script-src 'self' 'unsafe-inline' https://connect.facebook.net https://www.googletagmanager.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://static.ads-twitter.com https://analytics.twitter.com https://apis.google.com https://www.gstatic.com https://ssl.gstatic.com https://storage.googleapis.com https://*.googleapis.com https: ; connect-src 'self' wss: https://www.facebook.com https://connect.facebook.net https://www.google-analytics.com https://analytics.google.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ads-twitter.com https://analytics.twitter.com https://api.twitter.com https://*.googleapis.com https://translate.googleapis.com https://*.gstatic.com https://storage.googleapis.com https: ; frame-src 'self' https://www.googletagmanager.com https://td.doubleclick.net https://www.google.com https://www.gstatic.com ; media-src 'self' blob: data: https://storage.googleapis.com https: ; worker-src 'self' blob: ; upgrade-insecure-requests;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Sun, 07 Jun 2026 00:48:12 GMT\r\netag: W/\"3142e-19e9f8d34e0\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XxOOpWZx4aNNUPPX90uj82B%2FaMzQ2CJgP0IiwinHiLqO%2BQ40ys6EccRe9hqQTAmNJpqiiE4QQQZYMPWiS2kGCUSdMwX9a%2B6Kf4zKgdD9VQkpvlqTFnT14WoqDtqG8w%3D%3D\"}]}\r\ncf-ray: a081d8874d604e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":201774,"size_decoded":33689,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"0fa6de2ce2a443c9786809ae3578850f","sha1":"136a6c7a3e6d2d24775d644253a4de4abc6c2955","sha256":"49f617c78e5c1f7ffaf1824f83c3cb4060d1cb920c768a2d388bccfe8fd6df36","sha512":"ee8ecfb9232a9fe1e3f4a3ec2bd9c3a38971a519cee69725e137ccdb400740719b2c6f548dd1a59105af29dcbaaec1fc684b330a6cf4fd8d02b8a15767d8796c","ssdeep":"6144:e7+ssS6h/LghBGG6oeCgafD0jXtfKhay4aZmfoFGC10GAw5gAYhqcbu4xHZWDugb:pxHZWzlv","tlshash":"8f1482a0b225d53bbd2374f993acf8cc790ab092de264bf8be51211527d37f21c56a14","first_seen":"2026-06-07T18:51:36.737191Z","last_seen":"2026-06-10T16:06:19.415405Z","times_seen":6,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":117,"receive":50,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0hm6zy2pl-aww.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:01.658Z","timestamp":1780858261658,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/static/chunks/0hm6zy2pl-aww.js HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:01 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-security-policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; object-src 'none'; img-src 'self' data: blob: https://www.facebook.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://pbs.twimg.com https://analytics.twitter.com https://t.co https: ; font-src 'self' data: https://fonts.gstatic.com https://gstatic.com https: ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https: ; script-src 'self' 'unsafe-inline' https://connect.facebook.net https://www.googletagmanager.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://static.ads-twitter.com https://analytics.twitter.com https://apis.google.com https://www.gstatic.com https://ssl.gstatic.com https://storage.googleapis.com https://*.googleapis.com https: ; connect-src 'self' wss: https://www.facebook.com https://connect.facebook.net https://www.google-analytics.com https://analytics.google.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ads-twitter.com https://analytics.twitter.com https://api.twitter.com https://*.googleapis.com https://translate.googleapis.com https://*.gstatic.com https://storage.googleapis.com https: ; frame-src 'self' https://www.googletagmanager.com https://td.doubleclick.net https://www.google.com https://www.gstatic.com ; media-src 'self' blob: data: https://storage.googleapis.com https: ; worker-src 'self' blob: ; upgrade-insecure-requests;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Sun, 07 Jun 2026 00:48:12 GMT\r\netag: W/\"8041-19e9f8d34e0\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BO5%2B8cCfoKilMO3ID5OZKUJDFJ6xVp9LjjH24IMkWFZRB%2BG6GTUl4q%2FEgZQtQlZ9NfBq7tlNSqo4yZqIIyGoYjK2kuXgo%2FTyr1RHGXEq%2FOkv2E7xmKir4DgR53g%2Fyw%3D%3D\"}]}\r\ncf-ray: a081d8875d6e4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":32833,"size_decoded":13884,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (30613)","md5":"3942850788b440a40c6c42d0a1367c7f","sha1":"1ea2998a9fa91747e4f2baf9889ff7d80727aa75","sha256":"77d77e60f693904bd965d55cb6e862c7cb50d123ea929c01306ad5e5aa98336e","sha512":"0c2431fb6961fec582821303f2525f0ea48974529dbdd69bb6d181a48efbf8fea8f0dca649423a87230207c90c918dd7a465fd338e3db2892dcb4c6bce8bcb51","ssdeep":"384:wyhE/WJ72vvRHeTSdz9HQkTBV8GUYssccRSvj+jixwZsM5m:wyQWJ72xHeTSDHQKBV8PqcASvq4E5m","tlshash":"bbe20ae532817a30e7df469a517f811c773e2689640e0410f5799c983abcd85f2b3faa","first_seen":"2026-05-30T10:48:25.661128Z","last_seen":"2026-06-10T16:06:19.469158Z","times_seen":15,"resource_available":true,"data":null}},"time_used":127,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":127,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0hi-oz4wpwmvw.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:01.672Z","timestamp":1780858261672,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/static/chunks/0hi-oz4wpwmvw.js HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:01 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-security-policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; object-src 'none'; img-src 'self' data: blob: https://www.facebook.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://pbs.twimg.com https://analytics.twitter.com https://t.co https: ; font-src 'self' data: https://fonts.gstatic.com https://gstatic.com https: ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https: ; script-src 'self' 'unsafe-inline' https://connect.facebook.net https://www.googletagmanager.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://static.ads-twitter.com https://analytics.twitter.com https://apis.google.com https://www.gstatic.com https://ssl.gstatic.com https://storage.googleapis.com https://*.googleapis.com https: ; connect-src 'self' wss: https://www.facebook.com https://connect.facebook.net https://www.google-analytics.com https://analytics.google.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ads-twitter.com https://analytics.twitter.com https://api.twitter.com https://*.googleapis.com https://translate.googleapis.com https://*.gstatic.com https://storage.googleapis.com https: ; frame-src 'self' https://www.googletagmanager.com https://td.doubleclick.net https://www.google.com https://www.gstatic.com ; media-src 'self' blob: data: https://storage.googleapis.com https: ; worker-src 'self' blob: ; upgrade-insecure-requests;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Sun, 07 Jun 2026 00:48:12 GMT\r\netag: W/\"4d7-19e9f8d34e0\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lg9lPBe2tSW1UWqcR6u4BOEZsS8sPC5hti3%2BOyqnXBjY9r23lhSIzf27hK5GfksdRzP%2FYxTjAGfD97XuV2YeTP4VHv933rS0QmGrBO0VloIi%2BCxRY2QwmMiCiAeRgQ%3D%3D\"}]}\r\ncf-ray: a081d8877d834e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1239,"size_decoded":3125,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (1303), with no line terminators","md5":"dead19ed90e14463968a20636115b22b","sha1":"2a0a49ed9ff2ce0d847608dfccd490ef19998b45","sha256":"3397ffe5bb6f82f085294e76dd215609b661bb3112446f5e9fe9f3fb883cecf1","sha512":"70c15bc4938368bcfb065f0af2bb9d0efaed80acddf1b6a5194155361c2dd8b4e79fb49e3f40ebbc87ce8512e9d48885b7177d2f42f3bbb1f87e81e2d7250c3c","ssdeep":"","tlshash":"45218a54d88ad2a488a4d071533fe005d6eb309f75cf30a88765e7a1d2d3a4d5b538af","first_seen":"2026-06-07T18:51:36.739882Z","last_seen":"2026-06-07T18:57:17.885454Z","times_seen":3,"resource_available":false,"data":null}},"time_used":142,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":142,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0ox_03ak_i_jh.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:01.674Z","timestamp":1780858261674,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/static/chunks/0ox_03ak_i_jh.js HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:01 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-security-policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; object-src 'none'; img-src 'self' data: blob: https://www.facebook.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://pbs.twimg.com https://analytics.twitter.com https://t.co https: ; font-src 'self' data: https://fonts.gstatic.com https://gstatic.com https: ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https: ; script-src 'self' 'unsafe-inline' https://connect.facebook.net https://www.googletagmanager.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://static.ads-twitter.com https://analytics.twitter.com https://apis.google.com https://www.gstatic.com https://ssl.gstatic.com https://storage.googleapis.com https://*.googleapis.com https: ; connect-src 'self' wss: https://www.facebook.com https://connect.facebook.net https://www.google-analytics.com https://analytics.google.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ads-twitter.com https://analytics.twitter.com https://api.twitter.com https://*.googleapis.com https://translate.googleapis.com https://*.gstatic.com https://storage.googleapis.com https: ; frame-src 'self' https://www.googletagmanager.com https://td.doubleclick.net https://www.google.com https://www.gstatic.com ; media-src 'self' blob: data: https://storage.googleapis.com https: ; worker-src 'self' blob: ; upgrade-insecure-requests;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Sun, 07 Jun 2026 00:48:12 GMT\r\netag: W/\"78a-19e9f8d34e0\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rv7Rh4C0nhD%2BU4gT8dZVHlPeJryMOCKUjzCudVJhMt%2FYc1gG2WawocTUMyzAghaxxqtCfsHBrxRDKf0q%2FP46dqMjDCKg%2FrRPHoL9QfBKE9qzFITgJW3yAiWemafkfQ%3D%3D\"}]}\r\ncf-ray: a081d8877d874e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1930,"size_decoded":3480,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (1966), with no line terminators","md5":"d3034caf94c12ccbd76ea46bc2d46722","sha1":"aa23dd06f119428bc3cfc08eb7ae471ef644f691","sha256":"a434aae2ca283217fcf7910f80921a5d4c39a71e8d46270f570633cdd9b8ca56","sha512":"00130cdca3bd329cd29d52caa781d0dadbcdf316e67b377c7c959e5cab9688fa187fa7871999aeab99bfd5de6dd81e2397733304ddc8fcac572bc45324ea0ec7","ssdeep":"","tlshash":"dc4156c4e5c0e6389cc80b7447258805ae3a71fb71d8e5ea836d5cb15a43dccf29648e","first_seen":"2026-06-07T18:51:36.740936Z","last_seen":"2026-06-07T18:57:17.880961Z","times_seen":3,"resource_available":false,"data":null}},"time_used":140,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":140,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fslots%2Fpragmatic%2FJokerJewels.jpg\u0026w=256\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.382Z","timestamp":1780858263382,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fslots%2Fpragmatic%2FJokerJewels.jpg\u0026w=256\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: 9KVS1MhcgJ-MVl0y6BA2ViYxbMfVtMUo7aKtXmEcUAo\r\ncontent-disposition: attachment; filename=\"JokerJewels.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=M71x3jUUUhxWor%2B7iELo0sBRlFpYC5sbunNrsHawtG7oGP2UXQiD8LVijNv4Kfm3JF%2BaDG1sQu2TL1B0UF9n43pGPGrjk5H2Eqb8MHlDWHpuEJ%2FPwC9FAZAlpMlWWQ%3D%3D\"}]}\r\ncontent-length: 12316\r\ncf-ray: a081d89228454e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12316,"size_decoded":13444,"mime_type":"image/webp","magic":"ASCII text, with very long lines (16424), with no line terminators","md5":"e2bd89389232cb0366fdb5be2d84a922","sha1":"291cc6a3f66b523cd251de828d7addb872365813","sha256":"58a01a14aab78c7a7968473092b89bae8fd9bb41cb918a1418307896f7e5e000","sha512":"f674a64daf3117972d8b10ba8c464604d3793a3d9362c3665990ae466a47eade59ccc64da599a07a49b4dfb519f7f32b64c3f0faeaea31af5a2a5d10e69efae2","ssdeep":"384:vjRZJZJZaQVg6R4PvU4SMN/IhbaA4lkobBkSzkB56TBY:7RZJZLaQVg6Z4S8IhbR4lSH6TBY","tlshash":"6472d1180bf07978cb90d73a31109764ced5791136e79b6ba2ccca2ea2b55c3de800b6","first_seen":"2026-06-07T18:51:36.741993Z","last_seen":"2026-06-07T18:57:17.885916Z","times_seen":3,"resource_available":false,"data":null}},"time_used":108,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":107,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fgames%2Fcrash.png\u0026w=96\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.407Z","timestamp":1780858263407,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fgames%2Fcrash.png\u0026w=96\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: Gz2Z3S_1Wvdw3bRFpkGDlqyTs8q3V2gy-xqMPx7G1Xw\r\ncontent-disposition: attachment; filename=\"crash.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QuIrsuV9MhE1K7sRy08iSXnyg8k%2FOxKntWKAnyd0jDgMEyzsKdC16GhVoZ9XlYkJOp0z3RJEM0jJjWdnttSlW0Dx0gdYn9nbtLn9r66fs4LvEdu%2F9BbvQI0D05dong%3D%3D\"}]}\r\ncontent-length: 2380\r\ncf-ray: a081d892485c4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2380,"size_decoded":3499,"mime_type":"image/webp","magic":"ASCII text, with very long lines (3178), with no line terminators","md5":"eece0db3eeebf431fa08ba29aadbb45d","sha1":"0ec1420af4ff5520c16c4883aa73124d3374a4b1","sha256":"3b361d83015b110b88a3a359507d0fc22feffa68b125b7ff47e3b552fa48521e","sha512":"05daf420ef212c86a288852ff4130bc3f882f398eaca00d0e77563ed85877c8a6ff07882be6fd8d7194f60e28c24916b6251891ff3e52afc39983da5a62f1001","ssdeep":"","tlshash":"c3617c2ba8705a520dccc0b2d77d0f649944433c27b0329f5169d768e8c300b95a8fb8","first_seen":"2026-06-07T18:51:36.743032Z","last_seen":"2026-06-07T18:52:00.094518Z","times_seen":2,"resource_available":false,"data":null}},"time_used":112,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":112,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fgames%2Fbbal.jpg\u0026w=96\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.420Z","timestamp":1780858263420,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fgames%2Fbbal.jpg\u0026w=96\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: 4-5cCTkD-l_K9MLP-Z33oOdBpVh6AREQSUxNPd9D2Cg\r\ncontent-disposition: attachment; filename=\"bbal.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dCMzB%2FUgtrKDvItfmIZWvUQm9k1flnrtqcO2zAj3UhhG8jwARgwlUDjzzKf0c7ChvYA0Uqq8U%2B2Qk73HH9qC%2Byw7ufdkRCd358pnK7xqNO%2BI6JNhteJrOhIRoOE%2BMQ%3D%3D\"}]}\r\ncontent-length: 2344\r\ncf-ray: a081d89268684e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2344,"size_decoded":3468,"mime_type":"image/webp","magic":"ASCII text, with very long lines (3130), with no line terminators","md5":"eeec38e800a572499f0d05f8f5739db1","sha1":"33312a63c1dbbc6a8a49d90663935c69741c3650","sha256":"5235ac172239e557d75a2dd064e48e0a19fd8ed99420e933b972b04aeedb92ea","sha512":"48ff83dc49260cd45aaba858a1132c5ded07ec0eb76ed36cf409aa9f1c26c9dc877fa837375153aaec07d0398fdcb1e75dbeb2bbd050d9b1319a78becbf554ba","ssdeep":"","tlshash":"1c515bf1d9ebbb4345244504d87a64f2f0a5ac40c393ca158e773efe355a6419c10e38","first_seen":"2026-06-07T18:51:36.744081Z","last_seen":"2026-06-07T18:57:17.953443Z","times_seen":3,"resource_available":false,"data":null}},"time_used":143,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":143,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/static/img/icon.svg","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.475Z","timestamp":1780858263475,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /static/img/icon.svg HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-security-policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; object-src 'none'; img-src 'self' data: blob: https://www.facebook.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://pbs.twimg.com https://analytics.twitter.com https://t.co https: ; font-src 'self' data: https://fonts.gstatic.com https://gstatic.com https: ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https: ; script-src 'self' 'unsafe-inline' https://connect.facebook.net https://www.googletagmanager.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://static.ads-twitter.com https://analytics.twitter.com https://apis.google.com https://www.gstatic.com https://ssl.gstatic.com https://storage.googleapis.com https://*.googleapis.com https: ; connect-src 'self' wss: https://www.facebook.com https://connect.facebook.net https://www.google-analytics.com https://analytics.google.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ads-twitter.com https://analytics.twitter.com https://api.twitter.com https://*.googleapis.com https://translate.googleapis.com https://*.gstatic.com https://storage.googleapis.com https: ; frame-src 'self' https://www.googletagmanager.com https://td.doubleclick.net https://www.google.com https://www.gstatic.com ; media-src 'self' blob: data: https://storage.googleapis.com https: ; worker-src 'self' blob: ; upgrade-insecure-requests;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sun, 07 Jun 2026 00:48:10 GMT\r\netag: W/\"56c-19e9f8d2d10\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=np7LlaQz4s%2F4Acgv7DBgZ1b790jkAEyMaI6AddBsbexC4JiEQ1818lQleqRs6J%2B24YDh5KbmMObZt0E%2BkgkeJywLRc7fu5KQSdHAnbyDZnw6Qb9Goz87c%2BZwEMlTDw%3D%3D\"}]}\r\ncf-ray: a081d892b8874e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1388,"size_decoded":3259,"mime_type":"image/svg+xml","magic":"ASCII text, with very long lines (1432), with no line terminators","md5":"89df2d51e8143c64e004709c283ce151","sha1":"6af991e1fd8073f1e10aa40b62be1b0e1b5bf609","sha256":"5b7e0a9390d81677201b41d4ede88a4ff6a3ace60aa7c2fd328f0dc5674d8274","sha512":"ef261b2b455fa1afa735e1e6c59af22a611b8f11591de3125652add106c5bee79255af0fa9f3764185f7952f613b4ff62af4e94a33002ec09d5ee533744b7160","ssdeep":"","tlshash":"3c214e91a6b4f3acba48c7ae137804b6743e30f839b4c9058ec2485ab18252e19f5c36","first_seen":"2026-06-07T18:51:36.74511Z","last_seen":"2026-06-07T18:57:17.878842Z","times_seen":3,"resource_available":false,"data":null}},"time_used":93,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-07T18:51:01.198Z","timestamp":1780858261198,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:01 GMT\r\ncontent-type: text/html; charset=utf-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=0,i\r\ncontent-security-policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; object-src 'none'; img-src 'self' data: blob: https://www.facebook.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://pbs.twimg.com https://analytics.twitter.com https://t.co https: ; font-src 'self' data: https://fonts.gstatic.com https://gstatic.com https: ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https: ; script-src 'self' 'unsafe-inline' https://connect.facebook.net https://www.googletagmanager.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://static.ads-twitter.com https://analytics.twitter.com https://apis.google.com https://www.gstatic.com https://ssl.gstatic.com https://storage.googleapis.com https://*.googleapis.com https: ; connect-src 'self' wss: https://www.facebook.com https://connect.facebook.net https://www.google-analytics.com https://analytics.google.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ads-twitter.com https://analytics.twitter.com https://api.twitter.com https://*.googleapis.com https://translate.googleapis.com https://*.gstatic.com https://storage.googleapis.com https: ; frame-src 'self' https://www.googletagmanager.com https://td.doubleclick.net https://www.google.com https://www.gstatic.com ; media-src 'self' blob: data: https://storage.googleapis.com https: ; worker-src 'self' blob: ; upgrade-insecure-requests;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vsivs1%2FHu2RFL1lfFXFT3vZsFnly4qJlBfCUkjrXmnUgikxo8iQYtO%2F41KFFGPogz%2FNxZUcEsWFmNfm6ZdltaX8SP5CkxcqgPL%2FsvnRQrtdJo10twf4zOtph29A4gg%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: zstd\r\ncf-ray: a081d884bce94e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":103910,"size_decoded":31457,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (60288)","md5":"ced3d7324b09cbe976f1c77de971a3a6","sha1":"20ac3d06f49e292fce03c70d4404e6898f62f671","sha256":"201768f2a2f553c6bc33781f48e8adcedb593258e77eeb0022cbc2115ffbab08","sha512":"a3cfb1e1d4ab87fcf166072bd0a8d1d55b54964ce38ec384d3a705d0ae977eab1e501bd1d909971228bcd5b3ca67db611ead16a7f52fa2d93ce74096519ed36d","ssdeep":"1536:VCnyKI7C5+3//yU8fmuAaN1yGNkptBgGOZ8hZFQIxZ0:V62C5+3/6HmufgRtBzHFQIxZ0","tlshash":"4ba3f70fed18ea16d8939d8e747f6f3b6498c43642b184bca9adc40c02554b997fedc0","first_seen":"2026-06-07T18:51:36.746034Z","last_seen":"2026-06-07T18:52:00.079295Z","times_seen":2,"resource_available":true,"data":null}},"time_used":246,"timings":{"blocked":0,"dns":14,"connect":20,"send":0,"wait":158,"receive":54,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0kp-2ej7dl~sr.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:01.670Z","timestamp":1780858261670,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/static/chunks/0kp-2ej7dl~sr.js HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:01 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-security-policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; object-src 'none'; img-src 'self' data: blob: https://www.facebook.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://pbs.twimg.com https://analytics.twitter.com https://t.co https: ; font-src 'self' data: https://fonts.gstatic.com https://gstatic.com https: ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https: ; script-src 'self' 'unsafe-inline' https://connect.facebook.net https://www.googletagmanager.