{"report_id":"da381c95-c1c9-4d5b-8218-1ce85c27fc5d","version":6,"status":"done","tags":[],"date":"2025-11-21T12:55:55Z","url":{"schema":"http","addr":"luckfusion.info/bonus/com-eu-1-9831/ru-global-bb.php?c=4vz18rirz4uz0\u0026k=ac5e6cdfaf6ecf1ef5d0a25e53e6cd5e\u0026country_code=KZ\u0026carrier=-\u0026country_name=Kazakhstan\u0026region=North%20Kazakhstan\u0026city=Petropavlovsk\u0026isp=LLP%20Asket\u0026lang=ru\u0026os=Android\u0026osv=10.\u0026browser=Chrome\u0026browserv=142\u0026brand=unknown\u0026model=unknown\u0026marketing_name=K\u0026tablet=2\u0026rheight=0\u0026rwidth=0\u0026e=5","fqdn":"luckfusion.info","domain":"luckfusion.info","tld":"info"},"ip":{"addr":"172.67.149.227","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"luckfusion.info/bonus/com-eu-1-9831/ru-lp2.php?c=4vz18rirz4uz0\u0026k=ac5e6cdfaf6ecf1ef5d0a25e53e6cd5e\u0026country_code=KZ\u0026carrier=-\u0026country_name=Kazakhstan\u0026region=North%20Kazakhstan\u0026city=Petropavlovsk\u0026isp=LLP%20Asket\u0026lang=ru\u0026os=Android\u0026osv=10.\u0026browser=Chrome\u0026browserv=142\u0026brand=unknown\u0026model=unknown\u0026marketing_name=K\u0026tablet=2\u0026rheight=0\u0026rwidth=0\u0026e=5","fqdn":"luckfusion.info","domain":"luckfusion.info","tld":"info"},"title":"luckfusion.info/bonus/com-eu-1-9831/ru-global-bb.php?c=4vz18rirz4uz0\u0026k=ac5e6cdfaf6ecf1ef5d0a25e53e6cd5e\u0026country_code=KZ\u0026carrier=-\u0026country_name=Kazakhstan\u0026region=North%20Kazakhstan\u0026city=Petropavlovsk\u0026isp=LLP%20Asket\u0026lang=ru\u0026os=Android\u0026osv=10.\u0026browser=Chrome\u0026browserv=142\u0026brand=unknown\u0026model=unknown\u0026marketing_name=K\u0026tablet=2\u0026rheight=0\u0026rwidth=0\u0026e=5","dom":{"size":16136,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1206)","md5":"2e0037afb9806f2cf548756351c50e27","sha1":"e4486c4ea63f75170b0dc0091e4e9eb188568e27","sha256":"741e274a4982090f131eb3da309a3aa9512e3f5ab14544e4276caf2dc4ed0ea6","sha512":"f7a86d6a27cd9d8009da379693e99107fde6867c5bb26ebd4150c520d5ab8e0fb20b22513d4fcc1685c54589fa5a133ba7c5d2327108e982272ff0c300f1d23c","ssdeep":"384:LuhH07oACn6g7OAZGf8EZGtw0Kurvhrl5eWauiTeWauiTeWauiBb:LuhH07oAq6WOAZGf8EGtw0Kur35eWaui","tlshash":"b57281576ce29836058300c2b677e20d6893f11bea46cd51b6ec4a943f8bfcb4d47a9c","dom_hash":"domhashb7419aa7a58903838bfd5edd6bdac721","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"luckfusion.info/bonus/com-eu-1-9831/ru-global-bb.php?c=4vz18rirz4uz0\u0026k=ac5e6cdfaf6ecf1ef5d0a25e53e6cd5e\u0026country_code=KZ\u0026carrier=-\u0026country_name=Kazakhstan\u0026region=North%20Kazakhstan\u0026city=Petropavlovsk\u0026isp=LLP%20Asket\u0026lang=ru\u0026os=Android\u0026osv=10.\u0026browser=Chrome\u0026browserv=142\u0026brand=unknown\u0026model=unknown\u0026marketing_name=K\u0026tablet=2\u0026rheight=0\u0026rwidth=0\u0026e=5","fqdn":"luckfusion.info","domain":"luckfusion.info","tld":"info"},"ip":{"addr":"172.67.149.227","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null,"user":{"country_code":"zz"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-26T12:55:55Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":3}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-21T12:55:35Z","timestamp":1763729735,"ip_dst":{"addr":"34.117.59.81","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.4","port":33800,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io)","source":"{\"timestamp\":\"2025-11-21T12:55:35.668797+0000\",\"flow_id\":739494068703789,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.4\",\"src_port\":33800,\"dest_ip\":\"34.117.59.81\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2025331,\"rev\":5,\"signature\":\"ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io)\",\"category\":\"Device Retrieving External IP Address Detected\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Linux\",\"Mac_OSX\",\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2018_02_07\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0043\"],\"mitre_tactic_name\":[\"Reconnaissance\"],\"mitre_technique_id\":[\"T1590\"],\"mitre_technique_name\":[\"Gather_Victim_Network_Information\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_09_19\"]}},\"tls\":{\"sni\":\"ipinfo.io\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3418,\"start\":\"2025-11-21T12:55:35.610861+0000\"}}"}],"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-21","alert":"Sinkholed","trigger":"cdn.dt-assets.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-21","alert":"Sinkholed","trigger":"luckfusion.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-21","alert":"Sinkholed","trigger":"luckfusion.info","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2025-11-16T22:16:03.162694Z","alert_count":0,"request_count":6,"received_data":2078107,"sent_data":2648,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2025-11-16T22:16:29.209658Z","alert_count":0,"request_count":1,"received_data":20807,"sent_data":454,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"ipinfo.io","ip":{"addr":"34.117.59.81","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2013-04-23","domain_rank":1327,"first_seen":"2013-12-16T07:25:53Z","last_seen":"2025-11-17T01:23:32.860054Z","alert_count":0,"request_count":1,"received_data":1153,"sent_data":469,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"smdispsecure.com","ip":{"addr":"45.141.157.146","port":443,"asn":209696,"as":"NILSAT Ltd.","country":"Bulgaria","country_code":"BG"},"domain_registered":"2025-10-08","domain_rank":0,"first_seen":"2025-10-26T08:03:52.243728Z","last_seen":"2025-11-10T11:52:59.240603Z","alert_count":0,"request_count":1,"received_data":14784,"sent_data":561,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"jQuery:3.7.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Google Tag Manager","description":"Google Tag Manager is a tag management system (TMS) that allows you to quickly and easily update measurement codes and related code fragments collectively known as tags on your website or mobile app.","website":"https://www.google.com/tagmanager","common_platform_enumeration":"","icon":"Google Tag Manager.svg","categories":["Tag managers"]},{"name":"Firebase:8.2.2","description":"Firebase is a Google-backed application development software that enables developers to develop iOS, Android and Web apps.","website":"https://firebase.google.com","common_platform_enumeration":"cpe:2.3:a:google:firebase_cloud_messaging:*:*:*:*:*:*:*:*","icon":"Firebase.svg","categories":["Databases","Development"]}]},{"fqdn":"cdn.dt-assets.com","ip":{"addr":"23.36.76.123","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2023-06-16","domain_rank":6158059,"first_seen":"2025-08-06T18:43:31.551748Z","last_seen":"2025-11-10T11:52:59.243773Z","alert_count":7,"request_count":7,"received_data":222424,"sent_data":3129,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}]},{"fqdn":"luckfusion.info","ip":{"addr":"172.67.149.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-08-14","domain_rank":0,"first_seen":"2025-11-02T20:46:53.024051Z","last_seen":"2025-11-19T21:36:19.86486Z","alert_count":14,"request_count":7,"received_data":23060,"sent_data":5954,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"code.jquery.com","ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":4915,"first_seen":"2012-05-21T17:28:02Z","last_seen":"2025-11-16T22:20:40.871771Z","alert_count":0,"request_count":1,"received_data":88167,"sent_data":455,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}]},{"fqdn":"www.gstatic.com","ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":146047,"first_seen":"2012-05-29T15:36:17Z","last_seen":"2025-11-16T22:20:16.151448Z","alert_count":0,"request_count":1,"received_data":41658,"sent_data":443,"comment":"","tags":null,"fingerprints":null},{"fqdn":"tsyndicate.com","ip":{"addr":"213.239.204.82","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2017-03-08","domain_rank":1289,"first_seen":"2017-03-16T09:04:54Z","last_seen":"2025-11-17T19:50:51.246859Z","alert_count":0,"request_count":1,"received_data":961,"sent_data":518,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-21T12:55:35Z","timestamp":1763729735,"ip_dst":{"addr":"34.117.59.81","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.4","port":33800,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io)","source":"{\"timestamp\":\"2025-11-21T12:55:35.668797+0000\",\"flow_id\":739494068703789,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.4\",\"src_port\":33800,\"dest_ip\":\"34.117.59.81\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2025331,\"rev\":5,\"signature\":\"ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io)\",\"category\":\"Device Retrieving External IP Address