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://static.ads-twitter.com https://analytics.twitter.com https://apis.google.com https://www.gstatic.com https://ssl.gstatic.com https://storage.googleapis.com https://*.googleapis.com https: ; connect-src 'self' wss: https://www.facebook.com https://connect.facebook.net https://www.google-analytics.com https://analytics.google.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ads-twitter.com https://analytics.twitter.com https://api.twitter.com https://*.googleapis.com https://translate.googleapis.com https://*.gstatic.com https://storage.googleapis.com https: ; frame-src 'self' https://www.googletagmanager.com https://td.doubleclick.net https://www.google.com https://www.gstatic.com ; media-src 'self' blob: data: https://storage.googleapis.com https: ; worker-src 'self' blob: ; upgrade-insecure-requests;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Sun, 07 Jun 2026 00:48:12 GMT\r\netag: W/\"4471-19e9f8d34e0\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=l1A63HrI4cTZqEo%2FcuDndy9%2BbjhMPeN6vps68shW6c1hfxY1%2FwU8YHm9JGqvwhMswIbinffYvTmjIHV52WfSGh%2FzA4ljJ53jRnjjJAx7s06jin%2BwknE7jRFVECbUfg%3D%3D\"}]}\r\ncf-ray: a081d8877d7f4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17521,"size_decoded":8467,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (17521), with no line terminators","md5":"d57ad55edbed6de4ca7f974653e30a81","sha1":"80c38754f0d3253d3a88a7d069dd7080b8dc0e5f","sha256":"d68882b24cfd793dab4aa91f0eeb59419b4fdb215f69042145d666e78cef4bb0","sha512":"74380831f7c0eb1372956c5275682c80bb68b5cf912bcb377e920a710a325796af59b093e1e8ae918664c6f2e52994627aa546f0635eefe5d179170165af3817","ssdeep":"384:csBf9X7g7156bFleYoB15xmrLn7ERIWvd7//+bH4p2BGKDLc:cyX7g71ULgGLnoCWF//+ED","tlshash":"7b72846dc14473fc8dd447f445267071698e12df30d9aa6caaa988e077a30dcd6eac8b","first_seen":"2026-05-30T10:48:25.62983Z","last_seen":"2026-06-10T16:06:19.420959Z","times_seen":15,"resource_available":true,"data":null}},"time_used":120,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":120,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0jxg8u~p~fktx.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:01.673Z","timestamp":1780858261673,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/static/chunks/0jxg8u~p~fktx.js HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:01 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-security-policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; object-src 'none'; img-src 'self' data: blob: https://www.facebook.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://pbs.twimg.com https://analytics.twitter.com https://t.co https: ; font-src 'self' data: https://fonts.gstatic.com https://gstatic.com https: ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https: ; script-src 'self' 'unsafe-inline' https://connect.facebook.net https://www.googletagmanager.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://static.ads-twitter.com https://analytics.twitter.com https://apis.google.com https://www.gstatic.com https://ssl.gstatic.com https://storage.googleapis.com https://*.googleapis.com https: ; connect-src 'self' wss: https://www.facebook.com https://connect.facebook.net https://www.google-analytics.com https://analytics.google.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ads-twitter.com https://analytics.twitter.com https://api.twitter.com https://*.googleapis.com https://translate.googleapis.com https://*.gstatic.com https://storage.googleapis.com https: ; frame-src 'self' https://www.googletagmanager.com https://td.doubleclick.net https://www.google.com https://www.gstatic.com ; media-src 'self' blob: data: https://storage.googleapis.com https: ; worker-src 'self' blob: ; upgrade-insecure-requests;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Mon, 01 Jun 2026 13:05:50 GMT\r\netag: W/\"6a7-19e834a5fb0\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nage: 300137\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=L%2BmPEexvAJ2uq5KriOSDvRX35W780jfCqNPPA8sUJ6VKWl6hg83bd1FyJC4LjXP7%2FGjJJMrKncG5gda%2BHqpmr%2FNu6YYfBYcrcwegS8z5dojq41yxTw8SVx%2BwdNBrgw%3D%3D\"}]}\r\ncf-ray: a081d8877d854e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1703,"size_decoded":3267,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (1789), with no line terminators","md5":"972e28a964e0538344b4f5457c3c945b","sha1":"359ebac7886d5aa9feb151162bdd6910632ccb80","sha256":"ba42a86129964da33e7dd81cccb719f406dc1339c7e0dd25e1136016745411d6","sha512":"0db949f4af63b4e5ff128fb0ae5bd6c8cfd013f7870fe63f2394dfba9c0b89a9d2b94b3aafd1429d11aac5934b54c11141970d60992e60a846b2351d87eff582","ssdeep":"","tlshash":"06311375bb8ca1fe998ad0944f3fd112941bb19774fe1020625ced40e6e31edf2a2543","first_seen":"2026-06-07T18:51:36.748456Z","last_seen":"2026-06-07T18:57:17.894528Z","times_seen":3,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fgames%2Fopenit.jpg\u0026w=96\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.418Z","timestamp":1780858263418,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fgames%2Fopenit.jpg\u0026w=96\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: mAEpvb-2i_J-feSnTuLIkmcLYjqyR2hiXU6WmNzi9Pc\r\ncontent-disposition: attachment; filename=\"openit.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0qjZMn4Zda9rgLCwUguMR5Z9L7rT2tEQ1OkPZ%2FByeJLjjsew6BdmukU5ZnLzzxVyftLo%2Bpb7cImtQHYROUYM2VbE62nbVoG2AWUrGgTlakP9CrEg8mGVHSoHG3aBSg%3D%3D\"}]}\r\ncontent-length: 2376\r\ncf-ray: a081d89268674e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2376,"size_decoded":3496,"mime_type":"image/webp","magic":"ASCII text, with very long lines (3170), with no line terminators","md5":"54e90d4b5bc7bf8904a4cad19dfcf9a9","sha1":"073b523243a72843e1c58b6b8c1e2ea35cab341b","sha256":"a74fbccdc86166362b2c54db7b46eaa6466905432a88905177817c4b1de82fd4","sha512":"8d3f02f737889875fbf08cd22a5adb1e7a78737a061e9dedb312749f871e174802e68ef250bc7d0b3899ef30f0664d29b6e01f74cc5d05275df7b650df4ee6fc","ssdeep":"","tlshash":"f3517cc350f97db008a4829e40e2d3527f61b7f7598ad969e372f079060427e4b4624d","first_seen":"2026-06-07T18:51:36.74946Z","last_seen":"2026-06-07T18:57:17.892884Z","times_seen":2,"resource_available":false,"data":null}},"time_used":146,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":146,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fgames%2Fdrop-the-boss.jpg\u0026w=96\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.422Z","timestamp":1780858263422,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fgames%2Fdrop-the-boss.jpg\u0026w=96\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: w0k2rD3jWi_L3-T_2IUdB_g4dvOiATwsZZhIiI3qJ0g\r\ncontent-disposition: attachment; filename=\"drop-the-boss.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BpA8LCKnEVPRnnf%2FVlIUS%2Ba8dOUrYUsba%2B0wTRH4BNQgLVXZhdYXHHEm%2BzYEECwUjPqRmEQvGwW7%2F8LfwWbi3UU5i57ALwz4%2BnNxP8wHnbqqDz3yoOrPmXyCp6mZmw%3D%3D\"}]}\r\ncontent-length: 4372\r\ncf-ray: a081d892686a4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4372,"size_decoded":5507,"mime_type":"image/webp","magic":"ASCII text, with very long lines (5834), with no line terminators","md5":"35d03a34db0ecf5094ac99f684fc4d6b","sha1":"14d03dfe13916256c7969b7001888787dd52c5fd","sha256":"592add317abaf314f93226ca093cd8b209090536431f938d80eca67c08d62ecd","sha512":"aa8d8b1244df320fde474afed8cd9b33a5fa28af828a196e468d4460289268f00dbcb90b371568ec347ac6e78ae1206b394f533c8f19b98de9b0d51096ecfebb","ssdeep":"96:3tAzo/9tXn61Fon/MVeeNFoiX8tkT/dFTbw01SdVPx99qIExlLFRXwaqFnp4rZ4N:3tL/fXgM/MsIV6krdFYISdVpqtXjwOq","tlshash":"adc1af2ddf4d8df57d882d7e16350ef3464219a5119ca2a9c77b3e210c08ba7cab913b","first_seen":"2026-06-07T18:51:36.750584Z","last_seen":"2026-06-07T18:57:17.887573Z","times_seen":3,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":59,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fcards-bg.png\u0026w=640\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.477Z","timestamp":1780858263477,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fcards-bg.png\u0026w=640\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: i5pGDLSNyQNklUiF1bphmudGC-ohs8m3PTeAw-daZFw\r\ncontent-disposition: attachment; filename=\"cards-bg.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YvPARuz8fqmM7dm3rw0GHC9MkjFgZHNKgnSi5lKhz%2BQUyYPQfspMBxds1fpkjkHFMBWss0gv8phpfsMj8J123IpQR9rMKW01Qj5tmXHkgkqY1z11muqApRdOCbywkg%3D%3D\"}]}\r\ncontent-length: 53278\r\ncf-ray: a081d892b8894e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":53278,"size_decoded":54399,"mime_type":"image/webp","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"ef5a645b163a4fcdac1b410b2fc2c7b2","sha1":"fda15d875a128732451532f18d68e3d84ea35ec6","sha256":"301ac87a4a3dc913dea0699fb84f4efed27f8edc216b9c3e351105237bebac29","sha512":"d316ead707485b1382fc8a64d431367ffc726ff44a087314481e291dc28f0f843cd48a3875929b65086c5a09b1afcd4d8bfb927a4145b1dce6a50c4d0de4e6fe","ssdeep":"1536:u88u/7+WQNkFZKk6AalgE+2on7QzmeU9kautBUevvHHGnV97K:u88uBAYkk6A0gE+nnszmf9evXmVw","tlshash":"4263024135da1bbd8f48babfa0fdee8861c8125e71b8e0ca5bf4715d510c699408f639","first_seen":"2026-06-07T18:51:36.751819Z","last_seen":"2026-06-07T18:57:17.879906Z","times_seen":3,"resource_available":false,"data":null}},"time_used":221,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":123,"receive":98,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fbg-zeus.png\u0026w=1920\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.372Z","timestamp":1780858263372,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fbg-zeus.png\u0026w=1920\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: pny7P9ClbMfEocLhNcDy2Xb889ti4_WV4FArEXvVHaY\r\ncontent-disposition: attachment; filename=\"bg-zeus.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cKkBpiMqcw2u6LIPF%2FVSPEo5DWFfC%2FUZGurFze8O7W0Nc%2BedzrAVEu1kSoThS1FWmJhfLlIEbCgijF0s1QIR4Q6DYruJ0IEJ%2F2TTDr%2BJQF2r5MqYSnodzKcKQ8K53A%3D%3D\"}]}\r\ncontent-length: 84074\r\ncf-ray: a081d892183c4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":84074,"size_decoded":85202,"mime_type":"image/webp","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"daf8d808af64e1525a340a40293cd572","sha1":"74bc4d81335682916ee1cb88d50b3934c4f9603e","sha256":"8fc1d2dee24ff18e86117f41e150bfdba17cb553ad0ca36a82c39d7f1f90d9f3","sha512":"a611778cc8ea34448ea60f6872b858d282b6ac7631c7ae7106d27a67641bf8e1d3be9bd83a4888a0f6fdaa93b5a9b6a5df812fb492435a3121a2485cce87ccae","ssdeep":"3072:cvP4qPn+DQ2yLl+YlUUJ1VJXeVhFP41Q4iNuYTo:coqPn+PU/UUJ1VtgFP41QpDTo","tlshash":"80b312d7a109de247ac4eca6a419ce2b115d67e92d19044ffcd731c3a845d8b43ed1a1","first_seen":"2026-06-07T18:51:36.753041Z","last_seen":"2026-06-07T18:57:17.921006Z","times_seen":3,"resource_available":false,"data":null}},"time_used":205,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":108,"receive":97,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fvip%2Fbronze.png\u0026w=32\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.413Z","timestamp":1780858263413,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fvip%2Fbronze.png\u0026w=32\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: E4uNUIHjdnUdsK-pwxX8QEznMeskgsTG8r5EiDgxq08\r\ncontent-disposition: attachment; filename=\"bronze.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ruv3nEtiWydTIxV3jHFgo7%2B1jXD4pySpL1FUTGYSbt%2BlIln%2BCFv5POnVekHCGOtlOK0em4zOeQ0QM0xRMV76lyzrnjOZP1s7JGWS3ib5MEcDW%2Ff3CSN8dLTUsrrzLQ%3D%3D\"}]}\r\ncontent-length: 916\r\ncf-ray: a081d89258624e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":916,"size_decoded":2039,"mime_type":"image/webp","magic":"ASCII text, with very long lines (1226), with no line terminators","md5":"60dbd87f33ead436c4c07ee3d0548d83","sha1":"15bcc2679e1871dfc73e02c8c5e7bfbdd1a029d2","sha256":"1573b4860c09a812c9c3e6709dd516c6c13ba1fa9db7c02587a5da81d552512f","sha512":"75c35d2544dc19a3c70826f490258bd1b598b95df6beab5ad8d8c2001dc0860667568f389ea102681dfa90debca46edb3620ff40c7ab1feba000ad9307c5ed08","ssdeep":"","tlshash":"00218168215f9233e9fa45302c546eabfea478e649f6007226079fea5117f814722eb4","first_seen":"2026-06-07T18:51:36.754287Z","last_seen":"2026-06-07T18:57:17.956452Z","times_seen":3,"resource_available":false,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fgames%2Fcapymania.jpg\u0026w=96\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.414Z","timestamp":1780858263414,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fgames%2Fcapymania.jpg\u0026w=96\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: eQw4ImdPYBLeFNxmMqtgLPiK3ARpeSS4IlZjAwGgQmc\r\ncontent-disposition: attachment; filename=\"capymania.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=myyOKi54SVu6EAMw1%2FtkfgFelJ9Ma3YFAeCY6R5WFhbcJxEsYr%2B5yApPqaOxsuWQqGGvylwFCKEETOlXdrXsnClcGwUUyj8xMpgQSTqe6XWooFyfQwCsyxjlpkysLQ%3D%3D\"}]}\r\ncontent-length: 3096\r\ncf-ray: a081d89258644e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3096,"size_decoded":4219,"mime_type":"image/webp","magic":"ASCII text, with very long lines (4130), with no line terminators","md5":"eb8e6a4f2cc59a4a13384c428105c58f","sha1":"3a4574fec8dba3ba93317b6ab26a9da4ce02a464","sha256":"3d8f676e666edfaec45029645665db480be6e1791a2f895f3894e652ac60830e","sha512":"e809477c6f06f64f77c2c4bbeaf6575be2a64dfc8531d24e011ffb16d1b796b68ad24828d9877e35400080d4a0579c955012689632e4c193014612afd9cb8f03","ssdeep":"96:aswhS45yvlb9y3yCIPjOyry+GXsbO9mPKtVuECT+gQIRvUIMh/D:aswhS4ktbuyCIPjOCy8b+mPOWTzQIdUZ","tlshash":"19818e88c6c37c60216727f0b2c993509367c955b5ddb6fc1f029c189a12d0c67fdd59","first_seen":"2026-06-07T18:51:36.75555Z","last_seen":"2026-06-07T18:57:17.970535Z","times_seen":2,"resource_available":false,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fslots%2Fhacksaw%2FRipCity.jpg\u0026w=96\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.454Z","timestamp":1780858263454,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fslots%2Fhacksaw%2FRipCity.jpg\u0026w=96\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: O97dNmeKWJimOijTc4cjzQfViClQLX80x14HzRVeVV0\r\ncontent-disposition: attachment; filename=\"RipCity.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xkS57nAGfL5Kz1osEUvUYDZk1iwvpkz4mmJLJLW622JvRy2rTCvpyelx%2Bxpy3inI3DSsS5Ub4oNrVmaxcZuDj%2FHJ7srAdNr5b%2FH%2FDGhbaRYuVY2Xtrxubr830qaJyw%3D%3D\"}]}\r\ncontent-length: 2266\r\ncf-ray: a081d89298784e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2266,"size_decoded":3391,"mime_type":"image/webp","magic":"ASCII text, with very long lines (3026), with no line terminators","md5":"0de52a7b6cfa21592187e8d267d4b36a","sha1":"b565b027111a44afdfc1b291359a252c5f0db4e0","sha256":"9cf7933212d59c9771e23c0c93837729efc6e85d23b75f43fc6393da86dee59f","sha512":"69efde23e35f276b328017cd27ef820e28b076d78c97e8cc7e7efefd3231bb7ba663cec49b1d20a41c4510339eec108a45c15574640c9ff12df07983b5e3bc7d","ssdeep":"","tlshash":"25516c1d0d63650cd7cb28405d685063b2c9ee5a0a05b2cdd05bc8c0b7126ef0c177ad","first_seen":"2026-06-07T18:51:36.756611Z","last_seen":"2026-06-07T18:57:17.952668Z","times_seen":2,"resource_available":false,"data":null}},"time_used":64,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":64,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fslots%2Fpragmatic%2FGatesOfOlympus.jpg\u0026w=96\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.467Z","timestamp":1780858263467,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fslots%2Fpragmatic%2FGatesOfOlympus.jpg\u0026w=96\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: 8FgdcutvhUxuAEAinhAFoCutAXlWx61sHGLYXIYGChM\r\ncontent-disposition: attachment; filename=\"GatesOfOlympus.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LJQZ66ojy6dvYsOLT1jzGWTzNGRM4CZYNzBzLVMdCwVQC%2FkJhyz%2FGeQNxM%2F%2F2%2Bd6cK%2BkhPBkIynijdtYL3g12ybPM5Rs4bJGy6daXMMwWHFeXkfbNaUrFOgllYv%2BKw%3D%3D\"}]}\r\ncontent-length: 2512\r\ncf-ray: a081d892a8824e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2512,"size_decoded":3650,"mime_type":"image/webp","magic":"ASCII text, with very long lines (3354), with no line terminators","md5":"9e21cebfc6c6e94b1a5c8ebd6b6466e0","sha1":"e4bd5d811406c6e09b8e4501b4f419dfda254288","sha256":"a15c16a85d3b650d335da7bc3a1ac72e069615b605581b778a68ca33a66d2e4c","sha512":"1f4fbfcc16d0fa74646329320fa55948fb8da577ab6affc17ea2e0a32bd74ac9c12953b38261b51dc20c3b68dc256a242d1d637c4ccc8f9dbfb93cf93ec779e9","ssdeep":"","tlshash":"2f616ceac3406b4f01bedeb4d129247953e91b937833e435de9b5425e1c02dacf4a59c","first_seen":"2026-06-07T18:51:36.757668Z","last_seen":"2026-06-07T18:57:17.914242Z","times_seen":2,"resource_available":false,"data":null}},"time_used":126,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":126,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fsponsorships%2Fbanner-ufc-mini.png\u0026w=640\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.482Z","timestamp":1780858263482,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fsponsorships%2Fbanner-ufc-mini.png\u0026w=640\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: UPidy2wtnT8nU4OvcFes5844s8isy8GEOVHzqbKdi2o\r\ncontent-disposition: attachment; filename=\"banner-ufc-mini.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LRLl9ZaAZHp8%2Fu5bqa%2Flntejpob2Nnaw6KYxg1p%2FjTSPgUs3s4D3wckn6ERtS6RiLueLxw9XOQKiLq2wuCQnqofLye7NwX7sgy2SCIjgkjbzGdBTeAoypIpCIchiNQ%3D%3D\"}]}\r\ncontent-length: 4146\r\ncf-ray: a081d892c88e4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4146,"size_decoded":5277,"mime_type":"image/webp","magic":"ASCII text, with very long lines (5530), with no line terminators","md5":"a214fbf5f4f6253297c447103bf94105","sha1":"b6220208b6bad5622e58fe8d8db1e1b5bb7a7e11","sha256":"cff875ebacaaa56b694b88446335061a3e1293ef82f005c9b418319086c1608c","sha512":"7646794249eca3ef59c52865306d455864b768ab184585267ca8dee4bfde00dd6565de3a45d98db2fe86d69294314f385b93d14a11c541128125205b7c096819","ssdeep":"96:mOJr91E6fwsuQtF1NrZ6iFkMmeAvlpmvbEg/6eb/GrEr6s+nbqpNg1dvnYWhzI:mE9uqb66mSvHFbGIrdMJznYWFI","tlshash":"0db17cd35590c9f5855cb6c189f21940d6b8007e742862a93aa6ef82d76c1d01cefedc","first_seen":"2026-06-07T18:51:36.758667Z","last_seen":"2026-06-07T18:57:17.883991Z","times_seen":3,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":89,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0w78rogic0u2a.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:01.657Z","timestamp":1780858261657,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/static/chunks/0w78rogic0u2a.js HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:01 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-security-policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; object-src 'none'; img-src 'self' data: blob: https://www.facebook.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://pbs.twimg.com https://analytics.twitter.com https://t.co https: ; font-src 'self' data: https://fonts.gstatic.com https://gstatic.com https: ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https: ; script-src 'self' 'unsafe-inline' https://connect.facebook.net https://www.googletagmanager.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://static.ads-twitter.com https://analytics.twitter.com https://apis.google.com https://www.gstatic.com https://ssl.gstatic.com https://storage.googleapis.com https://*.googleapis.com https: ; connect-src 'self' wss: https://www.facebook.com https://connect.facebook.net https://www.google-analytics.com https://analytics.google.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ads-twitter.com https://analytics.twitter.com https://api.twitter.com https://*.googleapis.com https://translate.googleapis.com https://*.gstatic.com https://storage.googleapis.com https: ; frame-src 'self' https://www.googletagmanager.com https://td.doubleclick.net https://www.google.com https://www.gstatic.com ; media-src 'self' blob: data: https://storage.googleapis.com https: ; worker-src 'self' blob: ; upgrade-insecure-requests;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Sun, 07 Jun 2026 00:48:12 GMT\r\netag: W/\"7a0f-19e9f8d34e0\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=c4HAACpxxR8YsIZvaigL%2Felx5LgqXXXWGBsgQq1j7If5Mvz%2FnLfKZdCfiCl6ujLgIuDHHFMHernCY45sJb3Ot4KI6EWOF0FEdQY1jK2oNqBmDM52R%2BEmsPYtLCmnKg%3D%3D\"}]}\r\ncf-ray: a081d8875d6d4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":31247,"size_decoded":13888,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (11630)","md5":"0f6bbaa04c94fdbe2bc427fd9e61d49e","sha1":"54cad14d4efed529b0e4691382f86ebdc8fdd3f3","sha256":"f30a3fef8ff0374bfe189f748cb3f98daed3f1ddef335f276040a3506799c467","sha512":"c99a16b7b22a63c005b2fe2f9644ddfd287a84eaff4793e2d4fd8a177dfe56612a522d55e44ea0c8a6759b5eb6d324bda4c79ff9187cadf9f677778a50382f81","ssdeep":"768:cCZH2Kny+wUF+Kr1VZGsa8YXd53LbMM/7:9WKniUzZGsa88M8","tlshash":"64e22b7131a5f8d1939a8284447f440df2392e75642eb064b3fd5ce967a58c8b0b2fb7","first_seen":"2026-06-07T18:51:36.759756Z","last_seen":"2026-06-10T16:06:19.434348Z","times_seen":6,"resource_available":true,"data":null}},"time_used":122,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0tergj_hqkn7i.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:01.668Z","timestamp":1780858261668,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/static/chunks/0tergj_hqkn7i.js HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:01 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-security-policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; object-src 'none'; img-src 'self' data: blob: https://www.facebook.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://pbs.twimg.com https://analytics.twitter.com https://t.co https: ; font-src 'self' data: https://fonts.gstatic.com https://gstatic.com https: ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https: ; script-src 'self' 'unsafe-inline' https://connect.facebook.net https://www.googletagmanager.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://static.ads-twitter.com https://analytics.twitter.com https://apis.google.com https://www.gstatic.com https://ssl.gstatic.com https://storage.googleapis.com https://*.googleapis.com https: ; connect-src 'self' wss: https://www.facebook.com https://connect.facebook.net https://www.google-analytics.com https://analytics.google.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ads-twitter.com https://analytics.twitter.com https://api.twitter.com https://*.googleapis.com https://translate.googleapis.com https://*.gstatic.com https://storage.googleapis.com https: ; frame-src 'self' https://www.googletagmanager.com https://td.doubleclick.net https://www.google.com https://www.gstatic.com ; media-src 'self' blob: data: https://storage.googleapis.com https: ; worker-src 'self' blob: ; upgrade-insecure-requests;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Sun, 07 Jun 2026 00:48:12 GMT\r\netag: W/\"1d04-19e9f8d34e0\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=V2Hy5nDjNYktK0u6TiL9NODYqRPlPF%2FWWLXkgjP8mrH%2FmCHfZg5AwSa6CthChu%2BRp9fSRXiL0jHvKZyJhvbyl2kGKT9F3UMCWJQk2EGKIF%2Fw1dobWty5ZqqO8Rkjcw%3D%3D\"}]}\r\ncf-ray: a081d8876d7c4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7428,"size_decoded":5043,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (7602), with no line terminators","md5":"ee7b726f10303af6016c9462512753c1","sha1":"5ed9858bffaaa02e247d8c80eb0804d201fd9efe","sha256":"34a0368af64d797b9b5cf9a6d79a3af9d93fd29aa6d9d0269a743cf770c2cec6","sha512":"a5b78e6be7b89015cdc81e2a50616b548d8e8945ae6a3c538ab2651f8afc4dba7592424253cc19232c4c9514bccc51b0adf4ef0ddf12fe638e66fb41ec6d0690","ssdeep":"192:lYrHsUV+Fdv+Es4CUXSmNcUZMPxO5RlchGse2o4cdpo:uLsG8v+UjN5ug5YFe2o4qpo","tlshash":"c0f154eaf9c932f0958297b44327d056f22f38bb3acfe6858394d5d0526609cf356c49","first_seen":"2026-06-07T18:51:36.760946Z","last_seen":"2026-06-07T18:57:17.884997Z","times_seen":3,"resource_available":false,"data":null}},"time_used":212,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":212,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0gq5us0dathdz.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:01.670Z","timestamp":1780858261670,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/static/chunks/0gq5us0dathdz.js HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:01 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-security-policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; object-src 'none'; img-src 'self' data: blob: https://www.facebook.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://pbs.twimg.com https://analytics.twitter.com https://t.co https: ; font-src 'self' data: https://fonts.gstatic.com https://gstatic.com https: ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https: ; script-src 'self' 'unsafe-inline' https://connect.facebook.net https://www.googletagmanager.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://static.ads-twitter.com https://analytics.twitter.com https://apis.google.com https://www.gstatic.com https://ssl.gstatic.com https://storage.googleapis.com https://*.googleapis.com https: ; connect-src 'self' wss: https://www.facebook.com https://connect.facebook.net https://www.google-analytics.com https://analytics.google.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ads-twitter.com https://analytics.twitter.com https://api.twitter.com https://*.googleapis.com https://translate.googleapis.com https://*.gstatic.com https://storage.googleapis.com https: ; frame-src 'self' https://www.googletagmanager.com https://td.doubleclick.net https://www.google.com https://www.gstatic.com ; media-src 'self' blob: data: https://storage.googleapis.com https: ; worker-src 'self' blob: ; upgrade-insecure-requests;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Sun, 07 Jun 2026 00:48:12 GMT\r\netag: W/\"136f-19e9f8d34e0\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XU1JDkSdu6mqba7No7T312Npooudtjo47eRrAPgCTMlThtvwgBdtKeEcn3l2t4wLmqnuYRv92C0sloOfbkEZCZVG5z7iW0xDQmy0K9xXKhi1qmGXVtJRwicjyI074w%3D%3D\"}]}\r\ncf-ray: a081d8877d814e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4975,"size_decoded":4379,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (5097), with no line terminators","md5":"1010f9680689e7219a8a95cd636423da","sha1":"9b095bd8fd29d9c5a19e2ab75b12df916baf4a58","sha256":"47fc7d18377197e45a31daa335fdf45a7bd0db4ebedea9a289e5706004312902","sha512":"cf1058d4e9a89fdbc230be0b195deb822316adf3a16346d6561b66c763cea0c81671b9c79ae948ee45955190f8c9c06258693f9bf86243363632f9af367fd39d","ssdeep":"96:3H6z0p9ATTZNps253FHj1iMQ68eVshMh+dDzaIzg63Xl:3Izn170mOhMY1B93Xl","tlshash":"17b175b89b5d63ecad43d028172b9016932fa0bbb5d991704b9edbb194d3098f383851","first_seen":"2026-06-07T18:51:36.761874Z","last_seen":"2026-06-07T18:57:17.9585Z","times_seen":3,"resource_available":false,"data":null}},"time_used":63,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":63,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fbanners%2Fhome-banner-bb-mobile.png\u0026w=1920\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.370Z","timestamp":1780858263370,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fbanners%2Fhome-banner-bb-mobile.png\u0026w=1920\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: aiejfHeVg7NuPFijKNSbGlPlFrbRvKZBzD_tom6sMXM\r\ncontent-disposition: attachment; filename=\"home-banner-bb-mobile.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=az7OVqQMI%2FL4pm8HeA2Y%2FhtR0jGYT%2BRIg4C5wFNc%2BgzQub01vQCK2qx6W380%2Btpa%2Fu6wb%2BTvAETCQ4xaO40pgSppjWdhAjhimfRhgO%2B4L64S4Ix%2Bl%2B6I4JFHgWXpYQ%3D%3D\"}]}\r\ncontent-length: 25740\r\ncf-ray: a081d892183b4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":25740,"size_decoded":26892,"mime_type":"image/webp","magic":"ASCII text, with very long lines (34320), with no line terminators","md5":"71f90d012588ad33e16962ddcdf9bc30","sha1":"7dc79948baf34436da88ea9894dc31fa1f3fbd97","sha256":"3f9e0661dfba4d0a3554bdca166cabf4084fe7e4fffe0cf80ce8817375abc0f6","sha512":"4dc04070deadeb4f4acfa2be896b30cbe74a183ad30324ec7f41aac73205afb491dba16fc138fbdaea89eb614b83d1642e494171775652fa53f5a52c7816dd5e","ssdeep":"768:3VVS2RqDIsHZ+cYMBtSfhtZ1tc1e5op+XgIk1Yi03CRFoLxqEb:3PTqMsHrtSZt1c1e5op+QLv1QLxXb","tlshash":"acf2f1b664ca84b467940cbce1925f0e3ec82636aca4882d573d55bfe1f7b18e4b3518","first_seen":"2026-06-07T18:51:36.762881Z","last_seen":"2026-06-07T18:57:17.968375Z","times_seen":3,"resource_available":false,"data":null}},"time_used":57,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":57,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fgames%2Fcoinflip.png\u0026w=96\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.464Z","timestamp":1780858263464,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fgames%2Fcoinflip.png\u0026w=96\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: _nTSQKYokLucp8CMqq0BcnlXSs2M5Sz1tW6GiPlVic0\r\ncontent-disposition: attachment; filename=\"coinflip.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2NH5sF9NRazqw2xdJ7ZVVRaApP3W1cN2x2A7KYYLEv7vKdQLST33ca5XBT9k%2BqR0Z1b9MfqcG3qifFMjeDZ7bKW0ATdMvXMI%2BNk%2F0mDVil5ctDcQJdmKd0L%2BoTUvwg%3D%3D\"}]}\r\ncontent-length: 2644\r\ncf-ray: a081d892a8804e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2644,"size_decoded":3770,"mime_type":"image/webp","magic":"ASCII text, with very long lines (3530), with no line terminators","md5":"274637f536e59a08397b935014e0cc9a","sha1":"099e410119dc8fc252e0cbf184e25491fa88a1b5","sha256":"13f9042f612ec6451be8a479f9a4a44c73e1dc7d350cada895fd2a36eeb0974d","sha512":"2bc4a0f52ce9e2b0967f3417e312f230627b3637f303512b68ba71e5cc6614639559d1fb6e1807d22e4f78b1f154f3609699a89296ee7119f97704e87512e52d","ssdeep":"","tlshash":"02717df95907f8438d1d1ba6355388efceb906bc5bb860839365ccb0b469a7824b06c0","first_seen":"2026-06-07T18:51:36.763982Z","last_seen":"2026-06-07T18:57:17.895095Z","times_seen":3,"resource_available":false,"data":null}},"time_used":125,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":125,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0t1et0tty8o9s.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:01.643Z","timestamp":1780858261643,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/static/chunks/0t1et0tty8o9s.js HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:01 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncontent-security-policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; object-src 'none'; img-src 'self' data: blob: https://www.facebook.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://pbs.twimg.com https://analytics.twitter.com https://t.co https: ; font-src 'self' data: https://fonts.gstatic.com https://gstatic.com https: ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https: ; script-src 'self' 'unsafe-inline' https://connect.facebook.net https://www.googletagmanager.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://static.ads-twitter.com https://analytics.twitter.com https://apis.google.com https://www.gstatic.com https://ssl.gstatic.com https://storage.googleapis.com https://*.googleapis.com https: ; connect-src 'self' wss: https://www.facebook.com https://connect.facebook.net https://www.google-analytics.com https://analytics.google.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ads-twitter.com https://analytics.twitter.com https://api.twitter.com https://*.googleapis.com https://translate.googleapis.com https://*.gstatic.com https://storage.googleapis.com https: ; frame-src 'self' https://www.googletagmanager.com https://td.doubleclick.net https://www.google.com https://www.gstatic.com ; media-src 'self' blob: data: https://storage.googleapis.com https: ; worker-src 'self' blob: ; upgrade-insecure-requests;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Sun, 07 Jun 2026 00:48:12 GMT\r\netag: W/\"1992-19e9f8d34e0\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HdNDrvfqTze%2BOXxilqyZf13fezIRHKONyiDY7zmonDuBSZ8BqPV594lAWdbuOuBkPl6jHoVnG14BPtOXYrmVmtA8A1j7lRAFqfF3uniqx2%2BVv566nVfq309eQegCgA%3D%3D\"}]}\r\ncf-ray: a081d8874d614e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6546,"size_decoded":4935,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (6838), with no line terminators","md5":"0b1185e0128e4cb6869dda57b58e87a8","sha1":"e06fe6369cd3f3d9cceaf80d82503f08f90e4ff1","sha256":"7f3b107289072f92ea2aa6ab121cf4346bbd001f062dd9c769b2d0739a0d7bba","sha512":"2b5ddeafc88f6034418a82ab423279da3377bce7e854f88a8bc967a1eb8240f3c785c51a090bab2a26a581111f9590aaafe12a260994d01ad3f68c6795a2ce85","ssdeep":"96:Ibw4OKmXmVSpSJl9HLzMHwwwJ4SndEZS0f57pSDHSzFwfJMihJBtSkpS/:Ibw4OlXmVdnCOwZl5YDHYAfBtI/","tlshash":"6fe1e730f148e5577783958562b7684ef229342d9b78b4a533ccd4f392c10b86e6abe4","first_seen":"2026-05-25T18:59:24.81217Z","last_seen":"2026-06-07T18:57:17.919333Z","times_seen":9,"resource_available":false,"data":null}},"time_used":113,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":113,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0_b~x.6tnok...js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:01.651Z","timestamp":1780858261651,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/static/chunks/0_b~x.6tnok...js HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:01 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-security-policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; object-src 'none'; img-src 'self' data: blob: https://www.facebook.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://pbs.twimg.com https://analytics.twitter.com https://t.co https: ; font-src 'self' data: https://fonts.gstatic.com https://gstatic.com https: ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https: ; script-src 'self' 'unsafe-inline' https://connect.facebook.net https://www.googletagmanager.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://static.ads-twitter.com https://analytics.twitter.com https://apis.google.com https://www.gstatic.com https://ssl.gstatic.com https://storage.googleapis.com https://*.googleapis.com https: ; connect-src 'self' wss: https://www.facebook.com https://connect.facebook.net https://www.google-analytics.com https://analytics.google.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ads-twitter.com https://analytics.twitter.com https://api.twitter.com https://*.googleapis.com https://translate.googleapis.com https://*.gstatic.com https://storage.googleapis.com https: ; frame-src 'self' https://www.googletagmanager.com https://td.doubleclick.net https://www.google.com https://www.gstatic.com ; media-src 'self' blob: data: https://storage.googleapis.com https: ; worker-src 'self' blob: ; upgrade-insecure-requests;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Sun, 07 Jun 2026 00:48:12 GMT\r\netag: W/\"ddf-19e9f8d34e0\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UyiPK4iMvTor%2FjYa8QY1A8%2FqqD88sLTyfXmiErQbBNGm8bmvjsiZeIIIKqyz20WCFAc%2FU0vRCxq3%2BFLlr%2FDjyReXZPA4ZJ1y%2BbQc1UBHhpC1SowtTOJ8GVQaayyPhg%3D%3D\"}]}\r\ncf-ray: a081d8875d684e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3551,"size_decoded":4151,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (3643), with no line terminators","md5":"46e3802e74eb6b733783d4a27238a6c1","sha1":"3ae369594b95de16b0e0d38877b722c08b9ac938","sha256":"5ef6c2117d336ae74b46a9f8992c236033bd42e2f53c85138c7e37235e403c65","sha512":"a489b9a1b666aa136c2c928b15f9d60bd87cee694f81521bfdc9e789393903bdd2b613cb9a049ce6e1935426f8d5fe60e897f5ef0365243ca443d5529e03ab11","ssdeep":"","tlshash":"727173cdb1e2f4ab43971092403f249bf27e1de0581d91a4e7a5a4db792067d81f3f68","first_seen":"2026-06-07T18:51:36.765575Z","last_seen":"2026-06-07T18:57:17.96358Z","times_seen":3,"resource_available":false,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/10s19bi1jo.gk.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:01.661Z","timestamp":1780858261661,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/static/chunks/10s19bi1jo.gk.js HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:01 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-security-policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; object-src 'none'; img-src 'self' data: blob: https://www.facebook.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://pbs.twimg.com https://analytics.twitter.com https://t.co https: ; font-src 'self' data: https://fonts.gstatic.com https://gstatic.com https: ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https: ; script-src 'self' 'unsafe-inline' https://connect.facebook.net https://www.googletagmanager.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://static.ads-twitter.com https://analytics.twitter.com https://apis.google.com https://www.gstatic.com https://ssl.gstatic.com https://storage.googleapis.com https://*.googleapis.com https: ; connect-src 'self' wss: https://www.facebook.com https://connect.facebook.net https://www.google-analytics.com https://analytics.google.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ads-twitter.com https://analytics.twitter.com https://api.twitter.com https://*.googleapis.com https://translate.googleapis.com https://*.gstatic.com https://storage.googleapis.com https: ; frame-src 'self' https://www.googletagmanager.com https://td.doubleclick.net https://www.google.com https://www.gstatic.com ; media-src 'self' blob: data: https://storage.googleapis.com https: ; worker-src 'self' blob: ; upgrade-insecure-requests;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Sun, 07 Jun 2026 00:48:12 GMT\r\netag: W/\"3d7c8-19e9f8d34e0\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Z38zjwKuKHBODYL5gcKQ59bieYTPyuG%2FR3Xp9R%2FwnQFWcyjmeuwsLfXQbAmzYooKm7nI7gHYxSa70hc4uVqOuiBoXkmg4lu5elJWtfeL0h32nASxA3wnG7IVxVONZg%3D%3D\"}]}\r\ncf-ray: a081d8876d724e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":251848,"size_decoded":56113,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"d23ac5cc87d807c1ed706df398b147c7","sha1":"da31da2e6a01ffeda3278ce92d37e143bb7a1938","sha256":"4172eba18b5e5e644872f4926457cd9adf5a75a1f0bca00308ce4d41d89c942f","sha512":"5d2541f98e8aa0a01ade90896a52a769fc0571a1df30bb498bba46777c2c28f0ab0e0c98410e2c161a8cf3ff60df0e36a89ccb57695d03ddcc36eb4f49c69157","ssdeep":"1536:fx8OMBLvOv9rJEVYzcjRt9rQzsK1vE1sXFNAumTflef5GrBAUmBQ:fHfQaAOdNAuWZ","tlshash":"c6342258b3e4c2e94a88623b0dbb2509bdeb765dd0ba751862c4cd6cfa24fc45d1c7b0","first_seen":"2026-05-30T10:48:25.617642Z","last_seen":"2026-06-10T16:06:19.425563Z","times_seen":15,"resource_available":true,"data":null}},"time_used":239,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":142,"receive":97,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0.c8994ibbdin.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:01.679Z","timestamp":1780858261679,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/static/chunks/0.c8994ibbdin.js HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:01 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-security-policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; object-src 'none'; img-src 'self' data: blob: https://www.facebook.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://pbs.twimg.com https://analytics.twitter.com https://t.co https: ; font-src 'self' data: https://fonts.gstatic.com https://gstatic.com https: ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https: ; script-src 'self' 'unsafe-inline' https://connect.facebook.net https://www.googletagmanager.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://static.ads-twitter.com https://analytics.twitter.com https://apis.google.com https://www.gstatic.com https://ssl.gstatic.com https://storage.googleapis.com https://*.googleapis.com https: ; connect-src 'self' wss: https://www.facebook.com https://connect.facebook.net https://www.google-analytics.com https://analytics.google.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ads-twitter.com https://analytics.twitter.com https://api.twitter.com https://*.googleapis.com https://translate.googleapis.com https://*.gstatic.com https://storage.googleapis.com https: ; frame-src 'self' https://www.googletagmanager.com https://td.doubleclick.net https://www.google.com https://www.gstatic.com ; media-src 'self' blob: data: https://storage.googleapis.com https: ; worker-src 'self' blob: ; upgrade-insecure-requests;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Sun, 07 Jun 2026 00:48:12 GMT\r\netag: W/\"4d87-19e9f8d34e0\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ruCMbVm%2FehnBvBZS6ZYuc4lTLBuzIChZjCS3Q71KaakIb5%2BtfZkbQdtamKGQ0qAfMj%2BlKf9S91uQgqk9eK3vROArjzXAObenveTKb3wP%2FzdR0p7VTvIxNMg%2FEv4rNA%3D%3D\"}]}\r\ncf-ray: a081d8878d8e4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19847,"size_decoded":9946,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (8365)","md5":"195c9cf17d38b49ab75468414bd618d7","sha1":"1b4489bc379bc5337669c307d29ddf19143ac790","sha256":"a8d5209f7e6e5f2fb2d3b3ac6cf661ffc2309bb78c402a395eae4c35cf5d00d8","sha512":"6990aee5eea92094ea4fa3711f43910aef1e56450ebd0861751e50670d28422d5ca93a26ee4dc73b36e00753f3a6c34459d59aa49135a0f55a6ee8e9c62513ff","ssdeep":"384:z93fT2HDJyrTzyDSSH0ZymskZvQ55LQP6RrY7T8t6YLI:l3r3yDSSUHvQ55LQP1/8tpI","tlshash":"b2923c743295fcd5525fc5c0e83f400ef7292d75a57db0a4b3fc58956aa0884b0a2fba","first_seen":"2026-05-30T10:48:25.558987Z","last_seen":"2026-06-10T16:06:19.430925Z","times_seen":15,"resource_available":true,"data":null}},"time_used":138,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":138,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fsponsorships%2Fbanner-blockchain-mini.png\u0026w=640\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.480Z","timestamp":1780858263480,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fsponsorships%2Fbanner-blockchain-mini.png\u0026w=640\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: cQSRaVWX-yWrNXxuA5rm3dfeMDTyJ4Vm8gpkDzQwdfc\r\ncontent-disposition: attachment; filename=\"banner-blockchain-mini.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OS6P6EoxdeABRoXtFLqEGl5lKcVo2TlnayqqVmc%2Fa7jy%2FdW5DaoCzkZoqX%2Btf22L6CJD%2F8Rona0OJIw36Z%2BevVUN2DlTwantLZ3UjCYAXyTMY5noDcvzDr5DSNUs7g%3D%3D\"}]}\r\ncontent-length: 2964\r\ncf-ray: a081d892c88c4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2964,"size_decoded":4106,"mime_type":"image/webp","magic":"ASCII text, with very long lines (3954), with no line terminators","md5":"f872c14d1dace7e054dfaf90557ba428","sha1":"2e340871f4d32954662520bd5574795b0abebd64","sha256":"26140f0247414fbded6f907c9021d3f35d509bc3e3856bb704cabf7097110523","sha512":"913897f743092a212e0e455478e7b8b6a2fe0ecb2ac9071fc22bf40a76c4562581cbef49a81084a01d7143611f13528dde0a9d190f2b0cca13b6437a7a4ee4d8","ssdeep":"","tlshash":"b5815ce634e7576a4dabf17ddf284e430c894a3a82202ba65c501bdc514b8f4621dbdf","first_seen":"2026-06-07T18:51:36.76864Z","last_seen":"2026-06-07T18:57:17.893837Z","times_seen":3,"resource_available":false,"data":null}},"time_used":90,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":90,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/07font_ji0u27.