Detected\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Linux\",\"Mac_OSX\",\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2018_02_07\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0043\"],\"mitre_tactic_name\":[\"Reconnaissance\"],\"mitre_technique_id\":[\"T1590\"],\"mitre_technique_name\":[\"Gather_Victim_Network_Information\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_09_19\"]}},\"tls\":{\"sni\":\"ipinfo.io\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3418,\"start\":\"2025-11-21T12:55:35.610861+0000\"}}"}]}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"smdispsecure.com/s?a=16507\u0026sm=1163\u0026co=10603\u0026mt=7\u0026s2=8z10nrg3","fqdn":"smdispsecure.com","domain":"smdispsecure.com","tld":"com"},"ip":{"addr":"45.141.157.146","port":443,"asn":209696,"as":"NILSAT Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":true,"md5":"a27922be47c10f7e88bc78b25d444fb3","sha1":"4fb5516a26f5267486c053fcd45ea0d2d8c31d9d","sha256":"78fd58dd69b97f29340e98fe5b9300293127d27c5617f3ee519db43a38fbdbda","sha512":"a93278360742453650f16ca42525f66bdc0310d1637a936a17df4d64382fc6b254c29edd84c56464cf5b19923abcfa5c32261b84eb3f0ecc74a92bb3317752f6","ssdeep":"","tlshash":"dfe0c0db70521c71b19e87b63374e13871532509781d5d22eded88246e585874c162dc","size":359,"data":"","first_seen":"2023-03-07T01:02:22Z","last_seen":"2026-04-15T09:27:00.800706Z","times_seen":603,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-TR8VQRX","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4d4a27252de8ac953c27b3e3b31b60ea","sha1":"2459aa031ee087198d590a83ecd4b1f236e54fcc","sha256":"9c8a905475ed96cc603bff11fe8e898bea2de82d26d55a3a7016816321db9966","sha512":"3fc40cdd977404d06eebacb6b21fc40b4131f21bb1785d7bcdb1c1d2c75b174fc4b99e821ecff1d02403bc97335af9d2a554c8fcd2a4ced7a972cea21018943f","ssdeep":"6144:mWgStyDUI23Yu0IVW66O7GQuO7KnUiVPb:1toUHYuYO7oRV","tlshash":"f36418c9b3d6702243a3a474503f018ba27b79d2f84cc895f186d9d52e70aaa4277f7d","size":330106,"data":"","first_seen":"2025-11-21T12:56:00.868299Z","last_seen":"2025-11-21T12:56:00.868299Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.dt-assets.com/devassets/4035/js/translate-banner.js","fqdn":"cdn.dt-assets.com","domain":"dt-assets.com","tld":"com"},"ip":{"addr":"23.36.76.123","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"eb108c8894773edb3138ec06895b1127","sha1":"e52895fd90cc7bbcd6b7e3699886a3a91d1a1f3b","sha256":"d19417b2b93cfd7978ce04ff6e947448d06dee964fe79d18a816bc9c0e4223fa","sha512":"b24e691d44d6396c59e47d9a721efe1414291bc32032d9c9f1985a4e8fe8cc25001062d09fbe6939c928463ab1f2c5a9a1cf956085527c249a2c80c01f7bc292","ssdeep":"","tlshash":"e6512f1276a52f3bc6306332b498a710f2a94b3b7e851c8232b15528dff6433c125fac","size":2720,"data":"","first_seen":"2024-09-06T08:26:50Z","last_seen":"2025-12-22T23:45:59.117301Z","times_seen":75,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"smdispsecure.com/s?a=16507\u0026sm=1163\u0026co=10603\u0026mt=7\u0026s2=8z10nrg3","fqdn":"smdispsecure.com","domain":"smdispsecure.com","tld":"com"},"ip":{"addr":"45.141.157.146","port":443,"asn":209696,"as":"NILSAT Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"256cdb11ca1f336f8622fb1a3cf066ff","sha1":"7ea74f8f152c55c902c906d25e05269afa6182ce","sha256":"829be72b7bae1d4ee42b2a4fdf96eafb3ea702fd50aa661a6ddac9cb045ff334","sha512":"e36a91f5464161e689451504ef12509ff5a32ddcc281e09b11339c8d17329fdc0176f60074ca58b80892d69b3132d51b52601cd35c8beda455897ccaf9b3679e","ssdeep":"","tlshash":"85e07dae0d014eea07412bda747b810cf13680e5152cdda3d58fc8a4251dfcc2a8f38c","size":335,"data":"","first_seen":"2023-03-07T01:02:22Z","last_seen":"2026-04-15T09:27:00.803541Z","times_seen":1115,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"smdispsecure.com/s?a=16507\u0026sm=1163\u0026co=10603\u0026mt=7\u0026s2=8z10nrg3","fqdn":"smdispsecure.com","domain":"smdispsecure.com","tld":"com"},"ip":{"addr":"45.141.157.146","port":443,"asn":209696,"as":"NILSAT Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"7619d426b402631cef50bacfd7ececf9","sha1":"55afc2b0b31bbde89f60b5e7e4ed62118795a18f","sha256":"d357aefce563a1557da1cdda0ff556bb3189b49b9256d231fbd50a4d4320ec64","sha512":"bba5c6586a5b33db4fa054474d340e0dc2f03141c536e4ab1fb8b6ce39dc7fca45c9ee285eff56414aeae46f33ff6f06ea18a685e3669b0a637dee8247273742","ssdeep":"","tlshash":"d39002594510482d100641985198401c697cb0a022141419c9406ce6912b2195546915","size":51,"data":"","first_seen":"2023-03-07T01:02:22Z","last_seen":"2026-04-15T09:27:00.802455Z","times_seen":1114,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-5R6C28C","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3006ee60e18f60342d22011509e58f16","sha1":"1f3e7c544ba22850474075a2cdd0cd70d623c2e1","sha256":"04088dfbaedeb718c7b425dcdfa0c303392414770dde2f5ae9338ceed4ff8b77","sha512":"532a18e9f6cfcd392747a71530e52a2f5a30050e38d6eb578eaa10b788954219778996bc58187f925316cae325744e7b27d7e7ed49bbc00a0d64be0cfddd1de6","ssdeep":"3072:yZw+Y05vkzUrnMo0ulFe1dRGeefSJQWfQXr2XdArNbE0fcVWo6O7nGQuO7yH2fn:FBULt+eUI2X6u0UVWo6O7GQuO7yWfn","tlshash":"386419cd73da742683a3a474403f018bb17b7892e84cd895f186d8d52e70aaa4277f7d","size":312832,"data":"","first_seen":"2025-11-21T12:56:00.878002Z","last_seen":"2025-11-21T12:56:00.878002Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-5R6C28C","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3006ee60e18f60342d22011509e58f16","sha1":"1f3e7c544ba22850474075a2cdd0cd70d623c2e1","sha256":"04088dfbaedeb718c7b425dcdfa0c303392414770dde2f5ae9338ceed4ff8b77","sha512":"532a18e9f6cfcd392747a71530e52a2f5a30050e38d6eb578eaa10b788954219778996bc58187f925316cae325744e7b27d7e7ed49bbc00a0d64be0cfddd1de6","ssdeep":"3072:yZw+Y05vkzUrnMo0ulFe1dRGeefSJQWfQXr2XdArNbE0fcVWo6O7nGQuO7yH2fn:FBULt+eUI2X6u0UVWo6O7GQuO7yWfn","tlshash":"386419cd73da742683a3a474403f018bb17b7892e84cd895f186d8d52e70aaa4277f7d","size":312832,"data":"","first_seen":"2025-11-21T12:56:00.878002Z","last_seen":"2025-11-21T12:56:00.878002Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-K8MBVLY3KP\u0026cx=c\u0026gtm=4e5bi1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a8a1f894be920d84d80c4cdb27938d60","sha1":"38543025cfd5721cecb79db746a06b33e3110817","sha256":"767b711a6098bba4c9386aff0bb77b1cd2f9d7fb608fc9518f436b056ee535ee","sha512":"866d5d0bd5a00dd33b3a4c49b1625b04311d8ffe932986387b55456e335c648162e3b7f71de32d7cab082dc26125afe4afe1bfafc0b6f7365ac8f9a312c0eb0f","ssdeep":"6144:1vBUKltJeUI2XVUULUVWo6O7GQEO7f2xVFBoOr+Jj:1pDl2UnVUUtO7z","tlshash":"ef8419ce73d6742653d6b078503f018ba57b28a2f44cc899f189c9e52e70a9a4277f7c","size":403265,"data":"","first_seen":"2025-11-21T12:56:00.861642Z","last_seen":"2025-11-21T12:56:00.861642Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"luckfusion.info/bonus/com-eu-1-9831/ru-global-bb.php?c=4vz18rirz4uz0\u0026k=ac5e6cdfaf6ecf1ef5d0a25e53e6cd5e\u0026country_code=KZ\u0026carrier=-\u0026country_name=Kazakhstan\u0026region=North%20Kazakhstan\u0026city=Petropavlovsk\u0026isp=LLP%20Asket\u0026lang=ru\u0026os=Android\u0026osv=10.\u0026browser=Chrome\u0026browserv=142\u0026brand=unknown\u0026model=unknown\u0026marketing_name=K\u0026tablet=2\u0026rheight=0\u0026rwidth=0\u0026e=5","fqdn":"luckfusion.info","domain":"luckfusion.info","tld":"info"},"ip":{"addr":"172.67.149.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"04b75cabfc9a089f659ac94550219c85","sha1":"45defb10d2b7852aba17e141e53677a36dc4ab18","sha256":"7c3e4e61fc18cbf1ea3c7c31fde7a9afe60fc251cae77bc0531a33ce902fe675","sha512":"90050ff1e8a2eb336d123a38f269702a3f4cef698581ff448d428b09b99fa1a9236578aaf68e485f3dc4566992e9e68cc6a580959fc6e1df1855b40a70156f1e","ssdeep":"","tlshash":"cc0186ef192313045999180e7ed19584312210de3a45c07178fd95272ff4d4b77b9bbc","size":729,"data":"","first_seen":"2025-03-04T09:42:27.22405Z","last_seen":"2026-04-15T09:27:00.799527Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.dt-assets.com/devassets/4035/js/mainstream_multilang(3q).js","fqdn":"cdn.dt-assets.com","domain":"dt-assets.com","tld":"com"},"ip":{"addr":"23.36.76.123","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"6470316ed7ec781b185e19069208e6e6","sha1":"136eb86bfacc455c471c24cb570111636a6b09f0","sha256":"db3596500d04486149716a38b4e21a6184b9a2e7f3412e27bb9ff7792147f590","sha512":"5fe4febdae76d6bc8fc0d875642430082e837b2191d0759a83b4faa394a40df910157a2b0641596e880db580054b1eec2269dee386efa9c1765e51f6b1521515","ssdeep":"384:ML5l3bdZPyRyB/M85qfd/MNfm8M2zhjlXSXIwlc+X2:ML5l3bvPyRy1MFWf3jbU92","tlshash":"0c72b7573a8d55f6a499f1e3b5f5f91bb28ec47ff281a215302cfc3a1b91028504ea9c","size":16129,"data":"","first_seen":"2024-04-21T22:42:49Z","last_seen":"2026-04-12T19:40:43.161018Z","times_seen":180,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.dt-assets.com/prod/push-lang-config.js","fqdn":"cdn.dt-assets.com","domain":"dt-assets.com","tld":"com"},"ip":{"addr":"23.36.76.123","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"7152525f63649929a736f6efb78b58a5","sha1":"5bf8138b39eaeebdf4681ad31fac3a02075e36ad","sha256":"f1f5518e39341d6f4189be101a85c496add2a43b569a809bd3193d52f3e61de1","sha512":"0a7eda2735e297e729386b7d44558035f27abfb99163570d692f2996cdbe975c8da7ca7a2ad35851e14cde7c13bfaecf9c97720c8d8f8fccb9d8475d2c4b6bad","ssdeep":"192:Wjq9DPq7e3RIcPdf1Wfjejq9DP4Ojq9DPWWfPCfFdC7elUZqwutgiZn9DPmT:5Lb3V18BL4RLVPED9LS","tlshash":"7ef145bfe50186ff1e820749642753aee24f9bccf550e2a0378edd3a25bd0194135798","size":7853,"data":"","first_seen":"2023-03-07T01:02:22Z","last_seen":"2026-04-15T09:27:00.798971Z","times_seen":1072,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/firebase/8.2.2/firebase-app.