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:01.645Z","timestamp":1780858261645,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/static/chunks/07font_ji0u27.js HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:01 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-security-policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; object-src 'none'; img-src 'self' data: blob: https://www.facebook.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://pbs.twimg.com https://analytics.twitter.com https://t.co https: ; font-src 'self' data: https://fonts.gstatic.com https://gstatic.com https: ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https: ; script-src 'self' 'unsafe-inline' https://connect.facebook.net https://www.googletagmanager.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://static.ads-twitter.com https://analytics.twitter.com https://apis.google.com https://www.gstatic.com https://ssl.gstatic.com https://storage.googleapis.com https://*.googleapis.com https: ; connect-src 'self' wss: https://www.facebook.com https://connect.facebook.net https://www.google-analytics.com https://analytics.google.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ads-twitter.com https://analytics.twitter.com https://api.twitter.com https://*.googleapis.com https://translate.googleapis.com https://*.gstatic.com https://storage.googleapis.com https: ; frame-src 'self' https://www.googletagmanager.com https://td.doubleclick.net https://www.google.com https://www.gstatic.com ; media-src 'self' blob: data: https://storage.googleapis.com https: ; worker-src 'self' blob: ; upgrade-insecure-requests;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Sun, 07 Jun 2026 00:48:12 GMT\r\netag: W/\"218e9-19e9f8d34e0\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fviUwxGxZe1nDKTmPfsnlfluOJ2gcDZU%2Bcjf2hbVXMjW3n49wfeoFLuxX3b10FzZkvDNx0p29lnKRSO%2F68GchxYDYEnalkJmE8VX0%2F8RUXgC9QtPXvUNWg9gE05qng%3D%3D\"}]}\r\ncf-ray: a081d8874d644e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":137449,"size_decoded":39973,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"844ca04584c3d6199ccaa3d3710e04b7","sha1":"bf5cd90422a77983d1d2a50435d7c0d0366b9db3","sha256":"7a9a9ff9a898c5653c9e174e4376a0de420d683f366082d804cdb33ffe608173","sha512":"b70a5ad58a34cc6bd06f110f703c63967b2c6bfe8d2c63bfc8b507b8557daa641f3c073d70d4294121c7d36c44fc8edf977af7e72dfa841e9a4f5e41b48be7ff","ssdeep":"1536:j1A+g9MEnjxzsYoyWZCYC3zWxvOcyN+PYApz0Hpsv6aYcafemr/WSeS0K6j8EknR:YTjxlofZrLvOcyN+HNYcammSSF0JjMXB","tlshash":"9bd3f6f935d2f482076b50aac03f0006f22c4d77189e6860e3e5edda756465de1b3faa","first_seen":"2026-05-13T14:24:18.078197Z","last_seen":"2026-06-19T19:10:17.360725Z","times_seen":73,"resource_available":true,"data":null}},"time_used":163,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":115,"receive":48,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/17wxa0ux09ny6.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:01.663Z","timestamp":1780858261663,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/static/chunks/17wxa0ux09ny6.js HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:01 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-security-policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; object-src 'none'; img-src 'self' data: blob: https://www.facebook.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://pbs.twimg.com https://analytics.twitter.com https://t.co https: ; font-src 'self' data: https://fonts.gstatic.com https://gstatic.com https: ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https: ; script-src 'self' 'unsafe-inline' https://connect.facebook.net https://www.googletagmanager.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://static.ads-twitter.com https://analytics.twitter.com https://apis.google.com https://www.gstatic.com https://ssl.gstatic.com https://storage.googleapis.com https://*.googleapis.com https: ; connect-src 'self' wss: https://www.facebook.com https://connect.facebook.net https://www.google-analytics.com https://analytics.google.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ads-twitter.com https://analytics.twitter.com https://api.twitter.com https://*.googleapis.com https://translate.googleapis.com https://*.gstatic.com https://storage.googleapis.com https: ; frame-src 'self' https://www.googletagmanager.com https://td.doubleclick.net https://www.google.com https://www.gstatic.com ; media-src 'self' blob: data: https://storage.googleapis.com https: ; worker-src 'self' blob: ; upgrade-insecure-requests;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Sun, 07 Jun 2026 00:48:12 GMT\r\netag: W/\"1c5aa-19e9f8d34e0\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ARAfs%2BsVLfSXTARwVd%2BmeOf%2Fv7ffkkpMEoItASDr2wEsSmFjeqIWInrxJa3oC1%2FYdyo6TRWfOha6ojKOIIpia4IqA11xiXY8mUKyFVZAnD%2FgywPAUQCD2tJA7TTYJg%3D%3D\"}]}\r\ncf-ray: a081d8876d764e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":116138,"size_decoded":35983,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (47595)","md5":"b912834505fce72251b99d5414a023a3","sha1":"0a10f121db58d490c36ad5f9c747a73e37d8c22f","sha256":"12e7d3d495d8fcbec41b61a0a9e6613eff05162ebe2cfb87b6234e881764b953","sha512":"9f6f468fe42317801c358bdcadceb576076bad76c1a6d161565848f07e163942c651c5874c47fbe3ff281596e98776c2c8d5899942040cb22dbb8a246fc5526d","ssdeep":"1536:VTWOdo9UswedK+vdVdH8oeYP5tatNZgfkjEloNdYJGeg8TgtHzKS4ymNNdk4TO6+:V/dGdV4rZKAmNbH3Xu","tlshash":"cfb31954a061beecaa6705d8645fc00cb11e6e5ccf0ec878f2fc7c252d99484ba97b8d","first_seen":"2026-06-06T04:29:59.005821Z","last_seen":"2026-06-10T16:06:19.440017Z","times_seen":7,"resource_available":true,"data":null}},"time_used":167,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":120,"receive":47,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fslots%2Fpragmatic%2FGatesOfOlympus1000.jpg\u0026w=256\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.388Z","timestamp":1780858263388,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fslots%2Fpragmatic%2FGatesOfOlympus1000.jpg\u0026w=256\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: oZV7vrtwJlhOa4X-lVu0GFe5f31qZbpXnMRI_n0WLBw\r\ncontent-disposition: attachment; filename=\"GatesOfOlympus1000.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PKTSYkdxTErP8xZGFwmpeeTkhb9V%2BtrvJlSkPQnUyl1%2FqTbaAmI47abj6yGHvjz%2BhxuFb72JYNNXNrac%2B8070PYbFdmDM7%2BbHNz77kcYd7LK7wkvItS36%2BapNQb6hA%3D%3D\"}]}\r\ncontent-length: 11086\r\ncf-ray: a081d892384f4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11086,"size_decoded":12227,"mime_type":"image/webp","magic":"ASCII text, with very long lines (14784), with no line terminators","md5":"e70b2807a8d56f9684a6fd8daeb406ec","sha1":"3bb43502e365d7a7abbac8aa85843a96160ee066","sha256":"a17f0d76bc208c02f4fe794ec20ad21bddfa51fda4343f3bbb9166ea4c0827ea","sha512":"566142ec4e3932c5eef563d84face54fe56a274fbf7106a67acfb822b503dcff98ee0edd9fa157358db21bcae9fc009917d38a61a35a51a9dfbeb0c6f9da0a26","ssdeep":"192:2gAnDe6R2gU5BDImdUtW3lKvnmVfErB52fLOMYkJCC72ii3sQAXaAW46e83hv:2gAnKChRsKw8WfauYCip8fqASZhv","tlshash":"9762d19891021a7c0cf99b9e72cdd7db3a3bc1a1056a7260d7c15314fca9a30aa5e68d","first_seen":"2026-06-07T18:51:36.771142Z","last_seen":"2026-06-07T18:57:17.973935Z","times_seen":3,"resource_available":false,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":106,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fvip%2Fsilver.png\u0026w=32\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.409Z","timestamp":1780858263409,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fvip%2Fsilver.png\u0026w=32\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: s_2e_6DUTILxwBmAYMKwZHYLp8TtK9RvMB8Gl3ebNMk\r\ncontent-disposition: attachment; filename=\"silver.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=K2lxtSjyYoLWs3EgOVA%2Ft1oLdm3PFUehJziL3wG5fUhcvKZNHjgJt%2BH%2BLtiLSjxGxeM8t0jtKpsQUE3wgkdEANTfy%2BXgt8We7w63k5loirDiTrATVeqlnDey3XnALw%3D%3D\"}]}\r\ncontent-length: 836\r\ncf-ray: a081d892585d4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":836,"size_decoded":1959,"mime_type":"image/webp","magic":"ASCII text, with very long lines (1118), with no line terminators","md5":"2f4c5fae60cc8bdc5d051efee1855495","sha1":"30e205ea20e93f6c497e6498985b7537bc75df4e","sha256":"35c8d147b165ec32f4ee86d3c0899e5f5bb6a56896f3de61f77840cab3e465ba","sha512":"0e3b44fb9ab657738522daf597d77b0e2a732ef6c4cf0fbebce09e768d1ed4d7a836bc2777e74182bb3e1711a6c9667753583cbcbe52e198f82e2b0f898f0c37","ssdeep":"","tlshash":"0921b6ae41031defd7866586a7e274380d137e43b8e6be3bcb6ca51a90883466150b78","first_seen":"2026-06-07T18:51:36.772006Z","last_seen":"2026-06-07T18:57:17.890416Z","times_seen":3,"resource_available":false,"data":null}},"time_used":113,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":113,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fcategories%2Ftrending.png\u0026w=32\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.479Z","timestamp":1780858263479,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fcategories%2Ftrending.png\u0026w=32\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: yiVMNvGq34IuwEr3kz84qgXJIMw-G2YLjQ2iSyBwwek\r\ncontent-disposition: attachment; filename=\"trending.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3O%2BqP4X%2FJ4Lnpwk53muOUi3oP0VLRU0dvRcrUIWti7pK63hVJyYO7rNmGh%2B1m2kv1WFnUWddU%2FMFC4AYBpcUE7s7uGTXWnZWysNxbSP4PpldYS%2BEiXN2sqqaSu4pAg%3D%3D\"}]}\r\ncontent-length: 920\r\ncf-ray: a081d892c88b4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":920,"size_decoded":2047,"mime_type":"image/webp","magic":"ASCII text, with very long lines (1230), with no line terminators","md5":"7ea5edd4b2e6662f9dff8b7886a8cb05","sha1":"f40d99052ef3cc4024cdbb4a7d078104e3bb6c73","sha256":"77a5a37320ea89e12bea5a3b0870d65abc1bd57e2a469b744c61cec151254bde","sha512":"1f3e8f367f526730b317e4559e0c482c30ae5edcfca25df3adbfe39b6f79f7dda3d9a8649bcc86467d590b46c9cba0021be005096cdb00f33448117f5463b027","ssdeep":"","tlshash":"2821eaf680ab7e3ecd7c2d45423800ca3df1a2cc06fbfdc3b85752109d100545aaa49c","first_seen":"2026-06-07T18:51:36.772749Z","last_seen":"2026-06-07T18:57:17.959905Z","times_seen":3,"resource_available":false,"data":null}},"time_used":125,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":125,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/api/auth/logout","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:02.101Z","timestamp":1780858262101,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /api/auth/logout HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nset-cookie: token=; Path=/; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:00 GMT; HttpOnly\nJSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B; Path=/; HttpOnly\r\nx-content-type-options: nosniff, nosniff\r\nx-xss-protection: 0\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-frame-options: SAMEORIGIN\r\nlocation: http://wezowin.com/\r\ncontent-language: en-US\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DaOm9FuPdYBV8GUdKORnrOBUWEhSXABlR3lEslRnvng6If1Fjmgv84U45suMmLiKguouyoZYFmu5iVDCKIhPLtI1Gdqz4wM6Ctj8oEyjJ87%2Bi8nGAx7Ke50pp0q0AA%3D%3D\"}]}\r\ncf-ray: a081d88a2e124e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-21T21:29:50.881468Z","times_seen":16618032,"resource_available":true,"data":null}},"time_used":949,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":949,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/?_rsc=tXyZJ52UQVBCVsD3","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.513Z","timestamp":1780858263513,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /?_rsc=tXyZJ52UQVBCVsD3 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%7D%2Cnull%2C%22metadata-only%22%5D\r\nnext-url: /\r\nnext-router-prefetch: 1\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: text/x-component\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i=?0\r\ncontent-security-policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; object-src 'none'; img-src 'self' data: blob: https://www.facebook.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://pbs.twimg.com https://analytics.twitter.com https://t.co https: ; font-src 'self' data: https://fonts.gstatic.com https://gstatic.com https: ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https: ; script-src 'self' 'unsafe-inline' https://connect.facebook.net https://www.googletagmanager.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://static.ads-twitter.com https://analytics.twitter.com https://apis.google.com https://www.gstatic.com https://ssl.gstatic.com https://storage.googleapis.com https://*.googleapis.com https: ; connect-src 'self' wss: https://www.facebook.com https://connect.facebook.net https://www.google-analytics.com https://analytics.google.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ads-twitter.com https://analytics.twitter.com https://api.twitter.com https://*.googleapis.com https://translate.googleapis.com https://*.gstatic.com https://storage.googleapis.com https: ; frame-src 'self' https://www.googletagmanager.com https://td.doubleclick.net https://www.google.com https://www.gstatic.com ; media-src 'self' blob: data: https://storage.googleapis.com https: ; worker-src 'self' blob: ; upgrade-insecure-requests;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Y3sXsjQLlRyltt6VVJn2sLvTGTuzgizKxWFgrTIYcoeivR7p%2BsIcMtE0o7rSZn5Y5DnvxG%2B7GwqqH8qdKFnw1EIcztjJNXZyIvpLLeutwCwLoJpuWEpuIuXim0xZ6g%3D%3D\"}]}\r\ncf-ray: a081d892f8954e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2978,"size_decoded":3718,"mime_type":"text/x-component","magic":"ASCII text, with very long lines (3388), with no line terminators","md5":"525697102c0c8579c58b94c35402330c","sha1":"b8bf7a4797d6c2c602740b46f5ff250507bd1494","sha256":"341f74144c418e85df08dd96e2a3f57e6528d51edea8ffde78737687a3a9875a","sha512":"03e3c5aec76d00a09cbca94d9f43517e1509794efd5e9f7b06ae0ce6705c4f19e603fbc5d5fe867b866557304042ae9c93d8b537449cac76d11f0872ed247aa1","ssdeep":"","tlshash":"6a61ec53ac19fd06df86de1d087f6cb854cd8ab6826298bde288cd1445a7c342bf5ac1","first_seen":"2026-06-07T18:51:36.774136Z","last_seen":"2026-06-07T18:51:36.774136Z","times_seen":1,"resource_available":false,"data":null}},"time_used":82,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":75,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0-f6o-8_g5r.e.css","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:01.636Z","timestamp":1780858261636,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/static/chunks/0-f6o-8_g5r.e.css HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:01 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncontent-security-policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; object-src 'none'; img-src 'self' data: blob: https://www.facebook.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://pbs.twimg.com https://analytics.twitter.com https://t.co https: ; font-src 'self' data: https://fonts.gstatic.com https://gstatic.com https: ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https: ; script-src 'self' 'unsafe-inline' https://connect.facebook.net https://www.googletagmanager.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://static.ads-twitter.com https://analytics.twitter.com https://apis.google.com https://www.gstatic.com https://ssl.gstatic.com https://storage.googleapis.com https://*.googleapis.com https: ; connect-src 'self' wss: https://www.facebook.com https://connect.facebook.net https://www.google-analytics.com https://analytics.google.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ads-twitter.com https://analytics.twitter.com https://api.twitter.com https://*.googleapis.com https://translate.googleapis.com https://*.gstatic.com https://storage.googleapis.com https: ; frame-src 'self' https://www.googletagmanager.com https://td.doubleclick.net https://www.google.com https://www.gstatic.com ; media-src 'self' blob: data: https://storage.googleapis.com https: ; worker-src 'self' blob: ; upgrade-insecure-requests;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Sun, 07 Jun 2026 00:48:12 GMT\r\netag: W/\"1143-19e9f8d34e0\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=v6YAHVAaqDz0Je8RGkon5o4usqxbfVEYcBhjFp3m4rWZq7pvtpLZFhpOtzgig0D5kW9OGMcyAwj53Whpjf6g4XdsGX6LTLt0AsxKsOYF1cFbaMub0Tqpf4j5mswszw%3D%3D\"}]}\r\ncf-ray: a081d8873d5e4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4419,"size_decoded":3261,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (4456), with no line terminators","md5":"01e1eb702d7ffcc1bd7b70855a8a150d","sha1":"ac03e93163100a598e49926370c1b92131a70b71","sha256":"f7c0368770b57c168416bbd341ef71e38dac433a8c849ec3d9e46cb40e5d598f","sha512":"8cca6aced697ab47ff76fda48d5dced4f0b4b8d3c1fa5cd2be45b304ffc8cb0cd085b29964a49e663e7ab8e358f826ed4f0445a675b748424dabdd795aa88a70","ssdeep":"48:MX4Wu4TX4gADX4O9TX4SMqwX4j8vODXmWu4TXmgADXmO9TXmSMqwXmj8vODX/Wux:8u4lYCq9iOLu4rSAqTiOyu4czjqYiOvn","tlshash":"9a919934c40f9918dae3cc3230ce7b0b6818443563e6a526d96e6de9cdaa83753d9758","first_seen":"2026-06-07T18:51:36.775006Z","last_seen":"2026-06-07T18:57:17.960555Z","times_seen":3,"resource_available":false,"data":null}},"time_used":113,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":113,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0yctg.lbns7cx.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:01.664Z","timestamp":1780858261664,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/static/chunks/0yctg.lbns7cx.js HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:01 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-security-policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; object-src 'none'; img-src 'self' data: blob: https://www.facebook.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://pbs.twimg.com https://analytics.twitter.com https://t.co https: ; font-src 'self' data: https://fonts.gstatic.com https://gstatic.com https: ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https: ; script-src 'self' 'unsafe-inline' https://connect.facebook.net https://www.googletagmanager.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://static.ads-twitter.com https://analytics.twitter.com https://apis.google.com https://www.gstatic.com https://ssl.gstatic.com https://storage.googleapis.com https://*.googleapis.com https: ; connect-src 'self' wss: https://www.facebook.com https://connect.facebook.net https://www.google-analytics.com https://analytics.google.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ads-twitter.com https://analytics.twitter.com https://api.twitter.com https://*.googleapis.com https://translate.googleapis.com https://*.gstatic.com https://storage.googleapis.com https: ; frame-src 'self' https://www.googletagmanager.com https://td.doubleclick.net https://www.google.com https://www.gstatic.com ; media-src 'self' blob: data: https://storage.googleapis.com https: ; worker-src 'self' blob: ; upgrade-insecure-requests;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Mon, 01 Jun 2026 13:05:50 GMT\r\netag: W/\"e6a7-19e834a5fb0\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nage: 300137\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FcB4i4DZjH0E4XpDjGuQhe0Xuj2oFRpyNqlXQWUJwCek%2BoN%2FJd8MiW1wF2GImAIbVS6v7TqWMpA6kkBCY7AkXP1ZRlbehsXEjRvixk9%2FeLlU6T2GokhxTJwR8FKV0A%3D%3D\"}]}\r\ncf-ray: a081d8876d774e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":59047,"size_decoded":27081,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (50117)","md5":"5e6dbb6417918d8de79010d13e28fbf1","sha1":"8d926f69f47578659c3ae8ea3c589528929a4213","sha256":"aa5317a27d957e71923c4392130129f7c923e87425e5e3f21d807cb8363ed1a2","sha512":"50869f8be5514ae913b4a0ed859fa74ee053cf7c1b825e5407f9c11a5d2d98948231e2f682817b450ea04a19e9edf78e263b38f168ebe632bc3de45397bf8e0c","ssdeep":"1536:3sLL/gHFrNd1XoZaP4o7K09tFt0pfIrMv9sN0wywCu:3sLLaL","tlshash":"d5433b0893909bf8ad8cc7f49b71749972a3b8b6f970c2d8f66e0818de150d461fc5a7","first_seen":"2026-05-30T10:48:25.569032Z","last_seen":"2026-06-10T16:06:19.465725Z","times_seen":15,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/02qk0mar43-vc.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:01.676Z","timestamp":1780858261676,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/static/chunks/02qk0mar43-vc.js HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:01 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-security-policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; object-src 'none'; img-src 'self' data: blob: https://www.facebook.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://pbs.twimg.com https://analytics.twitter.com https://t.co https: ; font-src 'self' data: https://fonts.gstatic.com https://gstatic.com https: ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https: ; script-src 'self' 'unsafe-inline' https://connect.facebook.net https://www.googletagmanager.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://static.ads-twitter.com https://analytics.twitter.com https://apis.google.com https://www.gstatic.com https://ssl.gstatic.com https://storage.googleapis.com https://*.googleapis.com https: ; connect-src 'self' wss: https://www.facebook.com https://connect.facebook.net https://www.google-analytics.com https://analytics.google.