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5e2898beab1505a629bf1254fbdf9ed8","sha1":"f17ac22f600d694ae4341c4da46576e3fec0e6f4","sha256":"00d770fea1249b4be3f55a037a9edd20c1fe55bda8ab1e4b6251e56cd74cd05b","sha512":"f4897b323c78eab01815bbdb302ebf286e8c43a0faa2bbeb4504d7329e0a68ebd6a832e71e3d1f4358d5b77937faf77e3411027c0e2d9b812011f88643ee6ca1","ssdeep":"384:mcaM4MIyXfihMRfF0Fg0ABMsVaAkdB2NAXtICZDzU:EM4MIyqqRfF2DKUYYICZDzU","tlshash":"da92d7ccf7e2b062539350b8443f310ba33e2558984c80a8b659e5e66df690f616ff79","size":19780,"data":"","first_seen":"2024-08-13T13:55:42Z","last_seen":"2026-04-15T19:40:49.637963Z","times_seen":3439,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"smdispsecure.com/s?a=16507\u0026sm=1163\u0026co=10603\u0026mt=7\u0026s2=8z10nrg3","fqdn":"smdispsecure.com","domain":"smdispsecure.com","tld":"com"},"ip":{"addr":"45.141.157.146","port":443,"asn":209696,"as":"NILSAT Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"256cdb11ca1f336f8622fb1a3cf066ff","sha1":"7ea74f8f152c55c902c906d25e05269afa6182ce","sha256":"829be72b7bae1d4ee42b2a4fdf96eafb3ea702fd50aa661a6ddac9cb045ff334","sha512":"e36a91f5464161e689451504ef12509ff5a32ddcc281e09b11339c8d17329fdc0176f60074ca58b80892d69b3132d51b52601cd35c8beda455897ccaf9b3679e","ssdeep":"","tlshash":"85e07dae0d014eea07412bda747b810cf13680e5152cdda3d58fc8a4251dfcc2a8f38c","size":335,"data":"","first_seen":"2023-03-07T01:02:22Z","last_seen":"2026-04-15T09:27:00.803541Z","times_seen":1115,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"smdispsecure.com/s?a=16507\u0026sm=1163\u0026co=10603\u0026mt=7\u0026s2=8z10nrg3","fqdn":"smdispsecure.com","domain":"smdispsecure.com","tld":"com"},"ip":{"addr":"45.141.157.146","port":443,"asn":209696,"as":"NILSAT Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"427360d6b3baf34ee24f41ce2b1aa48e","sha1":"4afbf9439ca48f94083603a93a396be8b8d6d459","sha256":"fbb9b67ce2bea5ff0185b5b6c611e2c6c60a5a3bfd8fe632a39938acc59a52bc","sha512":"d92fd08b6eecde79bfae583de9fbca03c4a885c2371e9bf186496a641a32ed76511026f870fa33404dd6632b603b5e7bd9375ddb8c7c6e24ec13ce74715661f3","ssdeep":"","tlshash":"81e0284b35430c21105606f81331664430d3329930134432cdd5dc449d78d5b0012f5c","size":337,"data":"","first_seen":"2023-03-12T10:36:14Z","last_seen":"2026-04-15T09:27:00.801884Z","times_seen":1112,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"moz-extension","addr":"moz-extension://95517681-890a-420e-a4ed-b0c0dd7bbf36/shims/firebase.js","fqdn":"moz-extension","domain":"moz-extension","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"","is_inline":false,"md5":"32d439c9ec8c789e843ae58b6774681c","sha1":"deb2c661dacf46eb3a1eacbba3e430dcf10cc395","sha256":"f65e83801e16f98e150ae8843afb4c98c0b3ac0fa7fbe5a5ec687b08119732d6","sha512":"a465cd7be378feb36cce002dcf2d8bffb2b3c976a1f222afb1842f395cd027f50d5855ba00baa0b0ae2c519cee87201dce5f98ec80a466858acd4835e150543d","ssdeep":"","tlshash":"7141dd19a8746bb31533f4651b5b2402f11a80232929fcf83bac97a41fda45e80b769f","size":2341,"data":"","first_seen":"2023-05-05T23:38:25Z","last_seen":"2026-04-15T20:00:21.469934Z","times_seen":19352,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.dt-assets.com/prod/push-subscriber-v2.js","fqdn":"cdn.dt-assets.com","domain":"dt-assets.com","tld":"com"},"ip":{"addr":"23.36.76.123","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"cdb8dd9234c060092c4928f914cc211a","sha1":"f9f6367035056c68fb59765aeb200d23d46bf071","sha256":"71cd1fa0043157bba2b01da8e108e3aa590b887824ebf7e96f5a4bea0ffd4697","sha512":"8ad9ee2ef647acfb1894474a1e08315a07af354a90c18b1a78e9c5db6024033e129cc6a320f872d69f96d9c3b6543a4d935247ebbe5156ca9206984e4e3b6361","ssdeep":"384:U+F+Gou1cKhgA9VQn8dXf8YhxgukUj1vXXGDkfmd+VEZo:Uy+GoFKHVQmNhxgq1vXXGDkf1n","tlshash":"f9a2860e2de3607a55a7702e9f9fa414353394031508cd20becc57a4af69d3d66afbe8","size":21749,"data":"","first_seen":"2025-07-16T23:54:04.821163Z","last_seen":"2026-04-15T09:27:00.774884Z","times_seen":248,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"smdispsecure.com/s?a=16507\u0026sm=1163\u0026co=10603\u0026mt=7\u0026s2=8z10nrg3","fqdn":"smdispsecure.com","domain":"smdispsecure.com","tld":"com"},"ip":{"addr":"45.141.157.146","port":443,"asn":209696,"as":"NILSAT Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"7619d426b402631cef50bacfd7ececf9","sha1":"55afc2b0b31bbde89f60b5e7e4ed62118795a18f","sha256":"d357aefce563a1557da1cdda0ff556bb3189b49b9256d231fbd50a4d4320ec64","sha512":"bba5c6586a5b33db4fa054474d340e0dc2f03141c536e4ab1fb8b6ce39dc7fca45c9ee285eff56414aeae46f33ff6f06ea18a685e3669b0a637dee8247273742","ssdeep":"","tlshash":"d39002594510482d100641985198401c697cb0a022141419c9406ce6912b2195546915","size":51,"data":"","first_seen":"2023-03-07T01:02:22Z","last_seen":"2026-04-15T09:27:00.802455Z","times_seen":1114,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.7.1.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2c872dbe60f4ba70fb85356113d8b35e","sha1":"ee48592d1fff952fcf06ce0b666ed4785493afdc","sha256":"fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a","sha512":"bf6089ed4698cb8270a8b0c8ad9508ff886a7a842278e98064d5c1790ca3a36d5d69d9f047ef196882554fc104da2c88eb5395f1ee8cf0f3f6ff8869408350fe","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr","tlshash":"3983f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87533,"data":"","first_seen":"2023-08-31T16:03:19Z","last_seen":"2026-04-15T20:38:34.363331Z","times_seen":140668,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"smdispsecure.com/s?a=16507\u0026sm=1163\u0026co=10603\u0026mt=7\u0026s2=8z10nrg3","fqdn":"smdispsecure.com","domain":"smdispsecure.com","tld":"com"},"ip":{"addr":"45.141.157.146","port":443,"asn":209696,"as":"NILSAT Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":true,"md5":"7eb5902977c5921e4bfe11e119c2f1f2","sha1":"4e4fd834bc481a6a878b0d5adafb1df8aa5d61d1","sha256":"8aed01e46dda84869a77cd47e4d0525ef7d8b48ef6d2173a6c1b4bfb32412c2e","sha512":"ada535b4ec330318a8bb7a5b7a1284ddbee65bf1faafb7ef4690945a5a232864c7ccd8ff1e3b9c3a1776a19eda4bc35b49397bc3270616c4322b2abcafcaf586","ssdeep":"","tlshash":"d0012d1a0052d8764b8652593ed731d0e817934bbcd0d26eb2aa8a117e70fdba1f9cf4","size":747,"data":"","first_seen":"2023-08-24T23:58:07Z","last_seen":"2026-04-15T09:27:00.801308Z","times_seen":856,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"smdispsecure.com/s?a=16507\u0026sm=1163\u0026co=10603\u0026mt=7\u0026s2=8z10nrg3","fqdn":"smdispsecure.com","domain":"smdispsecure.com","tld":"com"},"ip":{"addr":"45.141.157.146","port":443,"asn":209696,"as":"NILSAT Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":true,"md5":"9648d59e6af1eea837130008bf9bd49b","sha1":"667240a10892dd51773fb613669727f85d5062c1","sha256":"7e3fa3b9282a933df7ff1fa672f7569b95ef0cdee8c2c80814229e15b20e7a78","sha512":"38abb146e0e51b5f4e5b2fd74a001cc3c4725be477d5775aec864fbfc67d1b0456a8f0de423ff5a3d0f77136b14aacead85a4603764b389b3b9e7e98361f6f1c","ssdeep":"","tlshash":"d3f059c6ce6b68f23c861026822ea548f2e324235a49dd15fd8c88810f4da0f11fd1cc","size":560,"data":"","first_seen":"2025-11-21T12:56:00.893801Z","last_seen":"2025-11-21T12:56:00.893801Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"smdispsecure.com/s?a=16507\u0026sm=1163\u0026co=10603\u0026mt=7\u0026s2=8z10nrg3","fqdn":"smdispsecure.com","domain":"smdispsecure.com","tld":"com"},"ip":{"addr":"45.141.157.146","port":443,"asn":209696,"as":"NILSAT Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":true,"md5":"fe316598dbe25225c7c981535ba69d43","sha1":"7065d8dcbd9e1cb42a855e9b6babd3d7dfa3a970","sha256":"58e68aeff3f6fbc752564f32a48301264f051a55108f5a6ddce8643c4b9f3137","sha512":"af2203dc83e360cc2e46fea6e8bc5a34a6e1cc9005af88ba8cd8a72a98b5ea59369899502c4d0df2c62343c969a72b762464df660a510973edff2d811d45780c","ssdeep":"","tlshash":"4bf0e1c32a786cb219c62092d32f7b0cf043753e1755ce15aa4981c00e0f55b02ae5dc","size":572,"data":"","first_seen":"2025-11-21T12:56:00.897189Z","last_seen":"2025-11-21T12:56:00.897189Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"luckfusion.info/bonus/com-eu-1-9831/sandbox%20eval%20code","fqdn":"luckfusion.info","domain":"luckfusion.info","tld":"info"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"","is_inline":false,"md5":"92b651082ce234f66bb544e678befda3","sha1":"14c21c55ddce43b6f677caadf51d4ab98c6a3df8","sha256":"25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded","sha512":"b4fcbc037e0a3d91db2a624921e96b878e9e18dd998ad5649d77d7d053faf28b09c8725a0542aef702310bf85f3037b70985c274db8acabd021efb171d41f361","ssdeep":"","tlshash":"34c08ca3e74026ae2a1166b2b810e003a2866b015aa78402b00a003b1441fe21aaa1a8","size":147,"data":"","first_seen":"2023-04-11T21:07:53Z","last_seen":"2026-04-15T20:38:07.87884Z","times_seen":794430,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"smdispsecure.com/s?a=16507\u0026sm=1163\u0026co=10603\u0026mt=7\u0026s2=8z10nrg3","fqdn":"smdispsecure.com","domain":"smdispsecure.com","tld":"com"},"ip":{"addr":"45.141.157.146","port":443,"asn":209696,"as":"NILSAT Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"427360d6b3baf34ee24f41ce2b1aa48e","sha1":"4afbf9439ca48f94083603a93a396be8b8d6d459","sha256":"fbb9b67ce2bea5ff0185b5b6c611e2c6c60a5a3bfd8fe632a39938acc59a52bc","sha512":"d92fd08b6eecde79bfae583de9fbca03c4a885c2371e9bf186496a641a32ed76511026f870fa33404dd6632b603b5e7bd9375ddb8c7c6e24ec13ce74715661f3","ssdeep":"","tlshash":"81e0284b35430c21105606f81331664430d3329930134432cdd5dc449d78d5b0012f5c","size":337,"data":"","first_seen":"2023-03-12T10:36:14Z","last_seen":"2026-04-15T09:27:00.801884Z","times_seen":1112,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"smdispsecure.com/s?a=16507\u0026sm=1163\u0026co=10603\u0026mt=7\u0026s2=8z10nrg3","fqdn":"smdispsecure.com","domain":"smdispsecure.com","tld":"com"},"ip":{"addr":"45.141.157.146","port":443,"asn":209696,"as":"NILSAT Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"427360d6b3baf34ee24f41ce2b1aa48e","sha1":"4afbf9439ca48f94083603a93a396be8b8d6d459","sha256":"fbb9b67ce2bea5ff0185b5b6c611e2c6c60a5a3bfd8fe632a39938acc59a52bc","sha512":"d92fd08b6eecde79bfae583de9fbca03c4a885c2371e9bf186496a641a32ed76511026f870fa33404dd6632b603b5e7bd9375ddb8c7c6e24ec13ce74715661f3","ssdeep":"","tlshash":"81e0284b35430c21105606f81331664430d3329930134432cdd5dc449d78d5b0012f5c","size":337,"data":"","first_seen":"2023-03-12T10:36:14Z","last_seen":"2026-04-15T09:27:00.801884Z","times_seen":1112,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"smdispsecure.com/s?a=16507\u0026sm=1163\u0026co=10603\u0026mt=7\u0026s2=8z10nrg3","fqdn":"smdispsecure.com","domain":"smdispsecure.com","tld":"com"},"ip":{"addr":"45.141.157.146","port":443,"asn":209696,"as":"NILSAT Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"7619d426b402631cef50bacfd7ececf9","sha1":"55afc2b0b31bbde89f60b5e7e4ed62118795a18f","sha256":"d357aefce563a1557da1cdda0ff556bb3189b49b9256d231fbd50a4d4320ec64","sha512":"bba5c6586a5b33db4fa054474d340e0dc2f03141c536e4ab1fb8b6ce39dc7fca45c9ee285eff56414aeae46f33ff6f06ea18a685e3669b0a637dee8247273742","ssdeep":"","tlshash":"d39002594510482d100641985198401c697cb0a022141419c9406ce6912b2195546915","size":51,"data":"","first_seen":"2023-03-07T01:02:22Z","last_seen":"2026-04-15T09:27:00.802455Z","times_seen":1114,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"luckfusion.info/bonus/com-eu-1-9831/sandbox%20eval%20code","fqdn":"luckfusion.info","domain":"luckfusion.info","tld":"info"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"","is_inline":false,"md5":"239166f4d1bda569909c9af241098419","sha1":"ad3987a93224de5c735c7c380daf5bfaecf60ac8","sha256":"255566913e81e0587539abba68839777480779575271b734e817e7093f4dceec","sha512":"f4101528680ef26d4c38336e31d905393324e907c2d5210fd6397419e361460166a3dd44a2eb152e29d4c026c601654ea579bad6ac9608a9cd7cdf0072798ead","ssdeep":"","tlshash":"78b09b135691656d5f1065f575115007d1d9f7055bf79407b006007f1440f9a295d2d0","size":123,"data":"","first_seen":"2023-05-05T23:38:25Z","last_seen":"2026-04-15T20:00:21.481568Z","times_seen":16142,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/firebasejs/8.2.2/firebase-messaging.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b183329c90af8d64337b925c208e7a14","sha1":"9f5a49eab81c119d28416ba96f0390fdbc5a4565","sha256":"8e494f1321a6b31f3f2c5b67d5ed2242260adae69ac403bf87daba0aa6f0d9cf","sha512":"934db2e71193d93f6d271360e1ff09da2a2e38ef2d7a003fa65fef63fbbf81c3059db3b5b6e7a8ebe352d852285a281d356e9959f483378a2e21aaecade69586","ssdeep":"768:5NTKEXXgb0hlg40MrseYmrfnybAglt/B14IfHa0sCN:vTKhb0YxMrkEnQAwdRfXrN","tlshash":"390362ccbac3b51a8393a1fe54bf5146b63f7c18a40e4500fa69d5da7c7a009c637ab4","size":40767,"data":"","first_seen":"2023-03-07T01:17:49Z","last_seen":"2026-04-15T19:40:49.64795Z","times_seen":3582,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"smdispsecure.com/s?a=16507\u0026sm=1163\u0026co=10603\u0026mt=7\u0026s2=8z10nrg3","fqdn":"smdispsecure.com","domain":"smdispsecure.com","tld":"com"},"ip":{"addr":"45.141.157.146","port":443,"asn":209696,"as":"NILSAT Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":true,"md5":"22753e64c12655fa21aa977d2fec56c7","sha1":"8f74f95da4698b8a2dc2ce75fbe3d5d4988d5412","sha256":"9e75548828f8c33a70eef964977b03c9349d3dac39fb5954f98220d1c3737739","sha512":"d323a1b3ec0c7bc37bc51c656c9531bc6e3e140a57424221ee93448412fa6b817fa9130025f459669f4a8b9e527209a565feba7cabe8b854c2246bf824db5f6a","ssdeep":"","tlshash":"9e01e95bacb72704523b71e58e1bfa4c7431015fa659ce04b44c55d50f0a79c911321b","size":824,"data":"","first_seen":"2024-04-21T22:42:49Z","last_seen":"2026-04-12T19:40:43.180353Z","times_seen":180,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ipinfo.io/json?callback=jQuery37105775528462568728_1763729734236\u0026_=1763729734237","fqdn":"ipinfo.io","domain":"ipinfo.io","tld":"io"},"ip":{"addr":"34.117.59.81","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"fb92ac765e205bce0660f7d2c95af7ae","sha1":"633d736867bd6467d04d6ed0d86ea43e3cf5e436","sha256":"0445ffb12cea7db73397b400d5c80ec3a542b05531d849a42a7472fb3e54d081","sha512":"d1f78d96a22ba705fc3b3b359d8baf287947e91bc8d268a77ca09197a55de73c7700c01bd96fedcb570c4029ed38c0bc12775640d062379ec420746af1426ea5","ssdeep":"","tlshash":"da01706720382f37a9bd4648440bda0a236d3a2b4145a5964ea25f1c14446b770a126e","size":672,"data":"","first_seen":"2025-11-21T12:56:00.883235Z","last_seen":"2025-11-21T12:56:00.883235Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-C3EPRPS8FB\u0026cx=c\u0026gtm=4e5bj0h2","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a4bde38834841ed9cdeeaa7f5a689191","sha1":"67da6fd8093a64015302a589677d0b65d39cf652","sha256":"f85645ff98470cdbd37b2d13e465c4a2f3a1a397a273acdb008635ce1c75ad06","sha512":"0ea684dd53640e070f27064bed4d7586a8ec6f4d029b57bdc321add13b8b1df929c93c9e387c65d75ef207e4b124f305d61276aa6aec4e45ba14fda7227cec59","ssdeep":"6144:iIWgKOtdDUI23ECULUVW66O7GQEO7TkeV0sBLatgFvp:iv3O3UHECUfO7jL","tlshash":"4c8418ce73d6742653d6b078503f018ba57b28a2f44cc895f18ac9e52e74a9a4237f7c","size":402505,"data":"","first_seen":"2025-11-21T12:56:00.857427Z","last_seen":"2025-11-21T12:56:00.857427Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-5R6C28C","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5751897fef533ad52ec8c150c5f27a6e","sha1":"70f0c2c58019f7e57a150ad53ee14c9862e2c08e","sha256":"60864bf2d804d68b048b25b79522229666f6f385380813abe298e882c2e98a3e","sha512":"76024fd6ca189013ad91022a5c7338c05aa64391d268d15005bc2c8e14deb4bff0fb786239bfd8f878303da0132911549926050ecfaa1312843db5e919c881b4","ssdeep":"3072:yZw+P05vkzUrnMo0ulFe1dRGeefSJQWfQXr2XdArNbE0fcVWo6O7nGQuO7yH2fn:yBULt+eUI2X6u0UVWo6O7GQuO7yWfn","tlshash":"b46419cd73da742683a3a474403f018bb17b7892e84cd895f186d8d52e70aaa4277f7d","size":312859,"data":"","first_seen":"2025-11-21T12:56:00.873383Z","last_seen":"2025-11-21T12:56:00.873383Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"luckfusion.info/bonus/com-eu-1-9831/ru-global-bb.php?c=4vz18rirz4uz0\u0026k=ac5e6cdfaf6ecf1ef5d0a25e53e6cd5e\u0026country_code=KZ\u0026carrier=-\u0026country_name=Kazakhstan\u0026region=North%20Kazakhstan\u0026city=Petropavlovsk\u0026isp=LLP%20Asket\u0026lang=ru\u0026os=Android\u0026osv=10.\u0026browser=Chrome\u0026browserv=142\u0026brand=unknown\u0026model=unknown\u0026marketing_name=K\u0026tablet=2\u0026rheight=0\u0026rwidth=0\u0026e=5","fqdn":"luckfusion.info","domain":"luckfusion.info","tld":"info"},"ip":{"addr":"172.67.149.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d1a036aaadc4e626598956935c34ccaa","sha1":"1cdd25c94cddf5db711bd15478a92997c50639de","sha256":"7306781c7b14e773a08678a9b30b772b9753f0b411808d181a7247520008625e","sha512":"84d523c6a96792fc78f9696dee49c0ad06456c0d9dd9cc3c489693cccac4345d9ac18f1853c545c46a3ed9bada9ab049acaaffbb3b6920054693546e02eb043d","ssdeep":"","tlshash":"61b002645947b457379d0c04167947b06cd2002a5450c300f90da1124f7528a603a8f5","size":101,"data":"","first_seen":"2025-11-21T12:56:00.907696Z","last_seen":"2026-03-28T11:49:50.318468Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"smdispsecure.com/s?a=16507\u0026sm=1163\u0026co=10603\u0026mt=7\u0026s2=8z10nrg3","fqdn":"smdispsecure.com","domain":"smdispsecure.com","tld":"com"},"ip":{"addr":"45.141.157.146","port":443,"asn":209696,"as":"NILSAT Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"256cdb11ca1f336f8622fb1a3cf066ff","sha1":"7ea74f8f152c55c902c906d25e05269afa6182ce","sha256":"829be72b7bae1d4ee42b2a4fdf96eafb3ea702fd50aa661a6ddac9cb045ff334","sha512":"e36a91f5464161e689451504ef12509ff5a32ddcc281e09b11339c8d17329fdc0176f60074ca58b80892d69b3132d51b52601cd35c8beda455897ccaf9b3679e","ssdeep":"","tlshash":"85e07dae0d014eea07412bda747b810cf13680e5152cdda3d58fc8a4251dfcc2a8f38c","size":335,"data":"","first_seen":"2023-03-07T01:02:22Z","last_seen":"2026-04-15T09:27:00.803541Z","times_seen":1115,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"luckfusion.info/bonus/com-eu-1-9831/carrier/main.js","fqdn":"luckfusion.info","domain":"luckfusion.info","tld":"info"},"ip":{"addr":"172.67.149.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6749081dc8d2e65a8b31a4495747e537","sha1":"784b69c2160032e2603b09e53b32055b5ec320cd","sha256":"9d8aff015322729c4149911f4353e18184b97149b39cc77fcf3ceccecc2dc1e4","sha512":"34f1df1164f865a4a4a96e4147cfc0f3d05a6e7739b6bb82436ab7fb011dc3c05ff08448b76a11af21bc761432523f2cf338911904e710ca0ac078cf2d3474da","ssdeep":"","tlshash":"5151131ea564121215f7f228466f4304f0176737193b6902ba2e52d9ff3270e86b5efa","size":2582,"data":"","first_seen":"2024-06-30T09:51:57Z","last_seen":"2026-04-15T09:27:00.771537Z","times_seen":58,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"smdispsecure.com/s?a=16507\u0026sm=1163\u0026co=10603\u0026mt=7\u0026s2=8z10nrg3","fqdn":"smdispsecure.com","domain":"smdispsecure.com","tld":"com"},"ip":{"addr":"45.141.157.146","port":443,"asn":209696,"as":"NILSAT Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":true,"md5":"8a034db01d82cd81566f3545f8bf3bf2","sha1":"d40a27f402e22321f84cf82bd03f5330ce611193","sha256":"4e9d225b0c7485fc7b919e82b5b542ac4586a8fcf875c6c77210eff0cc29f457","sha512":"879f443013a299ff1102babdfef7ac931e6a82e65c35872fd7802f2ea8fc333b537ef3966b8f0f63f7168106ab790ac880e8e690ef158c0cf11aa00d69bce118","ssdeep":"","tlshash":"7af07856bdf30930c6eb245c4e9b73087030701be8108d08761c27905fbdeaaa5243c5","size":653,"data":"","first_seen":"2024-09-06T08:26:50Z","last_seen":"2025-12-22T23:45:59.148979Z","times_seen":73,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"smdispsecure.com/s?a=16507\u0026sm=1163\u0026co=10603\u0026mt=7\u0026s2=8z10nrg3","fqdn":"smdispsecure.com","domain":"smdispsecure.com","tld":"com"},"ip":{"addr":"45.141.157.146","port":443,"asn":209696,"as":"NILSAT Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":true,"md5":"acb87f83b2e16fa7cf70099ea4058476","sha1":"0fb9dc51bc2fa0892756e842fc433dbe6879005a","sha256":"d0a50ad43c5f8f189910185ab425813372c60656f9ac63a2a24160b70d015853","sha512":"14c30d59c1c730a4366b5cb59d9c7be59a6aaa9ee94627180544650696536efae2003ad0757441df90cca99c3604fcac3c3e71dff5626045a87149faace26673","ssdeep":"","tlshash":"f3c02b5adca08004183b14d5bd03a55e500b344b46e4ed14f56083881f3f83f400a300","size":140,"data":"","first_seen":"2024-09-19T18:12:58Z","last_seen":"2025-11-21T12:56:00.912411Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google-analytics.com/analytics.js","fqdn":"www.google-analytics.com","domain":"google-analytics.