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ads-twitter.com https://analytics.twitter.com https://api.twitter.com https://*.googleapis.com https://translate.googleapis.com https://*.gstatic.com https://storage.googleapis.com https: ; frame-src 'self' https://www.googletagmanager.com https://td.doubleclick.net https://www.google.com https://www.gstatic.com ; media-src 'self' blob: data: https://storage.googleapis.com https: ; worker-src 'self' blob: ; upgrade-insecure-requests;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Sun, 31 May 2026 01:59:10 GMT\r\netag: W/\"f1a3-19e7bc1a9b0\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nage: 581249\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QbDhF8iUiOt%2FWPLldrd5PLVQaIGw7CNNJPlCYZd7Tup1%2FoIcmf8O3TJ5MzgCJwv%2BAhR9idvH3olWQqO2tdJZBI%2BPwiYJCtg%2Fs8CHdw7I0SAmdNufa5t9X1kPj6BF4g%3D%3D\"}]}\r\ncf-ray: a081d8877d884e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":61859,"size_decoded":24151,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (61859), with no line terminators","md5":"298fb813395c5ba1d4b30b6300d77dd6","sha1":"6d1ea78ded9c061a8992617742e851bc67a4150c","sha256":"c51a4a2f29ee139968322f3117df0f7114f03502ab5123c48829c087461f84b7","sha512":"f0b7062c18d373b57861cad81997999a388c193d83cf06b5c7752f2c71fb3d784d9d5ba894fb0910cd336bd23333ea28693ec93d3059706577dd9dcd6b26cb9a","ssdeep":"1536:uOSyXFaRNRdXvrZFFecIJKchan/bv+IgHeCnndWhqwqjXQl37/l+VByHBBlUNGH:uOSAsRNPZFFecia/bv+IBCndWhqwqjX2","tlshash":"5953f9edd3e8a6e8a60adbf4c963545c3e6f34f9ab85895843d4a950e8740c8790dfc0","first_seen":"2026-05-30T10:48:25.602136Z","last_seen":"2026-06-10T16:06:19.428944Z","times_seen":15,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fslots%2Fpragmatic%2FTheDogHouse.jpg\u0026w=256\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.385Z","timestamp":1780858263385,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fslots%2Fpragmatic%2FTheDogHouse.jpg\u0026w=256\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: 72L12mZA64v4jFdrqBlAh65fXsFUNBDbciGHIX1iSIA\r\ncontent-disposition: attachment; filename=\"TheDogHouse.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=40gbLtd2cN6yn8b2IVLcRkGiOT3f6a%2FXSo152VFNIJ41xR2qRx1whJVLnyPPDvkVT66w20T20g18kvgj6QtFqCkrdRJL%2F%2F1YLzVBkEGdeGL0u4FSmeUa442hEFw7xg%3D%3D\"}]}\r\ncontent-length: 10270\r\ncf-ray: a081d892284b4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10270,"size_decoded":11398,"mime_type":"image/webp","magic":"ASCII text, with very long lines (13696), with no line terminators","md5":"bbfc8626b61e6ba36804ddf5cb35962f","sha1":"e62706b993389de7ce6a4d52a0476b9f0ede6095","sha256":"94d7da1ce14dea2980c6f56fe6a7a4019094b89ca63ff3121b107d837070d5ff","sha512":"7f33248df92ae16ecc20af09310a0d5a2ae3668ef33e19fbe6573ea8341fb4cdf1b60c0ec956dd0f31e3d2c8b877cda6fa50449832fd8f941edb90dfe9e2b88f","ssdeep":"192:GLWUEdFjmk+VGUrQj5awxiRLCq9Rp64b1l7gyN8AbpY5OrCFc+p8vUIjhHy7Los6:GLWQVGUrQYh/p612AOnRUcmr8Kmega5y","tlshash":"5352aea8c2c851e472d74a947d89e87d4e404e5fe8252b60feb31cd13b9b620a652e0c","first_seen":"2026-06-07T18:51:36.777474Z","last_seen":"2026-06-07T18:57:17.964945Z","times_seen":3,"resource_available":false,"data":null}},"time_used":107,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":107,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0n.i~zwc.kwvj.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:01.644Z","timestamp":1780858261644,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/static/chunks/0n.i~zwc.kwvj.js HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:01 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-security-policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; object-src 'none'; img-src 'self' data: blob: https://www.facebook.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://pbs.twimg.com https://analytics.twitter.com https://t.co https: ; font-src 'self' data: https://fonts.gstatic.com https://gstatic.com https: ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https: ; script-src 'self' 'unsafe-inline' https://connect.facebook.net https://www.googletagmanager.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://static.ads-twitter.com https://analytics.twitter.com https://apis.google.com https://www.gstatic.com https://ssl.gstatic.com https://storage.googleapis.com https://*.googleapis.com https: ; connect-src 'self' wss: https://www.facebook.com https://connect.facebook.net https://www.google-analytics.com https://analytics.google.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ads-twitter.com https://analytics.twitter.com https://api.twitter.com https://*.googleapis.com https://translate.googleapis.com https://*.gstatic.com https://storage.googleapis.com https: ; frame-src 'self' https://www.googletagmanager.com https://td.doubleclick.net https://www.google.com https://www.gstatic.com ; media-src 'self' blob: data: https://storage.googleapis.com https: ; worker-src 'self' blob: ; upgrade-insecure-requests;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Sun, 07 Jun 2026 00:48:12 GMT\r\netag: W/\"7aa4-19e9f8d34e0\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Nyivcd5BbJ8RA1pArabe58ye6NXhWdZizjBX2glnPB1I62x4qDwflE5xQAza9HqjhTf8%2BmXWo6h8Xv4tvALMTpqEYcYVbxNuhTCIcD%2Bl2slt98kO5byd1z1EVNOegA%3D%3D\"}]}\r\ncf-ray: a081d8874d634e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31396,"size_decoded":11492,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (31396), with no line terminators","md5":"3426fb79588c083a595c664962857e5b","sha1":"c8f47e2976b96307c0bbaeb405acd4d9d83e54fd","sha256":"e7441830d2e0ef1091043d1960ec038f8d1fdf7095227cc755c317183459f4ca","sha512":"902a6534082abe30a8c77585dfb533b453fe37215224503b9bcb1e5ad9f1ab07498514fedf7e4ce8af7b6ec8f5cef6fac68621b904a3af1037e79c8a89f840b1","ssdeep":"384:f+FjBRxz/akqleEZQKZTd961CHSW+uLf8J6otgG4uaFQW9Uiet6eIup1NqBYjYvN:f8j5/aZlKUd961Cz+uZcNqBq71/5Mt","tlshash":"1fe294a971d5f4910b9354b5803f501bf23e0db6286da0a4e3e2dceab9b054dd133f9a","first_seen":"2026-06-07T18:51:36.778355Z","last_seen":"2026-06-08T09:16:09.103772Z","times_seen":4,"resource_available":true,"data":null}},"time_used":139,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":139,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/turbopack-0je_qrls.5nbx.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:01.649Z","timestamp":1780858261649,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/static/chunks/turbopack-0je_qrls.5nbx.js HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:01 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-security-policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; object-src 'none'; img-src 'self' data: blob: https://www.facebook.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://pbs.twimg.com https://analytics.twitter.com https://t.co https: ; font-src 'self' data: https://fonts.gstatic.com https://gstatic.com https: ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https: ; script-src 'self' 'unsafe-inline' https://connect.facebook.net https://www.googletagmanager.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://static.ads-twitter.com https://analytics.twitter.com https://apis.google.com https://www.gstatic.com https://ssl.gstatic.com https://storage.googleapis.com https://*.googleapis.com https: ; connect-src 'self' wss: https://www.facebook.com https://connect.facebook.net https://www.google-analytics.com https://analytics.google.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ads-twitter.com https://analytics.twitter.com https://api.twitter.com https://*.googleapis.com https://translate.googleapis.com https://*.gstatic.com https://storage.googleapis.com https: ; frame-src 'self' https://www.googletagmanager.com https://td.doubleclick.net https://www.google.com https://www.gstatic.com ; media-src 'self' blob: data: https://storage.googleapis.com https: ; worker-src 'self' blob: ; upgrade-insecure-requests;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Sun, 07 Jun 2026 00:48:12 GMT\r\netag: W/\"2975-19e9f8d34e0\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=i1KCDVDwiQerWhl8V0FTWm%2BLnLMdxNQrq3vRztXgNFSNqICMqApkVaSZ3bF7nxJePEARGXnXUnU1Ky7JSfwKBTtfzDL8GriXNaXreAzAsWokVT%2BA58wyI5EbGEIKVA%3D%3D\"}]}\r\ncf-ray: a081d8875d674e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10613,"size_decoded":6757,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (10613), with no line terminators","md5":"ee2092d9285145e3c4d7fe83e3455685","sha1":"6b8aad716bfbc32795c0a7dac827df2ccf0d82d0","sha256":"4f22fbfa6087537ece331ed76882e9f07161ec8c64bf9a7c42818baf5769a4d2","sha512":"61dbe37f61663f764fe9b1014cd0f099f51581c59013e4b938dbbfb8e3e6cbb5fcf184bf1de60f72cece30c0fdd1b3819bdfb58d51d7858b8114b201fd7d6e55","ssdeep":"192:g4gM6B68gEsg6d2hE7oGElpETND+S3sBT4fCT3cXX6hfH2:g4gM6VLsElWyssqCTMD","tlshash":"8622c6da37a6f07343afa4ebd06f4004f17984a9145d141cd3aca8eb2c354aa85e7f76","first_seen":"2026-06-07T18:51:36.779161Z","last_seen":"2026-06-08T09:16:09.123687Z","times_seen":4,"resource_available":true,"data":null}},"time_used":115,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":115,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fvip%2Fgold.png\u0026w=32\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.403Z","timestamp":1780858263403,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fvip%2Fgold.png\u0026w=32\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: 8AvjfvleEudCVARB6_R-GJiy6pvUiOVPIvyKXb7lg7I\r\ncontent-disposition: attachment; filename=\"gold.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LUGhpGib1xUUePpd9xbulgMKbzuv3On9E3A4%2FDwcYSPKqYNEY3L13msmqevcFKGB%2BK3siMTYBomJfIXddhEuAgrD7LyKDrrnghznfbLAPLMk4tmoFSB5mfKqPH0D5g%3D%3D\"}]}\r\ncontent-length: 944\r\ncf-ray: a081d89248564e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":944,"size_decoded":2061,"mime_type":"image/webp","magic":"ASCII text, with very long lines (1262), with no line terminators","md5":"4bc663caa3777d5c68212a64d578ae9e","sha1":"583f68ed442db3b993cea71c2a314ad1bc549bcd","sha256":"7cf175f5b837c1aeedfd66126e7ca5b0c42154d5aaf626d8c7b992113cdf8abb","sha512":"0cf101565fc90a6aa9ea5c4d5e9ae20b846e9b6c173739fbff99b691651c2400a3d9b64c88b074d91ec3c67bac511b35e81a1b77618a547aa49bcbbc1cdd8e21","ssdeep":"","tlshash":"9b2195b6e87ed53b84088502ff9a68ae4c946c97d2816e732c54a764d284cc1fe89c88","first_seen":"2026-06-07T18:51:36.779994Z","last_seen":"2026-06-07T18:57:17.959171Z","times_seen":3,"resource_available":false,"data":null}},"time_used":105,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":105,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fslots%2Fpragmatic%2FBigBassBonanza.jpg\u0026w=96\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.410Z","timestamp":1780858263410,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fslots%2Fpragmatic%2FBigBassBonanza.jpg\u0026w=96\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: u8JQ5DGRTwlOyCWM7LjBUB10cxGmg6T0Rdm4L7FYPHk\r\ncontent-disposition: attachment; filename=\"BigBassBonanza.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jgWZCmgHRPMiYvj2lE190%2F6ltm6Ew25%2Fxsw0IRiW9VHdwdVRALehivZgX9xpc9h%2FdfhOuKFchuYYLbiRGi2YSkdsfPW%2B7xYdPxV4%2BzmD1U5vdzLx7RfZf8NuBDrCyQ%3D%3D\"}]}\r\ncontent-length: 2542\r\ncf-ray: a081d89258604e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2542,"size_decoded":3676,"mime_type":"image/webp","magic":"ASCII text, with very long lines (3394), with no line terminators","md5":"f9d4df217396602ba217e75113bf96c5","sha1":"561f80a8fb65b8396e53e1d6e1a6f463956b416c","sha256":"0edece14f7e292b8d6ad11a2973f85c7ca5a4d42080dd3969dbba26ea685b7b6","sha512":"e1d2a66979c6334cc6c005bce0383abac032673c73fcf3ff425dcef188266005189042bc41ecfdbfe4129a2dee527be47dda57741809e8ff3655dc4bcd942f84","ssdeep":"","tlshash":"d1617ec747040194175125e8c4b67de529b3d5905c8eab6752ea779e0c171e0c275a51","first_seen":"2026-06-07T18:51:36.780829Z","last_seen":"2026-06-07T18:51:36.780829Z","times_seen":1,"resource_available":false,"data":null}},"time_used":121,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":121,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fslots%2Fpragmatic%2FStarlightPrincess1000.jpg\u0026w=96\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.404Z","timestamp":1780858263404,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fslots%2Fpragmatic%2FStarlightPrincess1000.jpg\u0026w=96\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: Iomu-R8cb1qReHFPvAn34PNJXO8MAvSykY8sTpp3hIg\r\ncontent-disposition: attachment; filename=\"StarlightPrincess1000.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2pZnJVc8%2FfSAfZnrD1eHHOaG6yjuLQ7tTy8ghc%2Bo8CM4HX%2B48D2GbqE9vLb8dT5bAWZ1D1%2FARrEdyn7%2BNNWLR2Slp3RC7Fu%2F%2FKR8UxuKrXhSkT4LcdUsBvtBEvLtNQ%3D%3D\"}]}\r\ncontent-length: 3160\r\ncf-ray: a081d89248594e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3160,"size_decoded":4305,"mime_type":"image/webp","magic":"ASCII text, with very long lines (4218), with no line terminators","md5":"16b518973277ca50e2550fde420ebbf3","sha1":"2c17d1c3d4b51dfc2964fbc533091523f248e6e4","sha256":"cfe60762ba8582e44934976705e558a46652382ae5c8ba7ad71545b102d3aaaa","sha512":"9ba71c1214f9735882e2d2d6abbfffa4edfc02a4423ce443cbd04d3221d7ce77efc8195f39f1e641bf149e828470501b69a30301e5557c71081818798ec74866","ssdeep":"96:Ox4n4Xj6dwoiv/kCrzufFTOwciC2mYp/rJlOyWsA66y7:ObpzwFTa8rtlEHW","tlshash":"d7918eb2bc973819b7df001d50e02deead20be64d66d01f0a9603095b048cb3a1edcb2","first_seen":"2026-06-07T18:51:36.781585Z","last_seen":"2026-06-07T18:57:17.889847Z","times_seen":3,"resource_available":false,"data":null}},"time_used":108,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":108,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0m_p1bxtorv5i.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:01.647Z","timestamp":1780858261647,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/static/chunks/0m_p1bxtorv5i.js HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:01 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-security-policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; object-src 'none'; img-src 'self' data: blob: https://www.facebook.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://pbs.twimg.com https://analytics.twitter.com https://t.co https: ; font-src 'self' data: https://fonts.gstatic.com https://gstatic.com https: ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https: ; script-src 'self' 'unsafe-inline' https://connect.facebook.net https://www.googletagmanager.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://static.ads-twitter.com https://analytics.twitter.com https://apis.google.com https://www.gstatic.com https://ssl.gstatic.com https://storage.googleapis.com https://*.googleapis.com https: ; connect-src 'self' wss: https://www.facebook.com https://connect.facebook.net https://www.google-analytics.com https://analytics.google.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ads-twitter.com https://analytics.twitter.com https://api.twitter.com https://*.googleapis.com https://translate.googleapis.com https://*.gstatic.com https://storage.googleapis.com https: ; frame-src 'self' https://www.googletagmanager.com https://td.doubleclick.net https://www.google.com https://www.gstatic.com ; media-src 'self' blob: data: https://storage.googleapis.com https: ; worker-src 'self' blob: ; upgrade-insecure-requests;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Sun, 07 Jun 2026 00:48:12 GMT\r\netag: W/\"37433-19e9f8d34e0\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iFwUnZunuIj%2Fnif8NitK1fZILR6F%2BcVmZjgSp%2FzVyGicwI%2B6SkEvUMLK7Ou4DJ%2FJYwrpb82jjrMbmL2PqoV3HOuSA13qRMjxWezwfHiLwJ4K5fo3AGhf6eEYD%2FjIMA%3D%3D\"}]}\r\ncf-ray: a081d8874d654e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":226355,"size_decoded":73336,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"1206d27e928d82532620c2c2ebfc59e4","sha1":"87d795e244967699726115c25f142297f5e77be0","sha256":"204f4020f37e64c94f21ba40ef389e0658974451943f325cd5e8ff9a4fab90bb","sha512":"1a352e837c2948d57b763bda2f5fbadd34139da35cc240eddadeb22406d9abfbbf99df503bbe604090310b7c9a8a14b45b202813db485d3a5e8203b72065ea7e","ssdeep":"3072:cFJtqqM4OGLOg/VNqfxMtmcvlBibQBTGQHyXs0Mug98n+d0+w/:cFJtZxOGLOgNMMQQy8mO8n+d0+w/","tlshash":"c324fbe83955f662aab302b710af18037338252b280d4d60a251fdddb57845fb17bf9e","first_seen":"2026-05-08T23:34:30.397578Z","last_seen":"2026-06-21T21:41:44.693255Z","times_seen":428,"resource_available":true,"data":null}},"time_used":210,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":123,"receive":87,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/11e2zymdqw9hq.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:01.659Z","timestamp":1780858261659,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/static/chunks/11e2zymdqw9hq.js HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:01 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-security-policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; object-src 'none'; img-src 'self' data: blob: https://www.facebook.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://pbs.twimg.com https://analytics.twitter.com https://t.co https: ; font-src 'self' data: https://fonts.gstatic.com https://gstatic.com https: ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https: ; script-src 'self' 'unsafe-inline' https://connect.facebook.net https://www.googletagmanager.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://static.ads-twitter.com https://analytics.twitter.com https://apis.google.com https://www.gstatic.com https://ssl.gstatic.com https://storage.googleapis.com https://*.googleapis.com https: ; connect-src 'self' wss: https://www.facebook.com https://connect.facebook.net https://www.google-analytics.com https://analytics.google.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ads-twitter.com https://analytics.twitter.com https://api.twitter.com https://*.googleapis.com https://translate.googleapis.com https://*.gstatic.com https://storage.googleapis.com https: ; frame-src 'self' https://www.googletagmanager.com https://td.doubleclick.net https://www.google.com https://www.gstatic.com ; media-src 'self' blob: data: https://storage.googleapis.com https: ; worker-src 'self' blob: ; upgrade-insecure-requests;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Sun, 07 Jun 2026 00:48:12 GMT\r\netag: W/\"c226-19e9f8d34e0\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FmyJqIVK52nITEkcXmO8oLgDqxXdkVa%2FftRMxKkx%2B9PLirkLx0iEDOe04gj%2Fng8F3wz2nQepfBQ33Ej37r4cC0Vu2pczwNiD0fvfmQQSNr%2FYVobeaNBE98gtcD3QCA%3D%3D\"}]}\r\ncf-ray: a081d8876d704e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":49702,"size_decoded":22070,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (38655)","md5":"d5029cfdb2f976359020ea468734ec14","sha1":"567169760f3e3d8b5dddc68d82d2139e4390d894","sha256":"6cba14141d496048a160ca02ac420a8c34aad243dcc038eda4153da00d4ebea2","sha512":"fe143ef775ed5ce402038f75ff244dd8de0a8608dcda0bb9bb2a114a2f234c23646d8b842eed3e9bc5865548db107aae5e82d5a1ef17c02775d81335ba91209d","ssdeep":"1536:Peicyr1C7R+G6HQeiIo0PO7PZ7zbQGBBHCgEudrUu9qaAVCBA:PZrJQ8o0mbh/XBBHuuC","tlshash":"38233ae9b39070b89b47d3e5c5bb50057a3e11783945c82cd3ed2cfc68149cea1aabd6","first_seen":"2026-06-07T18:51:36.782932Z","last_seen":"2026-06-10T16:06:19.425079Z","times_seen":6,"resource_available":true,"data":null}},"time_used":160,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":113,"receive":47,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/05eld2k6f.g~h.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:01.667Z","timestamp":1780858261667,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/static/chunks/05eld2k6f.g~h.js HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:01 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-security-policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; object-src 'none'; img-src 'self' data: blob: https://www.facebook.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://pbs.twimg.com https://analytics.twitter.com https://t.co https: ; font-src 'self' data: https://fonts.gstatic.com https://gstatic.com https: ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https: ; script-src 'self' 'unsafe-inline' https://connect.facebook.net https://www.googletagmanager.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://static.ads-twitter.com https://analytics.twitter.com https://apis.google.com https://www.gstatic.com https://ssl.gstatic.com https://storage.googleapis.com https://*.googleapis.com https: ; connect-src 'self' wss: https://www.facebook.com https://connect.facebook.net https://www.google-analytics.com https://analytics.google.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ads-twitter.com https://analytics.twitter.com https://api.twitter.com https://*.googleapis.com https://translate.googleapis.com https://*.gstatic.com https://storage.googleapis.com https: ; frame-src 'self' https://www.googletagmanager.com https://td.doubleclick.net https://www.google.com https://www.gstatic.com ; media-src 'self' blob: data: https://storage.googleapis.com https: ; worker-src 'self' blob: ; upgrade-insecure-requests;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Sun, 07 Jun 2026 00:48:12 GMT\r\netag: W/\"d36-19e9f8d34e0\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YI4OfCElraOENKoGVJYwvor7OgB%2FNJCKU18mVhF40JXSeXWBWn%2BPljjfu%2Ftmz96p1hltwmlZO0uQ9fqcfSEuFk9l9yAAylsRaGRl1kInIzhOfINIkbQn9%2Brp%2FR4dVw%3D%3D\"}]}\r\ncf-ray: a081d8876d7a4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3382,"size_decoded":3998,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (3460), with no line terminators","md5":"464b00fba6169cd9c2072e8bb383fd6f","sha1":"aad2a49349f1285e8ec39483e8584e5b7497f1ae","sha256":"9d6ce2bfa60879f416c25cd52b443878ca24627560d5fe28752793d086144103","sha512":"ff4862047f712e24863506c81b83387813c4a7e00943baf91d506c9e076c2ed971b53b7a3798ff63aa845f59996ca20f0111dbfb9a34367595e50a428a780d52","ssdeep":"","tlshash":"af6164f4dba892ec4596d5980f6fa202a34f787b75df8090665ccae191c3849f023c19","first_seen":"2026-06-07T18:51:36.783717Z","last_seen":"2026-06-07T18:57:17.966879Z","times_seen":3,"resource_available":false,"data":null}},"time_used":139,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":139,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0epz-.xtep6ek.