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"f24128d0c9cba7be2916c693427a3483","sha1":"1b6397d496ea896ebc2018b01b995cee4f166029","sha256":"58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8","sha512":"c4950733b44e258bbc817ce6396f002caec1e11a6413fd0038c9baef2d5f1d992b1fd0ec52515aba52faedb52c28b996a7fc063f28a0f45f3aab5e2f91bf5be5","ssdeep":"96:A1VdZYqhPnjpWx4/eTe8qSMbqaQd6VL2Jyt9LdJoyayCVPVD5wdBfQPfCHiUr3:AXdZYqNjpU4yPqSMbqaQGL2QfdDayCZC","tlshash":"a6a1dc9939fb50210233b1bd1bafa918b23895236208dd61b98c9364bf94437d7f1fc9","size":4691,"data":"","first_seen":"2023-04-11T21:07:53Z","last_seen":"2026-04-15T20:38:07.453322Z","times_seen":792844,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"smdispsecure.com/s?a=16507\u0026sm=1163\u0026co=10603\u0026mt=7\u0026s2=8z10nrg3","fqdn":"smdispsecure.com","domain":"smdispsecure.com","tld":"com"},"ip":{"addr":"45.141.157.146","port":443,"asn":209696,"as":"NILSAT Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"26e80bba587b1a14fcb61e54caf5ea13","sha1":"12a96e388be9d8a61b19aef86a9ce44db2ad3258","sha256":"9ff85a03271ef404bc067992c666cae3b3956badabb47c19b506d4f4c34451da","sha512":"4d27afd12a55f414a559ac17fe9b4645847176c721f5b85c9d7827ff062b2dfb634d925a91568c49dd74457afd686497f302750cb783ebaf375af265c2172648","ssdeep":"","tlshash":"4fd023fe7260c40925737876641925051433605fdc1e04d1fd510f94d4746b401a2d6c","size":216,"data":"","first_seen":"2025-08-13T03:24:01.077034Z","last_seen":"2026-04-12T19:40:43.173168Z","times_seen":132,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"luckfusion.info/bonus/com-eu-1-9831/ru-global-bb.php?c=4vz18rirz4uz0\u0026k=ac5e6cdfaf6ecf1ef5d0a25e53e6cd5e\u0026country_code=KZ\u0026carrier=-\u0026country_name=Kazakhstan\u0026region=North%20Kazakhstan\u0026city=Petropavlovsk\u0026isp=LLP%20Asket\u0026lang=ru\u0026os=Android\u0026osv=10.\u0026browser=Chrome\u0026browserv=142\u0026brand=unknown\u0026model=unknown\u0026marketing_name=K\u0026tablet=2\u0026rheight=0\u0026rwidth=0\u0026e=5","fqdn":"luckfusion.info","domain":"luckfusion.info","tld":"info"},"ip":{"addr":"172.67.149.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"782f99fdea5699ed9c1690746c560c40","sha1":"fe2cd17d2a20c9bc6a4d99d379f2da56e880c8cd","sha256":"749e1b6fd849f9dd46fd408d158d9c710345c10e1585f4f8f014c41d7b15dd7e","sha512":"94055d8131f746536d04235f2e7c05071b16b84e28994036d65c6b8550f6c2e8d72d47ec3f6e5601453f021e6c134dcbf238bccd56aa8b55ba221a1199286ac6","ssdeep":"","tlshash":"cbb092ad011a003bcbb370c00a7a57a9240155272002a588b7be5a143f7de03834a3e0","size":119,"data":"","first_seen":"2023-03-29T23:59:07Z","last_seen":"2026-04-15T09:27:00.804147Z","times_seen":85,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.dt-assets.com/assets/1387/js/backoffer.js","fqdn":"cdn.dt-assets.com","domain":"dt-assets.com","tld":"com"},"ip":{"addr":"23.36.76.123","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"e7e1dc07852a36f89e4be03aa3787316","sha1":"0dc3f8e7eb943af093cf8f4600fcf0e421891025","sha256":"33b8a5c4f883a3a775162d3c5287fe94bc4b22a86fe8b52fcb5aa615d2ffe388","sha512":"bdc3b3b78e10cd9afb54e3cd7e29c3849be0a581714845a8a79a8f1a5ede467c215a1a2f95af5f712f17bd37404882af503fc2f2b61e88ac356ff61f058ac49f","ssdeep":"","tlshash":"e901968f7b181c7955f2d4665b7e5228ed7b009b05039f007dec84401f31989a69add5","size":660,"data":"","first_seen":"2023-03-07T01:02:22Z","last_seen":"2026-04-15T09:27:00.777419Z","times_seen":1082,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"smdispsecure.com/s?a=16507\u0026sm=1163\u0026co=10603\u0026mt=7\u0026s2=8z10nrg3","fqdn":"smdispsecure.com","domain":"smdispsecure.com","tld":"com"},"ip":{"addr":"45.141.157.146","port":443,"asn":209696,"as":"NILSAT Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://luckfusion.info/bonus/com-eu-1-9831/ru-global-bb.php?c=4vz18rirz4uz0\u0026k=ac5e6cdfaf6ecf1ef5d0a25e53e6cd5e\u0026country_code=KZ\u0026carrier=-\u0026country_name=Kazakhstan\u0026region=North%20Kazakhstan\u0026city=Petropavlovsk\u0026isp=LLP%20Asket\u0026lang=ru\u0026os=Android\u0026osv=10.\u0026browser=Chrome\u0026browserv=142\u0026brand=unknown\u0026model=unknown\u0026marketing_name=K\u0026tablet=2\u0026rheight=0\u0026rwidth=0\u0026e=5","date":"2025-11-21T12:55:33.308Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"smdispsecure.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 13:03:14 GMT","end":"Tue, 06 Jan 2026 13:03:13 GMT"},"fingerprint":{"sha1":"F3:20:53:53:0A:AB:19:8E:12:43:1B:33:28:59:8D:62:57:F0:66:EE","sha256":"C0:39:00:A5:BD:97:2B:03:72:26:E6:51:E6:87:22:81:12:DC:2B:D3:85:C5:7C:64:92:C3:E7:C2:94:0D:B0:F6"}}},"request":{"raw":"GET /s?a=16507\u0026sm=1163\u0026co=10603\u0026mt=7\u0026s2=8z10nrg3 HTTP/1.1\r\nHost: smdispsecure.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://luckfusion.info/\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 21 Nov 2025 12:55:33 GMT\r\ncontent-type: text/html;charset=utf-8\r\nvary: Accept-Encoding, Accept-Encoding\r\nset-cookie: gdm_visit_freq_v2_1_001=0LgdaE4rlC1/ydkvz03cG7AJWXK+ruySlt4LmorZA2hOSCxstVkMIUs298GFQ9mI; Domain=.smdispsecure.com; Expires=Thu, 19-Feb-2026 12:55:33 GMT; Path=/; Secure; SameSite=None\nv_seg_freq_v2_1_001=yVtRd63XvId1wk9xIzRh5ScTepQ4YaeNhgQ6K0WxUm0=; Domain=.smdispsecure.com; Expires=Thu, 19-Feb-2026 12:55:33 GMT; Path=/; Secure; SameSite=None\nv_rule_freq_v2_1_001=0momyqPzfHX97/PKKSo1NRtRD7i2WGLUblfcF3WqvQE=; Domain=.smdispsecure.com; Expires=Thu, 19-Feb-2026 12:55:33 GMT; Path=/; Secure; SameSite=None\ngdm_suid_v2_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.smdispsecure.com; Expires=Thu, 19-Feb-2026 12:55:33 GMT; Path=/; Secure; SameSite=None\ngdm_uid_v2_1_001=CgOGpm4BwjSk313CmgE1EnBY9OKj8LHD55ivyz5izCzNhrJRgw4JQf72vDuD2SY3; Domain=.smdispsecure.com; Expires=Thu, 19-Feb-2026 12:55:33 GMT; Path=/; Secure; SameSite=None\r\ncache-control: no-cache, must-revalidate\r\npragma: no-cache\r\nexpires: Sat, 1 May 2027 12:00:00 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob\r\nstrict-transport-security: max-age=0;\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"jQuery:3.7.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Google Tag Manager","description":"Google Tag Manager is a tag management system (TMS) that allows you to quickly and easily update measurement codes and related code fragments collectively known as tags on your website or mobile app.","website":"https://www.google.com/tagmanager","common_platform_enumeration":"","icon":"Google Tag Manager.svg","categories":["Tag managers"]},{"name":"Firebase:8.2.2","description":"Firebase is a Google-backed application development software that enables developers to develop iOS, Android and Web apps.","website":"https://firebase.google.com","common_platform_enumeration":"cpe:2.3:a:google:firebase_cloud_messaging:*:*:*:*:*:*:*:*","icon":"Firebase.svg","categories":["Databases","Development"]}],"data":{"size":13316,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (551), with CRLF line terminators","md5":"94f01d3c6b28133e0d54d7e01167b4f5","sha1":"ac42b6c0cee88c67204d3fc24cbc79941fb826ac","sha256":"9e0495257f4e8ab5b6ac8d8e1ac30fa0cd9ed92fa6f683526b7b01644ce87a66","sha512":"7ce0a5f23fb5e49928dac0dfe98e413fb042cee4c4af229d50de894c3e20c5e422db8c98207da5a95ad491844f39d4af72f10cad77b9fb0bb99855b1351a6c3f","ssdeep":"384:3pYocrckgLAZGf8/2C9lh1CXFpnrQbQlK/W:3pYocrcXLAZGf8+ufcXFpnrQBW","tlshash":"295253266cc0a436017381d2aa76a79dfd82921bd746ca0676fc17872ff7f859c838d4","first_seen":"2025-11-21T12:56:00.834781Z","last_seen":"2025-11-21T12:56:00.834781Z","times_seen":1,"resource_available":false,"data":null}},"time_used":979,"timings":{"blocked":269,"dns":154,"connect":52,"send":0,"wait":441,"receive":0,"ssl":61},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.dt-assets.com/devassets/4035/js/mainstream_multilang(3q).js","fqdn":"cdn.dt-assets.com","domain":"dt-assets.com","tld":"com"},"ip":{"addr":"23.36.76.123","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://smdispsecure.com/s?a=16507\u0026sm=1163\u0026co=10603\u0026mt=7\u0026s2=8z10nrg3","date":"2025-11-21T12:55:34.114Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.smrt-content.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Oct 2025 06:39:41 GMT","end":"Thu, 01 Jan 2026 06:39:40 GMT"},"fingerprint":{"sha1":"D6:06:35:3F:8C:E6:C7:30:72:AF:48:FC:9C:EA:11:CB:2B:0C:2B:72","sha256":"70:AC:9E:04:8C:F6:A7:72:14:4B:52:13:C2:90:B1:13:23:0D:6D:97:7F:B1:24:54:FE:D5:06:E0:20:DF:A7:7D"}}},"request":{"raw":"GET /devassets/4035/js/mainstream_multilang(3q).js HTTP/1.1\r\nHost: cdn.dt-assets.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://smdispsecure.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nx-amz-replication-status: COMPLETED\r\nLast-Modified: Tue, 20 Feb 2024 13:32:00 GMT\r\nETag: \"b663803e60ef87e608fca514bc1576a3\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: null\r\nAccept-Ranges: bytes\r\nServer: AmazonS3\r\nX-Amz-Cf-Pop: JFK50-P15\r\nX-Amz-Cf-Id: sNJrGZrAfhAstpNtHyPWb_TxwoKlr6JX7X9jOdZ27N9x8QoL9I6jSQ==\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nDate: Fri, 21 Nov 2025 12:55:34 GMT\r\nContent-Length: 5934\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":16131,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"6470316ed7ec781b185e19069208e6e6","sha1":"136eb86bfacc455c471c24cb570111636a6b09f0","sha256":"db3596500d04486149716a38b4e21a6184b9a2e7f3412e27bb9ff7792147f590","sha512":"5fe4febdae76d6bc8fc0d875642430082e837b2191d0759a83b4faa394a40df910157a2b0641596e880db580054b1eec2269dee386efa9c1765e51f6b1521515","ssdeep":"384:ML5l3bdZPyRyB/M85qfd/MNfm8M2zhjlXSXIwlc+X2:ML5l3bvPyRy1MFWf3jbU92","tlshash":"0c72b7573a8d55f6a499f1e3b5f5f91bb28ec47ff281a215302cfc3a1b91028504ea9c","first_seen":"2024-04-21T22:42:49Z","last_seen":"2026-04-12T19:40:43.161018Z","times_seen":180,"resource_available":true,"data":null}},"time_used":528,"timings":{"blocked":138,"dns":52,"connect":0,"send":0,"wait":256,"receive":1,"ssl":57},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-21","alert":"Sinkholed","trigger":"cdn.dt-assets.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"luckfusion.info/visit.php?c=8\u0026k=fd4a675cae2dd708a17bebf9b8690282","fqdn":"luckfusion.info","domain":"luckfusion.info","tld":"info"},"ip":{"addr":"172.67.149.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://luckfusion.info/bonus/com-eu-1-9831/ru-global-bb.php?c=4vz18rirz4uz0\u0026k=ac5e6cdfaf6ecf1ef5d0a25e53e6cd5e\u0026country_code=KZ\u0026carrier=-\u0026country_name=Kazakhstan\u0026region=North%20Kazakhstan\u0026city=Petropavlovsk\u0026isp=LLP%20Asket\u0026lang=ru\u0026os=Android\u0026osv=10.\u0026browser=Chrome\u0026browserv=142\u0026brand=unknown\u0026model=unknown\u0026marketing_name=K\u0026tablet=2\u0026rheight=0\u0026rwidth=0\u0026e=5","date":"2025-11-21T12:55:32.934Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"luckfusion.info","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 12 Oct 2025 14:08:28 GMT","end":"Sat, 10 Jan 2026 15:07:11 GMT"},"fingerprint":{"sha1":"53:35:FF:86:9B:4D:95:37:33:B4:D5:E4:08:A7:1D:3C:27:00:46:A0","sha256":"BB:2C:A8:2D:51:6E:5B:80:65:9F:EB:3E:01:E2:24:C8:FA:2B:C5:BF:CD:5F:CD:6F:21:1D:CF:70:31:4C:C8:0A"}}},"request":{"raw":"GET /visit.php?c=8\u0026k=fd4a675cae2dd708a17bebf9b8690282 HTTP/1.1\r\nHost: luckfusion.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://luckfusion.info/bonus/com-eu-1-9831/ru-global-bb.php?c=4vz18rirz4uz0\u0026k=ac5e6cdfaf6ecf1ef5d0a25e53e6cd5e\u0026country_code=KZ\u0026carrier=-\u0026country_name=Kazakhstan\u0026region=North%20Kazakhstan\u0026city=Petropavlovsk\u0026isp=LLP%20Asket\u0026lang=ru\u0026os=Android\u0026osv=10.\u0026browser=Chrome\u0026browserv=142\u0026brand=unknown\u0026model=unknown\u0026marketing_name=K\u0026tablet=2\u0026rheight=0\u0026rwidth=0\u0026e=5\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\nserver: cloudflare\r\ndate: Fri, 21 Nov 2025 12:55:33 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gPiC1UgS8Zdg7yopbL4%2FQNhXDQpIYlGL%2B0opk3Mj1cTyYxu7G2hUuv2ydMHiBpa0X%2BhkYs1IxoenVkO5pql%2Fbj9E4vSbHE0iWA45skk%3D\"}]}\r\npriority: u=4,i=?0\r\nset-cookie: fc_t_8=1763729733_1763729733_1763729733_1763729733_1763729733; Path=/; Max-Age=2678400; Expires=Mon, 22 Dec 2025 12:55:33 GMT\nfc_n_8=1_1_1_1_1; Path=/; Max-Age=2678400; Expires=Mon, 22 Dec 2025 12:55:33 GMT\r\ncache-control: private, no-cache\r\nlocation: https://smdispsecure.com/s?a=16507\u0026sm=1163\u0026co=10603\u0026mt=7\u0026s2=8z10nrg3\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a20578ed9b15688-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13316,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-15T20:38:47.575438Z","times_seen":13797803,"resource_available":true,"data":null}},"time_used":369,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":369,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-21","alert":"Sinkholed","trigger":"luckfusion.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-21","alert":"Sinkholed","trigger":"luckfusion.info","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.7.1.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://smdispsecure.com/s?a=16507\u0026sm=1163\u0026co=10603\u0026mt=7\u0026s2=8z10nrg3","date":"2025-11-21T12:55:34.109Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /jquery-3.7.1.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://smdispsecure.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://smdispsecure.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-155ed\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Fri, 21 Nov 2025 12:55:34 GMT\r\nage: 1464502\r\nx-served-by: cache-lga21978-LGA, cache-hel1410020-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 27, 9927\r\nx-timer: S1763729734.166256,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 30336\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":87533,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"2c872dbe60f4ba70fb85356113d8b35e","sha1":"ee48592d1fff952fcf06ce0b666ed4785493afdc","sha256":"fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a","sha512":"bf6089ed4698cb8270a8b0c8ad9508ff886a7a842278e98064d5c1790ca3a36d5d69d9f047ef196882554fc104da2c88eb5395f1ee8cf0f3f6ff8869408350fe","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr","tlshash":"3983f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-08-31T16:03:19Z","last_seen":"2026-04-15T20:38:34.363331Z","times_seen":140668,"resource_available":true,"data":null}},"time_used":134,"timings":{"blocked":51,"dns":4,"connect":13,"send":0,"wait":26,"receive":3,"ssl":32},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.dt-assets.com/devassets/4035/js/translate-banner.js","fqdn":"cdn.dt-assets.com","domain":"dt-assets.com","tld":"com"},"ip":{"addr":"23.36.76.123","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://smdispsecure.com/s?a=16507\u0026sm=1163\u0026co=10603\u0026mt=7\u0026s2=8z10nrg3","date":"2025-11-21T12:55:34.116Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.smrt-content.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Oct 2025 06:39:41 GMT","end":"Thu, 01 Jan 2026 06:39:40 GMT"},"fingerprint":{"sha1":"D6:06:35:3F:8C:E6:C7:30:72:AF:48:FC:9C:EA:11:CB:2B:0C:2B:72","sha256":"70:AC:9E:04:8C:F6:A7:72:14:4B:52:13:C2:90:B1:13:23:0D:6D:97:7F:B1:24:54:FE:D5:06:E0:20:DF:A7:7D"}}},"request":{"raw":"GET /devassets/4035/js/translate-banner.js HTTP/1.1\r\nHost: cdn.dt-assets.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://smdispsecure.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: text/javascript\r\nx-amz-replication-status: COMPLETED\r\nLast-Modified: Fri, 06 Sep 2024 13:04:25 GMT\r\nETag: \"eb108c8894773edb3138ec06895b1127\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: 10z_h_pQk_4kOMBx0WavaSzbS4r2LrI4\r\nAccept-Ranges: bytes\r\nServer: AmazonS3\r\nX-Amz-Cf-Pop: JFK50-P15\r\nX-Amz-Cf-Id: WFlIhwIbB9qobIxSAcL4ZvBugn7IF-XKGfN5XmnYp7atdNdxQZPkvg==\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nDate: Fri, 21 Nov 2025 12:55:34 GMT\r\nContent-Length: 1175\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":2720,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"eb108c8894773edb3138ec06895b1127","sha1":"e52895fd90cc7bbcd6b7e3699886a3a91d1a1f3b","sha256":"d19417b2b93cfd7978ce04ff6e947448d06dee964fe79d18a816bc9c0e4223fa","sha512":"b24e691d44d6396c59e47d9a721efe1414291bc32032d9c9f1985a4e8fe8cc25001062d09fbe6939c928463ab1f2c5a9a1cf956085527c249a2c80c01f7bc292","ssdeep":"","tlshash":"e6512f1276a52f3bc6306332b498a710f2a94b3b7e851c8232b15528dff6433c125fac","first_seen":"2024-09-06T08:26:50Z","last_seen":"2025-12-22T23:45:59.117301Z","times_seen":75,"resource_available":true,"data":null}},"time_used":359,"timings":{"blocked":90,"dns":62,"connect":1,"send":0,"wait":172,"receive":0,"ssl":30},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-21","alert":"Sinkholed","trigger":"cdn.dt-assets.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/firebasejs/8.2.2/firebase-messaging.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://smdispsecure.com/s?a=16507\u0026sm=1163\u0026co=10603\u0026mt=7\u0026s2=8z10nrg3","date":"2025-11-21T12:55:34.216Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:04 GMT","end":"Mon, 19 Jan 2026 08:35:03 GMT"},"fingerprint":{"sha1":"4A:97:40:A8:11:17:BA:08:56:28:6E:0B:93:8B:64:13:1D:67:D4:2A","sha256":"A2:0A:13:FD:98:22:74:26:3F:C1:44:5C:92:27:22:17:A8:65:07:40:50:F9:14:02:11:E4:87:7F:C5:D2:F1:42"}}},"request":{"raw":"GET /firebasejs/8.2.2/firebase-messaging.js HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://smdispsecure.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"firebase-js\"\r\nreport-to: {\"group\":\"firebase-js\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/firebase-js\"}]}\r\ncontent-length: 10840\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 14 Nov 2025 18:09:43 GMT\r\nexpires: Sat, 14 Nov 2026 18:09:43 GMT\r\ncache-control: public, max-age=31536000\r\nage: 585951\r\nlast-modified: Thu, 07 Jan 2021 21:51:17 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40767,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (40719)","md5":"b183329c90af8d64337b925c208e7a14","sha1":"9f5a49eab81c119d28416ba96f0390fdbc5a4565","sha256":"8e494f1321a6b31f3f2c5b67d5ed2242260adae69ac403bf87daba0aa6f0d9cf","sha512":"934db2e71193d93f6d271360e1ff09da2a2e38ef2d7a003fa65fef63fbbf81c3059db3b5b6e7a8ebe352d852285a281d356e9959f483378a2e21aaecade69586","ssdeep":"768:5NTKEXXgb0hlg40MrseYmrfnybAglt/B14IfHa0sCN:vTKhb0YxMrkEnQAwdRfXrN","tlshash":"390362ccbac3b51a8393a1fe54bf5146b63f7c18a40e4500fa69d5da7c7a009c637ab4","first_seen":"2023-03-07T01:17:49Z","last_seen":"2026-04-15T19:40:49.64795Z","times_seen":3582,"resource_available":true,"data":null}},"time_used":184,"timings":{"blocked":78,"dns":10,"connect":14,"send":0,"wait":15,"receive":2,"ssl":61},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"luckfusion.info/bonus/com-eu-1-9831/ru-global-bb.php?c=4vz18rirz4uz0\u0026k=ac5e6cdfaf6ecf1ef5d0a25e53e6cd5e\u0026country_code=KZ\u0026carrier=-\u0026country_name=Kazakhstan\u0026region=North%20Kazakhstan\u0026city=Petropavlovsk\u0026isp=LLP%20Asket\u0026lang=ru\u0026os=Android\u0026osv=10.\u0026browser=Chrome\u0026browserv=142\u0026brand=unknown\u0026model=unknown\u0026marketing_name=K\u0026tablet=2\u0026rheight=0\u0026rwidth=0\u0026e=5","fqdn":"luckfusion.info","domain":"luckfusion.info","tld":"info"},"ip":{"addr":"172.67.149.