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:01.681Z","timestamp":1780858261681,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/static/chunks/0epz-.xtep6ek.js HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:01 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-security-policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; object-src 'none'; img-src 'self' data: blob: https://www.facebook.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://pbs.twimg.com https://analytics.twitter.com https://t.co https: ; font-src 'self' data: https://fonts.gstatic.com https://gstatic.com https: ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https: ; script-src 'self' 'unsafe-inline' https://connect.facebook.net https://www.googletagmanager.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://static.ads-twitter.com https://analytics.twitter.com https://apis.google.com https://www.gstatic.com https://ssl.gstatic.com https://storage.googleapis.com https://*.googleapis.com https: ; connect-src 'self' wss: https://www.facebook.com https://connect.facebook.net https://www.google-analytics.com https://analytics.google.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ads-twitter.com https://analytics.twitter.com https://api.twitter.com https://*.googleapis.com https://translate.googleapis.com https://*.gstatic.com https://storage.googleapis.com https: ; frame-src 'self' https://www.googletagmanager.com https://td.doubleclick.net https://www.google.com https://www.gstatic.com ; media-src 'self' blob: data: https://storage.googleapis.com https: ; worker-src 'self' blob: ; upgrade-insecure-requests;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Sun, 07 Jun 2026 00:48:12 GMT\r\netag: W/\"4d90-19e9f8d34e0\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=g0rr%2B1qzwdCjM2bhai8pomxjqvC0oLE8HwsbubZ52gsI1E0n1ZP8Bb5hMutgzUIlM6Unz%2BafryigBWxRFPqZn5deENS%2FQVCQANqrPqILa0WSKcP78K6y9PnV6Bx1ng%3D%3D\"}]}\r\ncf-ray: a081d8878d8f4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19856,"size_decoded":9944,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (8374)","md5":"a8a7359756f62b3abc4693f1f43bf88b","sha1":"b11c2a5fcfbda447adfaf6412a621d228132f5b0","sha256":"6ed18c99b0ea0198a2eb2c2aab1ffbe07ffd05b84fdc5e07d308abdbcea64f3b","sha512":"3315cf9d46616007c35d8153d6b8bdd0664468a6316a3adf0fd7d7387b67ef8cd9a50dcca7e758be8ac49cbf4ea67adf0f2e16326b6aea89d6222e7a8271130f","ssdeep":"384:z93fT2HDJyrTzyDSSH0ZymskZvQ55LQP6RrY7T8t6iW:l3r3yDSSUHvQ55LQP1/8ty","tlshash":"90923c743295fcd5525bc5c0e83f400ef7292d75a57db0a4b3fc54956aa0884b0a2fba","first_seen":"2026-05-30T10:48:25.662111Z","last_seen":"2026-06-10T16:06:19.47076Z","times_seen":15,"resource_available":true,"data":null}},"time_used":136,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":136,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fbg-telka.png\u0026w=1920\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.374Z","timestamp":1780858263374,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fbg-telka.png\u0026w=1920\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: D_yPF2-ZIrHkRc0w7X85GdAHb-suhmA5Qpt017Gcunw\r\ncontent-disposition: attachment; filename=\"bg-telka.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=t1NxUUw0lOesaugt%2BRfzg4mCnqBhedbmrYdHTqs77s8226WOIsXgXbnUbUIwY8TdIFs%2BdMR8vnofj07FOdJR0D8PkWqlyRUpQ%2FT8HGwIhZd2Of7ThQNknUQtznN6DA%3D%3D\"}]}\r\ncontent-length: 24240\r\ncf-ray: a081d892183d4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":24240,"size_decoded":25365,"mime_type":"image/webp","magic":"ASCII text, with very long lines (32320), with no line terminators","md5":"f42f8af03980e1aae8f6bc245e37595b","sha1":"0e0109825f97e294c5982bbc8304bf1992c321d4","sha256":"e4459ee5bfee9243ca7ac559816ddf511d2974227b157ab1d910cfd3f45e672f","sha512":"36f65fbf388634957b2cafbecd78af68a0300d9ecb5c7e18352e5d488a0a40e0cd8f94da9a0a3141ce04f5bbcb22ed21b89165e5f9c3140196b781d0e6e6a8c8","ssdeep":"768:b4r2VH8Hkcim/DkBXnlevlYp5D1Y6aBO3hJniZQ:b4WxBXnEvKLDuo7nl","tlshash":"f0e2f129eba7cc2c0a40a2b09796ed440fb295d5e0eb8f3a92457c391ecedbc6419305","first_seen":"2026-06-07T18:51:36.785089Z","last_seen":"2026-06-07T18:57:17.968998Z","times_seen":3,"resource_available":false,"data":null}},"time_used":157,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":107,"receive":50,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fslots%2Fhacksaw%2FSixSixSix.jpg\u0026w=96\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.457Z","timestamp":1780858263457,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fslots%2Fhacksaw%2FSixSixSix.jpg\u0026w=96\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: 9AxsOgcxzIPSAUlndcfXNw5GK9jgq1wKHuSbec4T6ek\r\ncontent-disposition: attachment; filename=\"SixSixSix.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=u7lC0saRq0BBYn92k9bW0gewSKlj2n2vQWhDjkh7dx0pwmPuuGWcdqTb6UoCqtpLN52udx5OYuzfnpVZUY%2FvR4KRKR37le7GpI5R0MK%2BddB7HB9iTnhgobxyuFgkNA%3D%3D\"}]}\r\ncontent-length: 2402\r\ncf-ray: a081d89298794e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2402,"size_decoded":3525,"mime_type":"image/webp","magic":"ASCII text, with very long lines (3206), with no line terminators","md5":"87636455c3001740903bcb4bcd9dd384","sha1":"3f2a113c64d3d218eb1d930d842acd9dbc7faa61","sha256":"015017881c386fc5a85426191d03ea45b04ab0a007e693db888b936a534b9758","sha512":"ae1c2bb7493fab18889a784efafec08baf92f41d0f7a4387bc71a51cfd392cc6b4cbb5ec5087c2b6b6f6a8b810ed828beb36f343ec5dadad11d0e1cb0594754a","ssdeep":"","tlshash":"71617d340d16f0444cf89947dc3a1888bc56f4ed20dbed5b0cde433aa815ace861fa0c","first_seen":"2026-06-07T18:51:36.785884Z","last_seen":"2026-06-07T18:51:36.785884Z","times_seen":1,"resource_available":false,"data":null}},"time_used":120,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":120,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fslots%2Fhacksaw%2FLeBandit.jpeg\u0026w=96\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.459Z","timestamp":1780858263459,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fslots%2Fhacksaw%2FLeBandit.jpeg\u0026w=96\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: fh_2bgdpZ48oCZfnsZ0C26t8xueU8P_6tc7EfnKr9Zg\r\ncontent-disposition: attachment; filename=\"LeBandit.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HqrLUsJHU%2F9LYYTwSFW8PqnANOWQ5OBdVgjU%2BkHRMvnaNJv4kTFZGc%2F2ldIc%2Bgn2Xah5X6RVh7yLeeO7KoFBX%2Bgunj8S%2Bq7T%2FNWpUEpxZcCIOGR5fwcFN4m0sA95gQ%3D%3D\"}]}\r\ncontent-length: 2586\r\ncf-ray: a081d892a87a4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2586,"size_decoded":3718,"mime_type":"image/webp","magic":"ASCII text, with very long lines (3450), with no line terminators","md5":"ffaf87572980e2fc3e7a832a74cf4e63","sha1":"a0808f5cbac105be86ca001a50a56ae39288f6c4","sha256":"9a0555527331dfe9200fa730a86cf3196a223a4a7d3370061a64eff5961ed675","sha512":"ea4faf46e99349cbef4dd57bede1f2bbc5ea0667160585f89b000c07d110aaa24e19d33dabd273e733b4b27168dc688bf4c0a890d178e8c036254d896d07785f","ssdeep":"","tlshash":"c4616b9251e1b9848b7cfa5362e356c9d3cb95f3586384886498f0194d8ab50331aefd","first_seen":"2026-06-07T18:51:36.786714Z","last_seen":"2026-06-07T18:57:17.887003Z","times_seen":2,"resource_available":false,"data":null}},"time_used":119,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0pqt~8bl3ukh4.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:01.648Z","timestamp":1780858261648,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/static/chunks/0pqt~8bl3ukh4.js HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:01 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-security-policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; object-src 'none'; img-src 'self' data: blob: https://www.facebook.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://pbs.twimg.com https://analytics.twitter.com https://t.co https: ; font-src 'self' data: https://fonts.gstatic.com https://gstatic.com https: ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https: ; script-src 'self' 'unsafe-inline' https://connect.facebook.net https://www.googletagmanager.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://static.ads-twitter.com https://analytics.twitter.com https://apis.google.com https://www.gstatic.com https://ssl.gstatic.com https://storage.googleapis.com https://*.googleapis.com https: ; connect-src 'self' wss: https://www.facebook.com https://connect.facebook.net https://www.google-analytics.com https://analytics.google.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ads-twitter.com https://analytics.twitter.com https://api.twitter.com https://*.googleapis.com https://translate.googleapis.com https://*.gstatic.com https://storage.googleapis.com https: ; frame-src 'self' https://www.googletagmanager.com https://td.doubleclick.net https://www.google.com https://www.gstatic.com ; media-src 'self' blob: data: https://storage.googleapis.com https: ; worker-src 'self' blob: ; upgrade-insecure-requests;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Sun, 07 Jun 2026 00:48:12 GMT\r\netag: W/\"ad7e-19e9f8d34e0\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OIu1f8Po65024ThpdhYwPonxCAm%2FZZx2yHnosow7ZNh4wM6CccjhGTjRrP2chFjwwMSkfKT6pQY9J%2FamHsHh1rSnVfIwosyK8ftefy6TNPW0V3eGU2ogoCrhwP5KUA%3D%3D\"}]}\r\ncf-ray: a081d8875d664e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":44414,"size_decoded":11835,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (24405)","md5":"c621d697f789f9a625e80384da50359c","sha1":"21b6e9613cc917a5fa984be427364d03e5757cbc","sha256":"5261101892e2476e4346e19e86fd5f19cbcf7c765ff76e92eb9cefcc86b6db6a","sha512":"59a0ad4d3270e18ccc1178b7a1c8902793a70e88a518f01ce894d1d3335251953289630dcaa26b4c6d9a3b6bb5563b8845d5fabfc521878c382c7d2a56957ffa","ssdeep":"384:p7/A2dkTd93jBT0diRTRIpowbIBqjac/s+rPYjDExpCkKMny1V0U5+wQhKHAlwe4:BN8pcowkpc/s+zYXExp7ly1V0UVD","tlshash":"4513e7b132d4faa3539341e0e43f2016f2780d7520ad6470a7e89c9f754d88da6befa5","first_seen":"2026-03-18T18:55:57.705164Z","last_seen":"2026-06-21T21:28:06.299184Z","times_seen":7077,"resource_available":true,"data":null}},"time_used":112,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":112,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/04ju1lilzr~yq.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:01.655Z","timestamp":1780858261655,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/static/chunks/04ju1lilzr~yq.js HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:01 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-security-policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; object-src 'none'; img-src 'self' data: blob: https://www.facebook.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://pbs.twimg.com https://analytics.twitter.com https://t.co https: ; font-src 'self' data: https://fonts.gstatic.com https://gstatic.com https: ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https: ; script-src 'self' 'unsafe-inline' https://connect.facebook.net https://www.googletagmanager.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://static.ads-twitter.com https://analytics.twitter.com https://apis.google.com https://www.gstatic.com https://ssl.gstatic.com https://storage.googleapis.com https://*.googleapis.com https: ; connect-src 'self' wss: https://www.facebook.com https://connect.facebook.net https://www.google-analytics.com https://analytics.google.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ads-twitter.com https://analytics.twitter.com https://api.twitter.com https://*.googleapis.com https://translate.googleapis.com https://*.gstatic.com https://storage.googleapis.com https: ; frame-src 'self' https://www.googletagmanager.com https://td.doubleclick.net https://www.google.com https://www.gstatic.com ; media-src 'self' blob: data: https://storage.googleapis.com https: ; worker-src 'self' blob: ; upgrade-insecure-requests;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Sun, 07 Jun 2026 00:48:12 GMT\r\netag: W/\"22bb-19e9f8d34e0\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GKPxTJ4UEyl9dGUrKXbuT15vrxH7KcCC6YtEVkyGE6zK6rG14lbx9nnSRnf2vV8hMFVRObRRePWp7nkiQOVdSV1aML4vi4yUUq%2B901cf%2BVRX3EH0XyCVxVMEAVUs5g%3D%3D\"}]}\r\ncf-ray: a081d8875d6b4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8891,"size_decoded":5815,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (9527), with no line terminators","md5":"cb74ba30095d780edf400d82e27505a1","sha1":"77ba6047bf0e6fdd22ec876bd48f876b2a54e944","sha256":"24e176669ae01a20e3be0ae5bcdefe9f9f1dbfa4095730d349b9e3929a7b16b1","sha512":"19f79c3fe7731624deff2d031f8340c71198767ae0d8683a688335ba2a5b5166938ba5f809876f6f74050ec304af3423c3d5635b3d49fb5fd94796234ee1eeb0","ssdeep":"192:ltK7JcvEg3XhN0qWzN/Tak63v0ZNb49/7y3amqpif2C+6ZoUY:pV3r0qGJC0ZNMEVZ1Y","tlshash":"ec121ada74b9f8301269cf602633ca49751b3d77345e5090a7a9ece430ac5aec452fca","first_seen":"2026-06-07T18:51:36.788264Z","last_seen":"2026-06-07T18:57:17.97187Z","times_seen":3,"resource_available":false,"data":null}},"time_used":113,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":113,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0nh8v~7ip8our.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:01.660Z","timestamp":1780858261660,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/static/chunks/0nh8v~7ip8our.js HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:01 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-security-policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; object-src 'none'; img-src 'self' data: blob: https://www.facebook.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://pbs.twimg.com https://analytics.twitter.com https://t.co https: ; font-src 'self' data: https://fonts.gstatic.com https://gstatic.com https: ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https: ; script-src 'self' 'unsafe-inline' https://connect.facebook.net https://www.googletagmanager.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://static.ads-twitter.com https://analytics.twitter.com https://apis.google.com https://www.gstatic.com https://ssl.gstatic.com https://storage.googleapis.com https://*.googleapis.com https: ; connect-src 'self' wss: https://www.facebook.com https://connect.facebook.net https://www.google-analytics.com https://analytics.google.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ads-twitter.com https://analytics.twitter.com https://api.twitter.com https://*.googleapis.com https://translate.googleapis.com https://*.gstatic.com https://storage.googleapis.com https: ; frame-src 'self' https://www.googletagmanager.com https://td.doubleclick.net https://www.google.com https://www.gstatic.com ; media-src 'self' blob: data: https://storage.googleapis.com https: ; worker-src 'self' blob: ; upgrade-insecure-requests;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Sun, 31 May 2026 01:59:10 GMT\r\netag: W/\"1539-19e7bc1a9b0\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nage: 581249\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=w1MeVzA8je%2Bogkye6Lp1ECyAyDqmr4JuQuGnMGCiP8t%2FHWo2ElMLqxEZqktiqHbBNg4uv1cJ7KcvB3eDeiXbgqaE9MrDUjkopRpO0BHZxRUZLOp0HPqBjh8ae3n7UQ%3D%3D\"}]}\r\ncf-ray: a081d8876d714e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5433,"size_decoded":4629,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (5519), with no line terminators","md5":"19ab58321845436d5d1c65003ad2f7fa","sha1":"4dfb0df63f4314c4ca59c2b4dd1fa0ab74b4f835","sha256":"b6b6836279da6ac31f3b030154eec29719758f50c5f044adac7313d465a56493","sha512":"400983a42b3b8f05df5c66665e06d2bae32d0037eb14cfe64b4b1743ce5a8174a835a9704267877518cc272f248f2c665173af0e4960eed41bf12811bbb4c206","ssdeep":"96:WYKlRhyvcYNmLeMr4RfRlr0IhBAsNZOOEZcDfgU60qDXXU:WjPgvcYNmLej0IhBTOyh6pLk","tlshash":"29b17378e69c61bca96256d8463780216b0f107fb7ca5027cc5dd7f0f68b428c6e3c9a","first_seen":"2026-06-07T18:51:36.789144Z","last_seen":"2026-06-07T18:57:17.911857Z","times_seen":3,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/static/img/icon.png","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:01.904Z","timestamp":1780858261904,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /static/img/icon.png HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:01 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\ncontent-security-policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; object-src 'none'; img-src 'self' data: blob: https://www.facebook.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://pbs.twimg.com https://analytics.twitter.com https://t.co https: ; font-src 'self' data: https://fonts.gstatic.com https://gstatic.com https: ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https: ; script-src 'self' 'unsafe-inline' https://connect.facebook.net https://www.googletagmanager.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://static.ads-twitter.com https://analytics.twitter.com https://apis.google.com https://www.gstatic.com https://ssl.gstatic.com https://storage.googleapis.com https://*.googleapis.com https: ; connect-src 'self' wss: https://www.facebook.com https://connect.facebook.net https://www.google-analytics.com https://analytics.google.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ads-twitter.com https://analytics.twitter.com https://api.twitter.com https://*.googleapis.com https://translate.googleapis.com https://*.gstatic.com https://storage.googleapis.com https: ; frame-src 'self' https://www.googletagmanager.com https://td.doubleclick.net https://www.google.com https://www.gstatic.com ; media-src 'self' blob: data: https://storage.googleapis.com https: ; worker-src 'self' blob: ; upgrade-insecure-requests;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sun, 07 Jun 2026 00:48:10 GMT\r\netag: W/\"1b49-19e9f8d2d10\"\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=USWsD6QNuNtRXAe6abyHfqeYpfHLPOLSci%2BlyrYSOVajn%2FZ95jl8Jt3mJAZKHbqdUk1E7k0KTp2Em3Rv7gfIE47Ioa0XrSfcY8P0Tj%2BJWmvKk5eXsRzJT%2FgEeI%2F94g%3D%3D\"}]}\r\ncontent-length: 6985\r\ncf-ray: a081d888edc44e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6985,"size_decoded":9523,"mime_type":"image/png","magic":"ASCII text, with very long lines (9318), with no line terminators","md5":"364d92eb2b87abe2081631b3f3e484df","sha1":"eeeac7473679279e124994403be79fcad713ddd7","sha256":"9eb9fefbd3f1189c13eaa28f883da9e7e9f57666c6f5d047d2a6ac13d229ad89","sha512":"adfd57ef918775be4a9412576383d65475c09f61072cf6fa74577f1e6d152987887da569d2a261fd933528001b9f69ad03cfcf1f32fee3ce12ce352c54c4c992","ssdeep":"192:GxQACO7VVJAAbv2LQaMIl5AE00L3QUxuuYQG3n7eLH:VMxViavaMIl5PrEUxuulG3qH","tlshash":"ae12afb2265ed6e5953b05f2fe1240317ef29516f1288c8bdee6630580a67b97a32309","first_seen":"2026-06-07T18:51:36.789901Z","last_seen":"2026-06-07T18:57:17.876741Z","times_seen":3,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.059Z","timestamp":1780858263059,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://wezowin.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: text/html; charset=utf-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncontent-security-policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; object-src 'none'; img-src 'self' data: blob: https://www.facebook.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://pbs.twimg.com https://analytics.twitter.com https://t.co https: ; font-src 'self' data: https://fonts.gstatic.com https://gstatic.com https: ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https: ; script-src 'self' 'unsafe-inline' https://connect.facebook.net https://www.googletagmanager.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://static.ads-twitter.com https://analytics.twitter.com https://apis.google.com https://www.gstatic.com https://ssl.gstatic.com https://storage.googleapis.com https://*.googleapis.com https: ; connect-src 'self' wss: https://www.facebook.com https://connect.facebook.net https://www.google-analytics.com https://analytics.google.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ads-twitter.com https://analytics.twitter.com https://api.twitter.com https://*.googleapis.com https://translate.googleapis.com https://*.gstatic.com https://storage.googleapis.com https: ; frame-src 'self' https://www.googletagmanager.com https://td.doubleclick.net https://www.google.com https://www.gstatic.com ; media-src 'self' blob: data: https://storage.googleapis.com https: ; worker-src 'self' blob: ; upgrade-insecure-requests;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=c%2BPK7HmiImFgAUdpi9njhPPL6NxqeYO2OstyKxLJ66JWVxHpYtX7Sjz1CkKPcLg0sMTP%2FVmxnHjVUh5B9w%2FyuzniHw2wgKxarAkici2UKXKCEZ4Rd3QSlVSBQ6yXlQ%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: zstd\r\ncf-ray: a081d8902f7b4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":103910,"size_decoded":31197,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (60288)","md5":"ced3d7324b09cbe976f1c77de971a3a6","sha1":"20ac3d06f49e292fce03c70d4404e6898f62f671","sha256":"201768f2a2f553c6bc33781f48e8adcedb593258e77eeb0022cbc2115ffbab08","sha512":"a3cfb1e1d4ab87fcf166072bd0a8d1d55b54964ce38ec384d3a705d0ae977eab1e501bd1d909971228bcd5b3ca67db611ead16a7f52fa2d93ce74096519ed36d","ssdeep":"1536:VCnyKI7C5+3//yU8fmuAaN1yGNkptBgGOZ8hZFQIxZ0:V62C5+3/6HmufgRtBzHFQIxZ0","tlshash":"4ba3f70fed18ea16d8939d8e747f6f3b6498c43642b184bca9adc40c02554b997fedc0","first_seen":"2026-06-07T18:51:36.746034Z","last_seen":"2026-06-07T18:52:00.079295Z","times_seen":2,"resource_available":true,"data":null}},"time_used":92,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":83,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/api/extra/postback","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.266Z","timestamp":1780858263266,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /api/extra/postback HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nx-content-type-options: nosniff, nosniff\r\nx-xss-protection: 0\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-frame-options: SAMEORIGIN\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dqGS%2BoyeyHXerH9PwyX7QrhcQR9jLbrRX3Z8nsKDTcYqW2wZRu9tAGnP8MIg9kovJ6DhR2fOhgNMpWmOcFE51XUcdnSHvwYftMmzrnMaJgeukHu6YM2i9VUfl9K58g%3D%3D\"}]}\r\ncf-ray: a081d89168004e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":115,"size_decoded":944,"mime_type":"application/json; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"8782e7a8b6992048581c103534f8557d","sha1":"0db67412a33c687c89c86ba1c5cf154465550eca","sha256":"796c0689dae8a791ab61d97ae057686193e566f7c54a676c6823fffd612dd823","sha512":"cd65ff2cf14c6b3cf93e93c082fceb8d2a1b0f3274f2df1997baac6c40325c24111dc3bc553575243a9cb1a2b1da4b10030b30273590d780d53e65d0fcbad515","ssdeep":"","tlshash":"a7b092072225ea030853b2633c163e6405bd0a435022ae6981a86b42abda8b70bad3d0","first_seen":"2026-06-07T18:51:36.79065Z","last_seen":"2026-06-07T18:57:17.877607Z","times_seen":3,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":59,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fgames%2Fpenalty.jpg\u0026w=96\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.401Z","timestamp":1780858263401,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fgames%2Fpenalty.jpg\u0026w=96\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: dRvxuWESl66-JwPi_d422bhnLRze5ZRLSNhinjEej-o\r\ncontent-disposition: attachment; filename=\"penalty.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9LE5WooL0161Km98iuMoGTS9CkT1GD0Ul25O0jQvPyIgmo1ZKyGH8mhFGHeUq7vyxzaDckqEmZQ033VmLuLJlIukvf06luKlyMDUsbYJnF%2F6WppK0j%2Bk%2FMy%2BNXcWww%3D%3D\"}]}\r\ncontent-length: 3258\r\ncf-ray: a081d89248554e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3258,"size_decoded":4383,"mime_type":"image/webp","magic":"ASCII text, with very long lines (4346), with no line terminators","md5":"623c3093600fa4119e28715401561052","sha1":"b947f049b62e2b89a294e73f0509130d844a247b","sha256":"4a6a0186bac587e17c07a00df812e9c1a5565b6136c0c15e22ea9be2b7d92d23","sha512":"3530731d98204eda9fd4bb2da21c4abe0cbe0944b2520c959cb0ff1cabaed2b4131034374b6a79f885500c4b2225359ab65da64281af3ccf200700f97592341f","ssdeep":"96:CEjdz02mY7/rz4bc4JOGgP5sljrj5sGaBQP1:CEjV02V7oI4TgilFsGag1","tlshash":"b2918eb4532b0b833ea22421b1d716565ae39822e707e7b73f48400e05777876782ed3","first_seen":"2026-06-07T18:51:36.791526Z","last_seen":"2026-06-07T18:52:00.131253Z","times_seen":2,"resource_available":false,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/static/sounds/message.mp3","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.474Z","timestamp":1780858263474,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /static/sounds/message.mp3 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nReferer: https://wezowin.com/\r\nRange: bytes=0-\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: audio\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 206 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: audio/mpeg\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncontent-security-policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; object-src 'none'; img-src 'self' data: blob: https://www.facebook.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://pbs.twimg.com https://analytics.twitter.com https://t.co https: ; font-src 'self' data: https://fonts.gstatic.com https://gstatic.com https: ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https: ; script-src 'self' 'unsafe-inline' https://connect.facebook.net https://www.googletagmanager.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://static.ads-twitter.com https://analytics.twitter.com https://apis.google.com https://www.gstatic.com https://ssl.gstatic.com https://storage.googleapis.com https://*.googleapis.com https: ; connect-src 'self' wss: https://www.facebook.com https://connect.facebook.net https://www.google-analytics.com https://analytics.google.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ads-twitter.com https://analytics.twitter.com https://api.twitter.com https://*.googleapis.com https://translate.googleapis.com https://*.gstatic.com https://storage.googleapis.com https: ; frame-src 'self' https://www.googletagmanager.com https://td.doubleclick.net https://www.google.com https://www.gstatic.com ; media-src 'self' blob: data: https://storage.googleapis.com https: ; worker-src 'self' blob: ; upgrade-insecure-requests;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\netag: W/\"71a3-19e9f8d2d10\"\r\ncache-control: public, max-age=14400\r\nlast-modified: Sun, 07 Jun 2026 00:48:10 GMT\r\ncontent-range: bytes 0-29090/29091\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LRsu5TsJnOyz7mukhr%2Bzg3m%2FuHXhZHvvxSo8deUpBapwYVxA%2FhF2isMham4y7D0p9uhsY%2BMdnmfl1n8cFL7YUQ3SLU66XjQvl6oePjfLgxdQPU%2F%2F%2F2b97zFYANnlxQ%3D%3D\"}]}\r\ncontent-length: 29091\r\ncf-ray: a081d892b8864e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29091,"size_decoded":31652,"mime_type":"audio/mpeg","magic":"ASCII text, with very long lines (38788), with no line terminators","md5":"d57cee3535330a877f7e9a1576bf94b8","sha1":"7236768cb2858baa2e138916f70bab031078d074","sha256":"5a964683ea1126b73a92048c16d09b46a2ce4bc441a092ca405007886f80e760","sha512":"8e7dcdf7385b637181eb763d6d984be50a3df4296e23c935caea7d26a312f99586197bca9b096f642cda955b92d5d08b48c0880d66c2a594cf9712500ad5ae04","ssdeep":"768:fX3kna1vCswPPQALrlmDKY4xbIoyiFeorbnaHUM2I9mh:fUa1qswPPQALrlYqMoXcorbnuUM2Iq","tlshash":"c803f17519eb7e2c94b48595824f08571ce98ebb8d24cdc2a182fae400535b2bfcf69d","first_seen":"2026-06-06T20:32:48.623228Z","last_seen":"2026-06-07T19:18:17.463912Z","times_seen":23,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":135,"receive":46,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fslots%2Fpragmatic%2FGatesOfOlympus1000.jpg\u0026w=96\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.398Z","timestamp":1780858263398,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fslots%2Fpragmatic%2FGatesOfOlympus1000.jpg\u0026w=96\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: ZYmdqlvezhBAHGB5tx16CCmQQ0P5WHPiP5Bv_uWoRHw\r\ncontent-disposition: attachment; filename=\"GatesOfOlympus1000.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oqqEaEIEVhK9U%2BGg49qwD9GuCRfqyHnG6D3eItKJ1KFDVqi3phRFavQFRwbrfjuJTX%2BHPz2pCONo%2BCTLXSx0ayhezUGH7tLYpA33nyX74sUsVz500IS%2Fekvp7M6%2BjQ%3D%3D\"}]}\r\ncontent-length: 2472\r\ncf-ray: a081d89248514e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2472,"size_decoded":3610,"mime_type":"image/webp","magic":"ASCII text, with very long lines (3298), with no line terminators","md5":"31aa25f0cb8c9b38ed0cc499df8bd001","sha1":"cfd298eb7d51176b46e21f539b9998c88918b4f8","sha256":"7c01948d7852dcda26d1bbc4ce84b869045699e47a2aaa686bb33fcfa05a53db","sha512":"477ce9682d3f988ff958b995d49d075dd0dee3ddd92b70583e8a791613b29d1e8d7815e98034ea49246f56f6e66f57a2349f050a4a6f86566d442e247e4cdfab","ssdeep":"","tlshash":"ed616fd5402b06389755c26cb03acd75fac25a606308606a7727dd6e07ac40f9f7c5b9","first_seen":"2026-06-07T18:51:36.792976Z","last_seen":"2026-06-07T18:57:17.882147Z","times_seen":3,"resource_available":false,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":106,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fgames%2Ffortunespin.jpg\u0026w=96\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.415Z","timestamp":1780858263415,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fgames%2Ffortunespin.jpg\u0026w=96\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: Kv2qICWjQNz_PQJlWVzJ6Zd5JSKyegwNYMDBAq8TcLc\r\ncontent-disposition: attachment; filename=\"fortunespin.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RgPqOINAq2e6j2EiEnNl7z0cmMO7IsQTtxwgWKF91VmFdvTxfQqzo6S5DHb2Bs2YSv801wjUnaketFvPAxZRc16sIdtoc0qKCeGqNU6HKTkgD38MXWw65Y9knxiHBw%3D%3D\"}]}\r\ncontent-length: 3270\r\ncf-ray: a081d89258654e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3270,"size_decoded":4391,"mime_type":"image/webp","magic":"ASCII text, with very long lines (4362), with no line terminators","md5":"0c45ae19df731f63deff5f47a25a8449","sha1":"6e882e59f48e415afc93686043f79c2005c3e9a3","sha256":"2c2413fef22b0377cd447fc4d602e8b5cc7118b086535ee2f199e72dac03992a","sha512":"6403535518c524ba256d3d033c3aea7f1e23e1b63604d774768b730df2ffe8f15686276ce45518de10ade7861e985bda4d89fb9fc12934f4f32f6b28811972d7","ssdeep":"96:MtJYnf/UYotNM4mI6MvFwoD8/nG7xQ58OEjc1YRrOd6IMHJb6fc4:MXcUntWXIxenG7A8CYRrITMHat","tlshash":"d2915d26dfd4d40799c4bf76b027a22bedb2c61d651cb011fa1228121c7b1a442bcb95","first_seen":"2026-06-07T18:51:36.79405Z","last_seen":"2026-06-07T18:57:17.909936Z","times_seen":3,"resource_available":false,"data":null}},"time_used":140,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":140,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fgames%2Fminedrop.jpg\u0026w=96\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.421Z","timestamp":1780858263421,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fgames%2Fminedrop.jpg\u0026w=96\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: -kgMXwHKWqbH7aLtufSp3DQ4rq6QKsEwYCksa6MCNIM\r\ncontent-disposition: attachment; filename=\"minedrop.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MgYBgqH4y92YLi4R0kZxnr4pGm3yyWSOW4RCSgAU%2B55qUebItvAm1C%2FGArpP7Nzrt5ppaqEW2tlfiSmDdgUpJEbgA%2FZqwdb%2FQWb2RofI2tFJ0DoXgC%2FFHad%2Fd7hppA%3D%3D\"}]}\r\ncontent-length: 2466\r\ncf-ray: a081d89268694e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2466,"size_decoded":3596,"mime_type":"image/webp","magic":"ASCII text, with very long lines (3290), with no line terminators","md5":"81fd5111531389c64cd37bb0026990fd","sha1":"c45f4893797c47a2d8736c523cf2a079bfdea40f","sha256":"84e3946bf2a082e2d666e4be282dcff2b4d1599a47ac6b8023bb5592e36bbf30","sha512":"fe69c160d6cee61cfd05312c945cbf4b4329796743a95b4576f2e746f78a4ed0df25fdce64d2154089e3affe98405072bb2e0353e6ccdcff427c4bd1824d591a","ssdeep":"","tlshash":"54615b3da37a0a47691917f952e3db8bb92129b1090570f707d27cf050592a46de0339","first_seen":"2026-06-07T18:51:36.794987Z","last_seen":"2026-06-07T18:52:00.092771Z","times_seen":2,"resource_available":false,"data":null}},"time_used":144,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":144,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fgames%2Fchickencross.png\u0026w=96\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.466Z","timestamp":1780858263466,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fgames%2Fchickencross.png\u0026w=96\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: gIQ0lKn1YgooVuahDMvz8ZsVz95Lb9NhTWt_GuBL96Y\r\ncontent-disposition: attachment; filename=\"chickencross.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=48AIye2JvEDOHQTStsjXvIZox6H0itJhAxTB9yjcfX5Li5alof%2B%2B6SfrVYvHZPgw1b7zbORlLsSIvScXkbB6x%2Bx2XZI8557Q8EU3PC4L%2FHJ6Ow0EdEU6NllTcGLTRg%3D%3D\"}]}\r\ncontent-length: 2010\r\ncf-ray: a081d892a8814e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2010,"size_decoded":3140,"mime_type":"image/webp","magic":"ASCII text, with very long lines (2682), with no line terminators","md5":"c730260163eaad392aa66a413898c333","sha1":"57b36837fc2a496ac1bc347e6a4d917e8a678ba6","sha256":"9194ee8e1938c6ea264303904320db9b9a55d0846f47d8765b8f84fe11b3cab7","sha512":"58c71cd36e36a5f06f4ca6c73abd870d65d0b1d597dd72b0c537c52ecf759e2759306f57efc1e950ff4957e6568fd77549dee7258966bc7d94bf41c2569a5c02","ssdeep":"","tlshash":"cb514abd314a0c6db26481f806b5f737a497ada3e0e1ff2822a191abe1149cd1818215","first_seen":"2026-06-07T18:51:36.795816Z","last_seen":"2026-06-07T18:51:36.795816Z","times_seen":1,"resource_available":false,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fsupport%2Falex.png\u0026w=48\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.484Z","timestamp":1780858263484,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fsupport%2Falex.png\u0026w=48\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: 4wDPufQKjxeth5GSOeMaTd5lq-qMFg4NR_UN3m516NY\r\ncontent-disposition: attachment; filename=\"alex.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9bpxoVPJIRbN6afJeDp%2BpnNQ0XteEyL2UWcRH6JF59bWE7bADrrFS8j6wBdrzT63ZiOSZ%2BuS8nJ19MZLRMq7INwMw82aaZ8%2FNi%2Fe9Cn44y%2BsUDx0ReVCJFI%2FcEBk7g%3D%3D\"}]}\r\ncontent-length: 1204\r\ncf-ray: a081d892c88f4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1204,"size_decoded":2330,"mime_type":"image/webp","magic":"ASCII text, with very long lines (1610), with no line terminators","md5":"4cb17063562c00cb84bc2dc66425b246","sha1":"172de206916d189cbe817ba149e94411b66c0f3e","sha256":"3b0a5e7fdee490d5fa67ca1570e37f75ca646837a34d14ed9dfddab9c443af5d","sha512":"95adafc2e3a7fbabbe723d99f5cf2c3b93f0ed495548a5bf1ede2e8e09aed5f179124a71ffee359b45037930a251004de0e6e5990f1fcbfb6f340d3b655b29fb","ssdeep":"","tlshash":"f3313a338571d48b19bd5d3542e4f92a7ccdb1613382f853ac30b4314c6bb041e120c4","first_seen":"2026-06-07T18:51:36.796663Z","last_seen":"2026-06-07T18:57:17.977672Z","times_seen":3,"resource_available":false,"data":null}},"time_used":91,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":91,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fsupport%2Fmichael.png\u0026w=48\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.487Z","timestamp":1780858263487,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fsupport%2Fmichael.png\u0026w=48\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: zcrvczUMpoZRwmQBfEKt0zaEslAQiiv7HK0fAEYgd2Q\r\ncontent-disposition: attachment; filename=\"michael.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1qsELWKaG4ZGA7q56qG03hTud8vqgDoSuBTqNcrIZuWmlGUAjb801fVNKdoYlI1XQgD1JkfZxFAtQ%2BvviUWtecENJrSvC%2BZlyyiqTVyebhoBKAcjOgY4Lv1gjTxGzQ%3D%3D\"}]}\r\ncontent-length: 1156\r\ncf-ray: a081d892c8914e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1156,"size_decoded":2277,"mime_type":"image/webp","magic":"ASCII text, with very long lines (1546), with no line terminators","md5":"5a278d8cf9b0c8409ec63a510c38abd6","sha1":"dc193494d9ec2b6a4d764e10b4c5c2c17bb8480e","sha256":"fe2e90a0f8f3ebd1a39446cd4d9e6f6d2cf959fa3758cdb7160fd4b202898a04","sha512":"1382e89be7b0d266dc3c238c24f099c2d2eed5e15bb6224907aef31a4eca3802e4e1a0116e6b1b95e0f7e29d9f5f7ab503d16df0dad8cc9384dcb45ab6f6f887","ssdeep":"","tlshash":"7e310a2e738522c9aa94f2b1c5c776150dc610cb4652f4effeccac83855f68484d6975","first_seen":"2026-06-07T18:51:36.797609Z","last_seen":"2026-06-07T18:57:17.917235Z","times_seen":3,"resource_available":false,"data":null}},"time_used":86,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":86,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fgames%2Faviamastersxmas.jpg\u0026w=256\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.383Z","timestamp":1780858263383,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fgames%2Faviamastersxmas.jpg\u0026w=256\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: K4VXJ7DYIBhqtEbpI38RHTa3K43iBP2SKds1qUkcBmQ\r\ncontent-disposition: attachment; filename=\"aviamastersxmas.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=N9M37szsUvTZyzyEHG2IjOvpbZc0yll9N0g2BsAHkyQqSaE%2BkcMJQ%2BKp1IvHDrBSijFC%2BQKBiRabguNy6PxGd%2F8SMc22TxUivFaXGMuEXYnYJu4SCIZJYk4wzCNEdw%3D%3D\"}]}\r\ncontent-length: 11818\r\ncf-ray: a081d89228464e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11818,"size_decoded":12952,"mime_type":"image/webp","magic":"ASCII text, with very long lines (15760), with no line terminators","md5":"a8d4eff45d6e446f667ab772bbbbb225","sha1":"8c9c7eb95c99cb6b39bae619e32cc09e71d47153","sha256":"67dbacc952bfaf1d5a44361e02f2dfb23d13654af596477a1d2d62d31295e40c","sha512":"b86afe8b1c2b57f8503a2f40e70b528d41c9357a8b60facbf6c92c9ba35d55affaf57df7c7eef96a576f3043023be4ab576a8e78290762e4d9d05ec679812179","ssdeep":"384:VBdPEvoduCGwd4s1f4fK0qj23EaRVpSduEh8c6wIgpy:jdPEAd8sAi0qDaRrun6Ay","tlshash":"4b62d12fd752441fa488dc026d89e8bc7f70ae93e6eeb8d0548951783a57f785018d33","first_seen":"2026-06-07T18:51:36.799217Z","last_seen":"2026-06-07T18:57:17.964297Z","times_seen":3,"resource_available":false,"data":null}},"time_used":107,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":107,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fslots%2Fhacksaw%2FLeFisherman.jpg\u0026w=96\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.417Z","timestamp":1780858263417,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fslots%2Fhacksaw%2FLeFisherman.jpg\u0026w=96\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: vcyh66CRG-1xPg5WPF-0aoqa7gsNZsT2qYf2mQf6hco\r\ncontent-disposition: attachment; filename=\"LeFisherman.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IHSqI1UFdM916mh%2FIZIj%2FpxOgpxq%2Fm80wZeUtvixdmKWNGx2EvtCKlcsKjhKlJg7HuDedFAwOrtwcGXjnu0QTf2iC60SpGQjmJVXJOI%2BoOu%2FH%2BJ529bKuVT1Hmf%2Fmw%3D%3D\"}]}\r\ncontent-length: 2746\r\ncf-ray: a081d89258664e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2746,"size_decoded":3881,"mime_type":"image/webp","magic":"ASCII text, with very long lines (3666), with no line terminators","md5":"4da89bbc1b1f3738e9693f786f2970cd","sha1":"a2d634c834d7079a30ab4d781826b0b8be0c7300","sha256":"21c4f37cc8e76c3f75af497d7c2669456feec500d9218d67e1681c9c81a14599","sha512":"55d31b688915b670fa5ceff4d1171ceca43f9a8b2275bc5e1e8466299f540f974e856adba1605dbea54e48a15e01b8c995dee97bc3a96dd8c29059e14dd901ae","ssdeep":"","tlshash":"7d715ef086071f60ce4f2555b1dfe9d38f410e37cbb812e0c5162c38149626d92a7906","first_seen":"2026-06-07T18:51:36.800059Z","last_seen":"2026-06-07T18:57:17.886469Z","times_seen":3,"resource_available":false,"data":null}},"time_used":138,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":138,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fslots%2Fpragmatic%2FTheDogHouse.jpg\u0026w=96\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.461Z","timestamp":1780858263461,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fslots%2Fpragmatic%2FTheDogHouse.jpg\u0026w=96\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: tOWa907KrZUAwCyr05l37jzP5_EmagDq-CZJX30De5E\r\ncontent-disposition: attachment; filename=\"TheDogHouse.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=atbJQVstzJRktP2oSUIoNLI8ldkfxlKZMidyPQseGSnto2pVpBIPfdF8Qxlru0mRSCwJ4zaWhv41wGq3lzidKHcZCA7XCFfx%2BrP3OBeci0%2Fznzv7%2F4i9PzM%2BWOib1Q%3D%3D\"}]}\r\ncontent-length: 2614\r\ncf-ray: a081d892a87b4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2614,"size_decoded":3743,"mime_type":"image/webp","magic":"ASCII text, with very long lines (3490), with no line terminators","md5":"37b781b9a9071a44ae382733347e786e","sha1":"fffca2bdbb157e45671569338569e268d35ea550","sha256":"39258ce82cc8b5b109f54f8f6e86e38c091681469132004f8c8f03738fe99eef","sha512":"7be166f81d1c611433e6f6f89464aded9f8ca76ac30b54bdeb38252a02d9fe241454379624e9c05b6421aaa54ad4560afbae8b116bc1cb6bef2e02ad6ec75778","ssdeep":"","tlshash":"da716ef61663d8b6c3c3f0dcd1da5e726520711593e7fd742f5b2a2d8d456480a6b009","first_seen":"2026-06-07T18:51:36.800998Z","last_seen":"2026-06-07T18:57:17.976976Z","times_seen":3,"resource_available":false,"data":null}},"time_used":118,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":118,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fsponsorships%2Fbanner-basketball-mini.png\u0026w=640\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.481Z","timestamp":1780858263481,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fsponsorships%2Fbanner-basketball-mini.png\u0026w=640\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: RDluiiS81rlbF4NycjLsKAH_6JM2_5GpJOWNl2yCvIs\r\ncontent-disposition: attachment; filename=\"banner-basketball-mini.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Fv0Cael0qLD2PCrrKj4tzdNys5GbniLvauIzzP5LFXFRVg1R2fh7pCad4OzxJmQrJoNTbgPfeHuGHKTIEjfDbu79yNiGj1avysQceApCnuQRTQn1d2zOzFa4d98nDw%3D%3D\"}]}\r\ncontent-length: 4064\r\ncf-ray: a081d892c88d4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4064,"size_decoded":5196,"mime_type":"image/webp","magic":"ASCII text, with very long lines (5422), with no line terminators","md5":"2ddb1de0b46bbee9a7165f0f57782c5f","sha1":"2eceeec4a0e8574ab43329a830e3223272ddb50a","sha256":"8a551e257f6c3a2e926eb6f5710a2f8185c34d6f9962169b746c6bf4b2d575c2","sha512":"72ddac522285d298546f0216f9a290d1bfd874ece1c4cb72825d7ea87ef9f7286a19eebd1a74464bae0df7e964fe73e48bdf1d2858802896289ddc66d1ea30d6","ssdeep":"96:wtJQ78lXP7gjS7HdMuCC7Ic34A05z9gPHX2CRX7J92DuYJnWWdkQD3:+nN7uTc3Q5g3lX7b23Jtj7","tlshash":"4cb18eb37bec8b4cec68f32a003692aa9f197f591580ee943d1441d10069b1fd85fe38","first_seen":"2026-06-07T18:51:36.801885Z","last_seen":"2026-06-07T18:57:17.888183Z","times_seen":3,"resource_available":false,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fsupport%2Folivia.png\u0026w=48\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.489Z","timestamp":1780858263489,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fsupport%2Folivia.png\u0026w=48\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: 6emVpm6qQH-d-pB4MTokx3D5ph2UI0DAV9TwZwMopII\r\ncontent-disposition: attachment; filename=\"olivia.