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-21T12:55:32.497Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"luckfusion.info","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 12 Oct 2025 14:08:28 GMT","end":"Sat, 10 Jan 2026 15:07:11 GMT"},"fingerprint":{"sha1":"53:35:FF:86:9B:4D:95:37:33:B4:D5:E4:08:A7:1D:3C:27:00:46:A0","sha256":"BB:2C:A8:2D:51:6E:5B:80:65:9F:EB:3E:01:E2:24:C8:FA:2B:C5:BF:CD:5F:CD:6F:21:1D:CF:70:31:4C:C8:0A"}}},"request":{"raw":"GET /bonus/com-eu-1-9831/ru-global-bb.php?c=4vz18rirz4uz0\u0026k=ac5e6cdfaf6ecf1ef5d0a25e53e6cd5e\u0026country_code=KZ\u0026carrier=-\u0026country_name=Kazakhstan\u0026region=North%20Kazakhstan\u0026city=Petropavlovsk\u0026isp=LLP%20Asket\u0026lang=ru\u0026os=Android\u0026osv=10.\u0026browser=Chrome\u0026browserv=142\u0026brand=unknown\u0026model=unknown\u0026marketing_name=K\u0026tablet=2\u0026rheight=0\u0026rwidth=0\u0026e=5 HTTP/1.1\r\nHost: luckfusion.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 21 Nov 2025 12:55:32 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding, Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=u8NH0LVvlqY%2FlMZGOr4uRPog86kJyonsJBaahZ6KXPxYsdBKbs3m2bX0VnD2IqKuTC2uvq%2Fw7PnjdQeVmP4zeWRacOD%2FQmeDuIK1TiUhig%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9a20578c6cec0883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1535,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"69b85326c7716f590553cdc33bf92ecb","sha1":"8fde7bf82c85b138b216d2e06593c68c454a0e2d","sha256":"68fd553904fa03f4440d7b7fd18e6f4b184dc73869aea6d6a171638d0c5b834b","sha512":"95f6c30d640aa2e025565b25e03cf8489234b70a6cc26faa6059ec191fdda6719353fe1ee32fd68d47743c1433d5363f1df5623174e05ee700af88a977a5b7a0","ssdeep":"","tlshash":"64314bdf1d41c61085b1240aaef1e598f466605b23408164b9fc95233ff4f895b67bbc","first_seen":"2025-11-21T12:56:00.850247Z","last_seen":"2026-03-28T11:49:50.293573Z","times_seen":3,"resource_available":true,"data":null}},"time_used":297,"timings":{"blocked":48,"dns":31,"connect":1,"send":0,"wait":202,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-21","alert":"Sinkholed","trigger":"luckfusion.info","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-21","alert":"Sinkholed","trigger":"luckfusion.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.dt-assets.com/devassets/4035/css/main3.css","fqdn":"cdn.dt-assets.com","domain":"dt-assets.com","tld":"com"},"ip":{"addr":"23.36.76.123","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://smdispsecure.com/s?a=16507\u0026sm=1163\u0026co=10603\u0026mt=7\u0026s2=8z10nrg3","date":"2025-11-21T12:55:34.118Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.smrt-content.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Oct 2025 06:39:41 GMT","end":"Thu, 01 Jan 2026 06:39:40 GMT"},"fingerprint":{"sha1":"D6:06:35:3F:8C:E6:C7:30:72:AF:48:FC:9C:EA:11:CB:2B:0C:2B:72","sha256":"70:AC:9E:04:8C:F6:A7:72:14:4B:52:13:C2:90:B1:13:23:0D:6D:97:7F:B1:24:54:FE:D5:06:E0:20:DF:A7:7D"}}},"request":{"raw":"GET /devassets/4035/css/main3.css HTTP/1.1\r\nHost: cdn.dt-assets.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://smdispsecure.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: text/css\r\nx-amz-replication-status: COMPLETED\r\nLast-Modified: Mon, 29 Apr 2024 13:37:09 GMT\r\nETag: \"a311ce203f77e5e16fa6c064ffbf98fa\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: null\r\nAccept-Ranges: bytes\r\nServer: AmazonS3\r\nX-Amz-Cf-Pop: JFK50-P15\r\nX-Amz-Cf-Id: lDoSEmPtrC9XCwoeVBow-UxZL2Uk3knheN7YVsaNRZojUxahKKE6ww==\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nDate: Fri, 21 Nov 2025 12:55:35 GMT\r\nContent-Length: 2139\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":8401,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"a311ce203f77e5e16fa6c064ffbf98fa","sha1":"3f017b941c231ad01a0f4d84c6adc34f8dcc6821","sha256":"bc12246f5aaea19df6ba59cd1812811f9c96fed0287e772ee38a1decd37f1616","sha512":"3565eb7b1629daa72a71fc54b2a4f52a3a18a5254b7faaf614181550fccee794ee2eb89152d5e1639c1496c3cfa9a1f3d6f7f74d9ae9fc495f972974520c2e59","ssdeep":"192:ZyZDTG2XnBoYsSocxhUS7eKF35Q6bKCR9jyfHdazUiE3/kOLCUuzFG4L+gD2Mm:ZydFXvx9V/wHdazUimGUuzFFfm","tlshash":"150215582ab10508745bc16c76d62fa8332cc4439e0fdd7eb7e220689fc9298a6d37cd","first_seen":"2024-04-29T18:32:54Z","last_seen":"2025-12-22T23:45:59.126161Z","times_seen":87,"resource_available":false,"data":null}},"time_used":1524,"timings":{"blocked":89,"dns":62,"connect":1,"send":0,"wait":1336,"receive":1,"ssl":25},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-21","alert":"Sinkholed","trigger":"cdn.dt-assets.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-C3EPRPS8FB\u0026cx=c\u0026gtm=4e5bj0h2","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://smdispsecure.com/s?a=16507\u0026sm=1163\u0026co=10603\u0026mt=7\u0026s2=8z10nrg3","date":"2025-11-21T12:55:35.837Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:33:43 GMT","end":"Mon, 19 Jan 2026 08:33:42 GMT"},"fingerprint":{"sha1":"4E:9E:D1:61:E4:7D:C2:8A:B6:AD:D2:31:C7:07:01:E4:DB:A0:A7:A9","sha256":"C5:DD:D4:CA:97:B7:B5:8C:B4:99:E8:56:30:AC:1B:F0:FD:7C:5A:FD:19:ED:13:D0:27:D6:0B:76:C7:C7:A0:66"}}},"request":{"raw":"GET /gtag/js?id=G-C3EPRPS8FB\u0026cx=c\u0026gtm=4e5bj0h2 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://smdispsecure.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Fri, 21 Nov 2025 12:55:35 GMT\r\nexpires: Fri, 21 Nov 2025 12:55:35 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 137167\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":402505,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5911)","md5":"a4bde38834841ed9cdeeaa7f5a689191","sha1":"67da6fd8093a64015302a589677d0b65d39cf652","sha256":"f85645ff98470cdbd37b2d13e465c4a2f3a1a397a273acdb008635ce1c75ad06","sha512":"0ea684dd53640e070f27064bed4d7586a8ec6f4d029b57bdc321add13b8b1df929c93c9e387c65d75ef207e4b124f305d61276aa6aec4e45ba14fda7227cec59","ssdeep":"6144:iIWgKOtdDUI23ECULUVW66O7GQEO7TkeV0sBLatgFvp:iv3O3UHECUfO7jL","tlshash":"4c8418ce73d6742653d6b078503f018ba57b28a2f44cc895f18ac9e52e74a9a4237f7c","first_seen":"2025-11-21T12:56:00.857427Z","last_seen":"2025-11-21T12:56:00.857427Z","times_seen":1,"resource_available":true,"data":null}},"time_used":128,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":84,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-K8MBVLY3KP\u0026cx=c\u0026gtm=4e5bi1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://smdispsecure.com/s?a=16507\u0026sm=1163\u0026co=10603\u0026mt=7\u0026s2=8z10nrg3","date":"2025-11-21T12:55:36.158Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:33:43 GMT","end":"Mon, 19 Jan 2026 08:33:42 GMT"},"fingerprint":{"sha1":"4E:9E:D1:61:E4:7D:C2:8A:B6:AD:D2:31:C7:07:01:E4:DB:A0:A7:A9","sha256":"C5:DD:D4:CA:97:B7:B5:8C:B4:99:E8:56:30:AC:1B:F0:FD:7C:5A:FD:19:ED:13:D0:27:D6:0B:76:C7:C7:A0:66"}}},"request":{"raw":"GET /gtag/js?id=G-K8MBVLY3KP\u0026cx=c\u0026gtm=4e5bi1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://smdispsecure.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Fri, 21 Nov 2025 12:55:36 GMT\r\nexpires: Fri, 21 Nov 2025 12:55:36 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 137322\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":403265,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5911)","md5":"a8a1f894be920d84d80c4cdb27938d60","sha1":"38543025cfd5721cecb79db746a06b33e3110817","sha256":"767b711a6098bba4c9386aff0bb77b1cd2f9d7fb608fc9518f436b056ee535ee","sha512":"866d5d0bd5a00dd33b3a4c49b1625b04311d8ffe932986387b55456e335c648162e3b7f71de32d7cab082dc26125afe4afe1bfafc0b6f7365ac8f9a312c0eb0f","ssdeep":"6144:1vBUKltJeUI2XVUULUVWo6O7GQEO7f2xVFBoOr+Jj:1pDl2UnVUUtO7z","tlshash":"ef8419ce73d6742653d6b078503f018ba57b28a2f44cc899f189c9e52e70a9a4277f7c","first_seen":"2025-11-21T12:56:00.861642Z","last_seen":"2025-11-21T12:56:00.861642Z","times_seen":1,"resource_available":true,"data":null}},"time_used":69,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":45,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"luckfusion.info/ctrack.php?c=4vz18rirz4uz0\u0026k=ac5e6cdfaf6ecf1ef5d0a25e53e6cd5e\u0026t=0.752026496847356","fqdn":"luckfusion.info","domain":"luckfusion.info","tld":"info"},"ip":{"addr":"172.67.149.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://luckfusion.info/bonus/com-eu-1-9831/ru-global-bb.php?c=4vz18rirz4uz0\u0026k=ac5e6cdfaf6ecf1ef5d0a25e53e6cd5e\u0026country_code=KZ\u0026carrier=-\u0026country_name=Kazakhstan\u0026region=North%20Kazakhstan\u0026city=Petropavlovsk\u0026isp=LLP%20Asket\u0026lang=ru\u0026os=Android\u0026osv=10.\u0026browser=Chrome\u0026browserv=142\u0026brand=unknown\u0026model=unknown\u0026marketing_name=K\u0026tablet=2\u0026rheight=0\u0026rwidth=0\u0026e=5","date":"2025-11-21T12:55:32.917Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"luckfusion.info","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 12 Oct 2025 14:08:28 GMT","end":"Sat, 10 Jan 2026 15:07:11 GMT"},"fingerprint":{"sha1":"53:35:FF:86:9B:4D:95:37:33:B4:D5:E4:08:A7:1D:3C:27:00:46:A0","sha256":"BB:2C:A8:2D:51:6E:5B:80:65:9F:EB:3E:01:E2:24:C8:FA:2B:C5:BF:CD:5F:CD:6F:21:1D:CF:70:31:4C:C8:0A"}}},"request":{"raw":"GET /ctrack.php?c=4vz18rirz4uz0\u0026k=ac5e6cdfaf6ecf1ef5d0a25e53e6cd5e\u0026t=0.752026496847356 HTTP/1.1\r\nHost: luckfusion.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://luckfusion.info/bonus/com-eu-1-9831/ru-global-bb.php?c=4vz18rirz4uz0\u0026k=ac5e6cdfaf6ecf1ef5d0a25e53e6cd5e\u0026country_code=KZ\u0026carrier=-\u0026country_name=Kazakhstan\u0026region=North%20Kazakhstan\u0026city=Petropavlovsk\u0026isp=LLP%20Asket\u0026lang=ru\u0026os=Android\u0026osv=10.