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iNi%2F2riwvDKfHHfu2trxfQ9I55%2F1piM4KF%2BcStEiJZqRu%2BLoiCnqhdbqApESnQvuLWelrFBqDuL3fUI2kvqvcZcUCVWO0VWqvXgIzSJtNKVzeCMqa29g2Ci6PUsKYg%3D%3D\"}]}\r\ncontent-length: 1076\r\ncf-ray: a081d892d8924e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1076,"size_decoded":2200,"mime_type":"image/webp","magic":"ASCII text, with very long lines (1438), with no line terminators","md5":"ab2e0894a4cbf3969c07b66773187723","sha1":"ef406cc5b37b70de00aa982013f5d7cf5a5ac8f3","sha256":"c71ffd3166a2216bf5e57a96d5e2d9a2e37e8f8f88fcdee4b5a12e50122c9109","sha512":"00f41a2fcc9f72c30c71f9de5b6a2bbd1d46219b764b2a993dcbd49b8590c3637e2d122e7a8e60c8fb77613a3ce4f373534d956721718d1e904980eeac710065","ssdeep":"","tlshash":"4121e93c41e3a451ae5181ce633143ad5c82ea53b23bad984fc1c0659be13bdfa29c14","first_seen":"2026-06-07T18:51:36.803257Z","last_seen":"2026-06-07T18:57:17.880463Z","times_seen":3,"resource_available":false,"data":null}},"time_used":86,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":86,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/14j_td4d84u8g.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:01.678Z","timestamp":1780858261678,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/static/chunks/14j_td4d84u8g.js HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:01 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-security-policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; object-src 'none'; img-src 'self' data: blob: https://www.facebook.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://pbs.twimg.com https://analytics.twitter.com https://t.co https: ; font-src 'self' data: https://fonts.gstatic.com https://gstatic.com https: ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https: ; script-src 'self' 'unsafe-inline' https://connect.facebook.net https://www.googletagmanager.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://static.ads-twitter.com https://analytics.twitter.com https://apis.google.com https://www.gstatic.com https://ssl.gstatic.com https://storage.googleapis.com https://*.googleapis.com https: ; connect-src 'self' wss: https://www.facebook.com https://connect.facebook.net https://www.google-analytics.com https://analytics.google.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ads-twitter.com https://analytics.twitter.com https://api.twitter.com https://*.googleapis.com https://translate.googleapis.com https://*.gstatic.com https://storage.googleapis.com https: ; frame-src 'self' https://www.googletagmanager.com https://td.doubleclick.net https://www.google.com https://www.gstatic.com ; media-src 'self' blob: data: https://storage.googleapis.com https: ; worker-src 'self' blob: ; upgrade-insecure-requests;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Sun, 07 Jun 2026 00:48:12 GMT\r\netag: W/\"691-19e9f8d34e0\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=G1PEOKKGf5W%2FB7xijUR3OTyXabWXJUGFfmUK2SFg7xZeXpb3XcSPAFQWXmXbUsNqp5Vy2djyOmI1atrg%2FRjpjLHA8EOszMEmDBX7X%2BKH9fHNJ5ky8tHt5pmsnWrbtA%3D%3D\"}]}\r\ncf-ray: a081d8878d8a4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1681,"size_decoded":3259,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (1723), with no line terminators","md5":"f8263e101ebdac6734382fbc6429d398","sha1":"15b3f515c21325686fd5caefc8cf8c43ba15b340","sha256":"d8b51c400795905cee71b2c596391310c2285f5b137aae8ba676e9ca41018438","sha512":"a3a561efd6db7142f893241eeabfb9a28f704a6af834454e3e9c8ba1c9829713afa6c718e3c2e7ffb3c7bddacbfa72518eceb261cac0a181d8d882c3d8463b18","ssdeep":"","tlshash":"9d319f34a16de4ae324b09934e3670f8c73f59a6356ca1b0891feee0509b0d9eb17c71","first_seen":"2026-06-07T18:51:36.80472Z","last_seen":"2026-06-07T18:57:17.967675Z","times_seen":3,"resource_available":false,"data":null}},"time_used":128,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":128,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fvip%2Femerald.png\u0026w=32\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.400Z","timestamp":1780858263400,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fvip%2Femerald.png\u0026w=32\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: 5ZVPewIKJE7FTZLb68Oj2RK8GeImDJEkLlgg0mxP1s4\r\ncontent-disposition: attachment; filename=\"emerald.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KH2vk1Bdjqz1B64WXsHPTAbjPPdC6xz1tA5LaTskXXNQ3O3r0DBxhGRl1fHoiu2ysbqcqTSkM6zZf0sFRVYKLKV%2F8UPvrZqs%2BVtwbwGBoM9oh9h1jbUXtHvYqbyujg%3D%3D\"}]}\r\ncontent-length: 994\r\ncf-ray: a081d89248544e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":994,"size_decoded":2114,"mime_type":"image/webp","magic":"ASCII text, with very long lines (1330), with no line terminators","md5":"f6588efe257d2900f8473b3b05414398","sha1":"a6520f7e618c34e199dc6a88f706e1361b5907ee","sha256":"d1805095d1eb8826e9a84c6f7a7d64fe70dc2c5cfb52c5a65ec0e73b51cde6af","sha512":"b21a3edc08f143ae204117ffaf728e32d03890a728bca32c67833254bd9ed5d94f9ff81de1edcfa351d104a52cceeb635492a755266d95eda927065ffced4b43","ssdeep":"","tlshash":"e521f823a009bbb26b7851b4c4a06323bc9c1f979b823319da9569e3dc9345fc751883","first_seen":"2026-06-07T18:51:36.805816Z","last_seen":"2026-06-07T18:57:17.969637Z","times_seen":3,"resource_available":false,"data":null}},"time_used":105,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":105,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fslots%2Fpragmatic%2FSugarRush1000.jpg\u0026w=96\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.462Z","timestamp":1780858263462,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fslots%2Fpragmatic%2FSugarRush1000.jpg\u0026w=96\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: r6rh3051_3OvAUQfCmzTjO2zmK9Dy_u0gtYY7czQOuc\r\ncontent-disposition: attachment; filename=\"SugarRush1000.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FUc29dNgnVYv9iCu5HnyC31kopTwd6%2Bs2fkkVFazhhcHINwiBdgJD%2B%2BBAgFzl0dl3LPjaPenYHInpI%2Fkjl8LIl1Z9r%2BPjjEOV8tDQYwo7rhyamPoLCZnEim2NroupQ%3D%3D\"}]}\r\ncontent-length: 1924\r\ncf-ray: a081d892a87d4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1924,"size_decoded":3057,"mime_type":"image/webp","magic":"ASCII text, with very long lines (2570), with no line terminators","md5":"4aa4f7146326ba765c491837c6c49063","sha1":"f86a89b9fcf0962aa77d4b34b83f70d046c741f1","sha256":"a79b8c2eb1ef319b7c9b677f5befedceb99e85a531e53688fe8699be0ac6b784","sha512":"0a36cdb2f624c152543043dc9614a3ea6d0424a82f4e8ed07427088af3c4dadadbd5791eb52568540f8c73fd070f4d6a90ad0b09afb08f37a80dcc8109c44434","ssdeep":"","tlshash":"a3514a38a668739020783b767f283db6225c6da4d0244b6272d225eedd03e27011bb3d","first_seen":"2026-06-07T18:51:36.806761Z","last_seen":"2026-06-07T18:57:17.915908Z","times_seen":2,"resource_available":false,"data":null}},"time_used":119,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fslots%2Fpragmatic%2FSweetBonanza1000.jpg\u0026w=96\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.463Z","timestamp":1780858263463,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fslots%2Fpragmatic%2FSweetBonanza1000.jpg\u0026w=96\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: Ldq1zEz2167JbOElaXcTy7sMRB3pNa1u5B99FOgm5gw\r\ncontent-disposition: attachment; filename=\"SweetBonanza1000.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=f33CKXzGrBdLDTJ36Cavc294QgmXc3QW%2FWsBcbnGq%2F6lhl%2F6pCsNLwQnCIEdrCr4y%2BzpQewq11KxDUl31zcQ1U7CQhMoaQIs0YcGB8%2FhvopgFaLOX%2BRCx6DgR8VTDw%3D%3D\"}]}\r\ncontent-length: 2400\r\ncf-ray: a081d892a87f4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2400,"size_decoded":3538,"mime_type":"image/webp","magic":"ASCII text, with very long lines (3202), with no line terminators","md5":"c0da33f4d1a9cbd881c3f3654dc8914d","sha1":"18a5b1f95c07dbb394429ae4135025587fa577dc","sha256":"374230b56c0b383e6cc6819fa57d3d55ca4f483bc62063132f0f8bb3c44b698f","sha512":"8e2391b9e40b56044e8f9076640961649e9c9d992d4833a68a6f788d1c65e07255b58214119d916109f954edc370a23460f38e3536d44802e19dadc1e60b26e8","ssdeep":"","tlshash":"ed616da3a6d09270c01a791ff85df08c2dfe20eabaacba7dee594154d34029996c501d","first_seen":"2026-06-07T18:51:36.807752Z","last_seen":"2026-06-07T18:57:17.954559Z","times_seen":3,"resource_available":false,"data":null}},"time_used":126,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":126,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0n4z.7yu76je-.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:01.652Z","timestamp":1780858261652,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/static/chunks/0n4z.7yu76je-.js HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:01 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-security-policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; object-src 'none'; img-src 'self' data: blob: https://www.facebook.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://pbs.twimg.com https://analytics.twitter.com https://t.co https: ; font-src 'self' data: https://fonts.gstatic.com https://gstatic.com https: ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https: ; script-src 'self' 'unsafe-inline' https://connect.facebook.net https://www.googletagmanager.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://static.ads-twitter.com https://analytics.twitter.com https://apis.google.com https://www.gstatic.com https://ssl.gstatic.com https://storage.googleapis.com https://*.googleapis.com https: ; connect-src 'self' wss: https://www.facebook.com https://connect.facebook.net https://www.google-analytics.com https://analytics.google.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ads-twitter.com https://analytics.twitter.com https://api.twitter.com https://*.googleapis.com https://translate.googleapis.com https://*.gstatic.com https://storage.googleapis.com https: ; frame-src 'self' https://www.googletagmanager.com https://td.doubleclick.net https://www.google.com https://www.gstatic.com ; media-src 'self' blob: data: https://storage.googleapis.com https: ; worker-src 'self' blob: ; upgrade-insecure-requests;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Sun, 07 Jun 2026 00:48:12 GMT\r\netag: W/\"d576-19e9f8d34e0\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=snYv4BHtktLNdaRw8z9GDcj%2BESkN0CLFocPlRv1rrfthsTVFa4plPZq9uJn70ESZTyQSE1mbIQqvlQKFWGugP12NC1NUj9%2B7ESWomYAqds79OVDmCZa3wKZfAg%2Fkpw%3D%3D\"}]}\r\ncf-ray: a081d8875d694e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":54646,"size_decoded":15473,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (54644), with no line terminators","md5":"a648f088ad544148210ae070401800cd","sha1":"283e51ae1715ff82a698d38a370dff4af2976884","sha256":"91fec54ca6bfa97c9bc4fefe9576b9a76aac47ed9f0009090ddf6a60030d55d3","sha512":"045b41574a3600911e4d65a734aa6ca8091609f954bfea447bc0a03d9ae0516d56e91c15679393ae4d732a2dbafc403ad56e6ec376c11288be04e198c9b3b653","ssdeep":"384:2sUWst5gWTnrYV3uXeqbkJdeUtdaVmzlhjuNf9zXYpDuYNb4x2pk81FZTDxJRiGV:vUWstOoS3HSqD95hdFQcCDFZ1dqF6SV","tlshash":"1933da753295faa303db91d9c0370012f2780d7130ad64b4b395d8af399dd8a92faf69","first_seen":"2026-03-20T07:59:15.953955Z","last_seen":"2026-06-21T16:00:36.480188Z","times_seen":642,"resource_available":true,"data":null}},"time_used":156,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":109,"receive":47,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/static/chunks/0a51q.65l43cu.js","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:01.654Z","timestamp":1780858261654,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/static/chunks/0a51q.65l43cu.js HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:01 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-security-policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; object-src 'none'; img-src 'self' data: blob: https://www.facebook.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://pbs.twimg.com https://analytics.twitter.com https://t.co https: ; font-src 'self' data: https://fonts.gstatic.com https://gstatic.com https: ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https: ; script-src 'self' 'unsafe-inline' https://connect.facebook.net https://www.googletagmanager.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://static.ads-twitter.com https://analytics.twitter.com https://apis.google.com https://www.gstatic.com https://ssl.gstatic.com https://storage.googleapis.com https://*.googleapis.com https: ; connect-src 'self' wss: https://www.facebook.com https://connect.facebook.net https://www.google-analytics.com https://analytics.google.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ads-twitter.com https://analytics.twitter.com https://api.twitter.com https://*.googleapis.com https://translate.googleapis.com https://*.gstatic.com https://storage.googleapis.com https: ; frame-src 'self' https://www.googletagmanager.com https://td.doubleclick.net https://www.google.com https://www.gstatic.com ; media-src 'self' blob: data: https://storage.googleapis.com https: ; worker-src 'self' blob: ; upgrade-insecure-requests;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Sun, 31 May 2026 01:59:10 GMT\r\netag: W/\"9fca-19e7bc1a9b0\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nage: 581249\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gbe1zk1nwEnQg5zyArETuLKhZHI1b8OlxaZ7T0GyBSPl8AiaDY1hFgFgkaywo4D5eCw8bwjFCV2%2B3cSETrE3CILcRB0JV3L96%2FvPn9EWDc%2BJcUo2gUQImwegpW6Wqg%3D%3D\"}]}\r\ncf-ray: a081d8875d6a4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":40906,"size_decoded":14793,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (31928)","md5":"2c0d856260355cfe6e19dab13b192253","sha1":"fc7c5cdd08547a8a5a0f5951bfd676c8ba2a5fc9","sha256":"9ba6c6863a08f538a8fda2430d04b9f3fda5947f14ef606946c1004b416c5073","sha512":"78aa643104ae793488b923b3c73b38fc4798eb2407bad247e7946a87ce27ff9f2c78668ce111c39161a562eb31cbadd99d1fa8d93d2efc43e41608b97850714a","ssdeep":"768:juzhHJNPkOsCH71yZ8ATNTOYlTvLmHXG3v5aCmJG5LqKaBtl5N269Bx3jpIYYsHO:juzhHJNPkOsMI9Tthp3v5aCm/v5RzHeT","tlshash":"5c03b561e28672260e4343d9542903096fbe78b4678c541fb76c5ed72d22c8a4bbdff2","first_seen":"2026-04-23T10:08:30.775038Z","last_seen":"2026-06-21T17:03:09.423171Z","times_seen":42,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/static/img/icon.svg","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:01.906Z","timestamp":1780858261906,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /static/img/icon.svg HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:02 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\ncontent-security-policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; object-src 'none'; img-src 'self' data: blob: https://www.facebook.com https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://pbs.twimg.com https://analytics.twitter.com https://t.co https: ; font-src 'self' data: https://fonts.gstatic.com https://gstatic.com https: ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https: ; script-src 'self' 'unsafe-inline' https://connect.facebook.net https://www.googletagmanager.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://static.ads-twitter.com https://analytics.twitter.com https://apis.google.com https://www.gstatic.com https://ssl.gstatic.com https://storage.googleapis.com https://*.googleapis.com https: ; connect-src 'self' wss: https://www.facebook.com https://connect.facebook.net https://www.google-analytics.com https://analytics.google.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ads-twitter.com https://analytics.twitter.com https://api.twitter.com https://*.googleapis.com https://translate.googleapis.com https://*.gstatic.com https://storage.googleapis.com https: ; frame-src 'self' https://www.googletagmanager.com https://td.doubleclick.net https://www.google.com https://www.gstatic.com ; media-src 'self' blob: data: https://storage.googleapis.com https: ; worker-src 'self' blob: ; upgrade-insecure-requests;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sun, 07 Jun 2026 00:48:10 GMT\r\netag: W/\"56c-19e9f8d2d10\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9pDB%2Bz2jyDRp%2BzCq6itrJS352QaqqJm6XrTaoQJ3WbHoeOmUd65TAWUQZ%2FgN%2FOhFfw0QhHASRXxhZXBdGdoTmyWpFAKqsWnmlZparTMUNhkJFGYmIwqVfTpcssJxoA%3D%3D\"}]}\r\ncf-ray: a081d888edc54e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1388,"size_decoded":3259,"mime_type":"image/svg+xml","magic":"ASCII text, with very long lines (1432), with no line terminators","md5":"89df2d51e8143c64e004709c283ce151","sha1":"6af991e1fd8073f1e10aa40b62be1b0e1b5bf609","sha256":"5b7e0a9390d81677201b41d4ede88a4ff6a3ace60aa7c2fd328f0dc5674d8274","sha512":"ef261b2b455fa1afa735e1e6c59af22a611b8f11591de3125652add106c5bee79255af0fa9f3764185f7952f613b4ff62af4e94a33002ec09d5ee533744b7160","ssdeep":"","tlshash":"3c214e91a6b4f3acba48c7ae137804b6743e30f839b4c9058ec2485ab18252e19f5c36","first_seen":"2026-06-07T18:51:36.74511Z","last_seen":"2026-06-07T18:57:17.878842Z","times_seen":3,"resource_available":false,"data":null}},"time_used":122,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":122,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fslots%2Fpragmatic%2FJokerJewels.jpg\u0026w=96\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.411Z","timestamp":1780858263411,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fslots%2Fpragmatic%2FJokerJewels.jpg\u0026w=96\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: wJ2ObpPlkniwVeeFIVoW20qG-TVxinVzXZXZOcOLewM\r\ncontent-disposition: attachment; filename=\"JokerJewels.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Q7d9EYHna7Qdj46LEP9OKDzhgVss0vlLgL2d9e8XOlccfrXNdrXY7f5dFLxylNVsA5sD9fKdLNavSOKk%2BbZK1RStup67EpIwnoIsjWqEWhLJp74NJcKKv1ICJjF5nQ%3D%3D\"}]}\r\ncontent-length: 3370\r\ncf-ray: a081d89258614e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3370,"size_decoded":4493,"mime_type":"image/webp","magic":"ASCII text, with very long lines (4498), with no line terminators","md5":"61cb280939a4457cb916f96366b8e414","sha1":"d9eff85b9e416b16e630912a6c50a272b32e82e2","sha256":"3cb21f06c299001c55b54658d630e542686daae0a980ea655a50080dae5009e0","sha512":"0cd7e72277933c053568d50d62a8362fc4c93d8cfe37e1205f51fc3793a76751ee7047c969e769bc546184be2d54a46c551d3b6eab17b197aa124eccdf66d536","ssdeep":"96:jIYeapHa6tMcneKelWmq2Hfr+aiEZ8wY/6BNEHeRnBpkwcEbWs5Ax8Hw:maxpgK8WmP+aip1HspTbN7Q","tlshash":"d7916daa382a5b104da26de179a874de8c5f86e43325262fbc515fd016bb101c8178e8","first_seen":"2026-06-07T18:51:36.810077Z","last_seen":"2026-06-07T18:57:17.890913Z","times_seen":2,"resource_available":false,"data":null}},"time_used":123,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":123,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wezowin.com/_next/image?url=%2Fstatic%2Fimg%2Fgift-no-bg.png\u0026w=640\u0026q=75","fqdn":"wezowin.com","domain":"wezowin.com","tld":"com"},"ip":{"addr":"104.21.3.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://wezowin.com/","date":"2026-06-07T18:51:03.476Z","timestamp":1780858263476,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wezowin.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 13:35:18 GMT","end":"Wed, 19 Aug 2026 13:35:17 GMT"},"fingerprint":{"sha1":"13:D3:2F:B6:FC:E2:26:08:C6:44:56:F1:87:BD:9F:A4:E2:F3:B9:DD","sha256":"B3:E4:A4:6E:8D:FF:F2:B0:8B:78:B7:CB:D3:39:7D:B4:CF:E4:14:F1:C5:4A:2E:E3:11:37:0E:AD:43:53:99:3D"}}},"request":{"raw":"GET /_next/image?url=%2Fstatic%2Fimg%2Fgift-no-bg.png\u0026w=640\u0026q=75 HTTP/1.1\r\nHost: wezowin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://wezowin.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=C49BD1BA71A577D3FC752BE7A8C19A5B\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 18:51:03 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\nx-content-type-options: nosniff, nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept\r\ncache-control: public, max-age=86400, must-revalidate\r\netag: RTf9Zw51SOkXl5C7sn6W8FNHW3ahm-6FzGB_5J3rqo8\r\ncontent-disposition: attachment; filename=\"gift-no-bg.webp\"\r\nx-nextjs-cache: HIT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hi9g4O50iKwvoRMFP6G3hsBkX6lYQw4U4nfawI1vgY3RJxNBYh5wLeqgCESmPrI12Ha4M3YMMh%2FsnrSyyYgBq4OvQUnSZdYY5MmxJPYKd6pqumJEqShbzziZtAiSVw%3D%3D\"}]}\r\ncontent-length: 48920\r\ncf-ray: a081d892b8884e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48920,"size_decoded":50043,"mime_type":"image/webp","magic":"ASCII text, with very long lines (65228), with no line terminators","md5":"0d0f4a4b5b16d458247b860895e4b92d","sha1":"d4ff9d69761ed54ea0ec9c452b80cb4b6755e7f2","sha256":"b936c9c4c5bd87c607392c615180fec2bfa12fe1441fbbae1f1a37339fe75d1e","sha512":"e55c4f99ad1fe15d0020e6f64872275231671f84a16a16415376216c0b96b7a936b9f2d5795f43757ad0e8220f89f33f52807951691053b8718700e92e0136d7","ssdeep":"1536:dm+gPK0y2nmPzqYlHzFwTNLdsiws7I3IOj1aZEzvR0WO6s:4PPFfSz7lzFwpRnM3nFbs","tlshash":"595302753a603e5d030cca127a4e7c4ebcb88d09a115d5ccd8e662664dbebb717e83c1","first_seen":"2026-06-07T18:51:36.811Z","last_seen":"2026-06-07T18:57:17.879381Z","times_seen":3,"resource_available":false,"data":null}},"time_used":93,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"wezowin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}