\u0026browser=Chrome\u0026browserv=142\u0026brand=unknown\u0026model=unknown\u0026marketing_name=K\u0026tablet=2\u0026rheight=0\u0026rwidth=0\u0026e=5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 21 Nov 2025 12:55:33 GMT\r\ncontent-type: image/gif\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\ncache-control: private, no-cache\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jHoq6Pi6sw5L%2FxVtnGAbKH2ehmKLKRaR0czWgtDeDDc9W4FIXR8LFQZpThWHiBeI5Ai42tTiyjCGRD8EcYG31B%2BEKp%2FGbIFIUFPL9d8%3D\"}]}\r\ncf-ray: 9a20578eb9b05688-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ffce86e7c036f733c99e4aac1951d1f0","sha1":"9d27322a607424247d05b3aa22ed8a9bbf3977ca","sha256":"adc1673711c18a8770805224a7c110405cb60a6e933d56f47a7b36585fe37fcc","sha512":"9cec634b2248459ca2380cdea45af272eb6662a7703fc5586ef66ce482125f1bda5793aadf758999b85e52fea285187be6304cab4548fe00f1e4ee9ff22f8426","ssdeep":"","tlshash":"0a900403d540c104c141c0300c04d340574070704544470f70dc375ddc151d70c11000","first_seen":"2023-05-01T17:01:48Z","last_seen":"2026-04-15T09:27:00.761783Z","times_seen":138,"resource_available":false,"data":null}},"time_used":343,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":343,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-21","alert":"Sinkholed","trigger":"luckfusion.info","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-21","alert":"Sinkholed","trigger":"luckfusion.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"luckfusion.info/favicon.ico","fqdn":"luckfusion.info","domain":"luckfusion.info","tld":"info"},"ip":{"addr":"172.67.149.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://luckfusion.info/bonus/com-eu-1-9831/ru-global-bb.php?c=4vz18rirz4uz0\u0026k=ac5e6cdfaf6ecf1ef5d0a25e53e6cd5e\u0026country_code=KZ\u0026carrier=-\u0026country_name=Kazakhstan\u0026region=North%20Kazakhstan\u0026city=Petropavlovsk\u0026isp=LLP%20Asket\u0026lang=ru\u0026os=Android\u0026osv=10.\u0026browser=Chrome\u0026browserv=142\u0026brand=unknown\u0026model=unknown\u0026marketing_name=K\u0026tablet=2\u0026rheight=0\u0026rwidth=0\u0026e=5","date":"2025-11-21T12:55:33.038Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"luckfusion.info","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 12 Oct 2025 14:08:28 GMT","end":"Sat, 10 Jan 2026 15:07:11 GMT"},"fingerprint":{"sha1":"53:35:FF:86:9B:4D:95:37:33:B4:D5:E4:08:A7:1D:3C:27:00:46:A0","sha256":"BB:2C:A8:2D:51:6E:5B:80:65:9F:EB:3E:01:E2:24:C8:FA:2B:C5:BF:CD:5F:CD:6F:21:1D:CF:70:31:4C:C8:0A"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: luckfusion.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://luckfusion.info/bonus/com-eu-1-9831/ru-lp2.php?c=4vz18rirz4uz0\u0026k=ac5e6cdfaf6ecf1ef5d0a25e53e6cd5e\u0026country_code=KZ\u0026carrier=-\u0026country_name=Kazakhstan\u0026region=North%20Kazakhstan\u0026city=Petropavlovsk\u0026isp=LLP%20Asket\u0026lang=ru\u0026os=Android\u0026osv=10.\u0026browser=Chrome\u0026browserv=142\u0026brand=unknown\u0026model=unknown\u0026marketing_name=K\u0026tablet=2\u0026rheight=0\u0026rwidth=0\u0026e=5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 21 Nov 2025 12:55:33 GMT\r\ncontent-type: image/x-icon\r\nvary: accept-encoding\r\npriority: u=6,i=?0\r\nlast-modified: Tue, 23 Apr 2024 05:28:37 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 20 Nov 2025 13:11:10 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: br\r\nage: 1203346\r\ncf-cache-status: HIT\r\netag: W/\"66274705-32e\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tnyLuD1TssTLGucL8bfonD6mQGTTNjo5GK6ZLr6tzBvTeRt%2BQ7IL%2FyfD0fC8m1LMMmuhKzAZwKC0b4kW3dfxw%2BgWmUPN7OHPTwzTL1I%3D\"}]}\r\ncf-ray: 9a20578f79b45688-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":814,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 41 x 41, 8-bit/color RGBA, non-interlaced","md5":"973e8dc3b11662098fc4ea0027feb1d7","sha1":"a458bc5e7fb5a9b4a61f8447026fc9b0d37af740","sha256":"4319df6394c456785fa2541669c7b83db2f658d43ab6610871d4487adf7b6c1c","sha512":"f20d7bbe2b38af33227913c809f2f058ca04c5764c011436183ebeca6270152cec36ddd2cdbf2881b501d3eb9d036537bc85683ada035bf54028368b5e5dacc1","ssdeep":"","tlshash":"a201caeb4ec91c06dd55b8bc551dd1c110f9900f5b3369477734d810323cf178c9a159","first_seen":"2023-11-18T20:21:53Z","last_seen":"2026-04-15T16:39:35.465959Z","times_seen":499,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-21","alert":"Sinkholed","trigger":"luckfusion.info","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-21","alert":"Sinkholed","trigger":"luckfusion.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-TR8VQRX","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://smdispsecure.com/s?a=16507\u0026sm=1163\u0026co=10603\u0026mt=7\u0026s2=8z10nrg3","date":"2025-11-21T12:55:35.561Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:33:43 GMT","end":"Mon, 19 Jan 2026 08:33:42 GMT"},"fingerprint":{"sha1":"4E:9E:D1:61:E4:7D:C2:8A:B6:AD:D2:31:C7:07:01:E4:DB:A0:A7:A9","sha256":"C5:DD:D4:CA:97:B7:B5:8C:B4:99:E8:56:30:AC:1B:F0:FD:7C:5A:FD:19:ED:13:D0:27:D6:0B:76:C7:C7:A0:66"}}},"request":{"raw":"GET /gtm.js?id=GTM-TR8VQRX HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://smdispsecure.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Fri, 21 Nov 2025 12:55:35 GMT\r\nexpires: Fri, 21 Nov 2025 12:55:35 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Fri, 21 Nov 2025 12:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 113714\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":330106,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5372)","md5":"4d4a27252de8ac953c27b3e3b31b60ea","sha1":"2459aa031ee087198d590a83ecd4b1f236e54fcc","sha256":"9c8a905475ed96cc603bff11fe8e898bea2de82d26d55a3a7016816321db9966","sha512":"3fc40cdd977404d06eebacb6b21fc40b4131f21bb1785d7bcdb1c1d2c75b174fc4b99e821ecff1d02403bc97335af9d2a554c8fcd2a4ced7a972cea21018943f","ssdeep":"6144:mWgStyDUI23Yu0IVW66O7GQuO7KnUiVPb:1toUHYuYO7oRV","tlshash":"f36418c9b3d6702243a3a474503f018ba27b79d2f84cc895f186d9d52e70aaa4277f7d","first_seen":"2025-11-21T12:56:00.868299Z","last_seen":"2025-11-21T12:56:00.868299Z","times_seen":1,"resource_available":true,"data":null}},"time_used":179,"timings":{"blocked":62,"dns":2,"connect":9,"send":0,"wait":31,"receive":23,"ssl":48},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.dt-assets.com/devassets/4035/images/bg.jpg","fqdn":"cdn.dt-assets.com","domain":"dt-assets.com","tld":"com"},"ip":{"addr":"23.36.76.123","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://smdispsecure.com/s?a=16507\u0026sm=1163\u0026co=10603\u0026mt=7\u0026s2=8z10nrg3","date":"2025-11-21T12:55:35.574Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.smrt-content.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Oct 2025 06:39:41 GMT","end":"Thu, 01 Jan 2026 06:39:40 GMT"},"fingerprint":{"sha1":"D6:06:35:3F:8C:E6:C7:30:72:AF:48:FC:9C:EA:11:CB:2B:0C:2B:72","sha256":"70:AC:9E:04:8C:F6:A7:72:14:4B:52:13:C2:90:B1:13:23:0D:6D:97:7F:B1:24:54:FE:D5:06:E0:20:DF:A7:7D"}}},"request":{"raw":"GET /devassets/4035/images/bg.jpg HTTP/1.1\r\nHost: cdn.dt-assets.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.dt-assets.com/devassets/4035/css/main3.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/jpeg\r\nContent-Length: 161297\r\nx-amz-replication-status: COMPLETED\r\nLast-Modified: Tue, 20 Feb 2024 15:27:20 GMT\r\nETag: \"3e6f3cd4b9c5e1e46d6b980d4c33875d\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: null\r\nAccept-Ranges: bytes\r\nServer: AmazonS3\r\nX-Amz-Cf-Pop: JFK50-P15\r\nX-Amz-Cf-Id: 6uZ9r-8G2Ch7mpH-jJSAhmZYIFefUpCHhuBVa09mVwNQHV-tkI5_4A==\r\nDate: Fri, 21 Nov 2025 12:55:35 GMT\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":161297,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"Compressed by jpeg-recompress\", progressive, precision 8, 768x1280, components 3","md5":"3e6f3cd4b9c5e1e46d6b980d4c33875d","sha1":"eac0870c98f0a1b202665895fd5af657caa3a314","sha256":"43d1561784b2f6ad7fdd87b0d11303ef6750bb4272e3cdbf9c0d1a3cfc59ab02","sha512":"073b7b08f054c55ac4fba58b950f8ec4cb19d975c55a0a7a14c544b1b83c60c79f8cf894309b4c9125a928b3065103370ece7070b9b5918b8f33a08ce29ded62","ssdeep":"3072:eW3ITYcX/9ciuhhScOQ+iVcgXDuEfNkb+VYdjWKeb17wz0SY1xOqElRAFs6:Z3SYuduXvRDPkwvD1kixOqElRAFD","tlshash":"82f322c544f48ed36c24c5eb93231c80efd9403d218e5d1bea6b46886e7a590fa3f5b9","first_seen":"2024-04-29T18:32:54Z","last_seen":"2025-12-22T23:45:59.128845Z","times_seen":93,"resource_available":false,"data":null}},"time_used":256,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":250,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-21","alert":"Sinkholed","trigger":"cdn.dt-assets.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tsyndicate.com/api/v1/retargeting/set/3f949dfe-3372-4caa-baf0-047f88323cfa?pageviewe={pageviewe}\u0026lead={lead}","fqdn":"tsyndicate.com","domain":"tsyndicate.com","tld":"com"},"ip":{"addr":"213.239.204.82","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://smdispsecure.com/s?a=16507\u0026sm=1163\u0026co=10603\u0026mt=7\u0026s2=8z10nrg3","date":"2025-11-21T12:55:35.795Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tsyndicate.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 12 Nov 2025 21:10:04 GMT","end":"Tue, 10 Feb 2026 21:10:03 GMT"},"fingerprint":{"sha1":"BB:2C:CE:C9:92:0E:A9:18:50:BD:8C:7E:7D:B2:E6:CC:72:54:29:18","sha256":"3B:E3:8E:A4:C5:EC:08:3B:96:2B:B0:16:ED:56:3F:0A:CD:55:81:4A:8F:FC:97:83:57:FC:6E:F9:FD:F4:43:83"}}},"request":{"raw":"GET /api/v1/retargeting/set/3f949dfe-3372-4caa-baf0-047f88323cfa?pageviewe={pageviewe}\u0026lead={lead} HTTP/1.1\r\nHost: tsyndicate.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://smdispsecure.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 21 Nov 2025 12:55:35 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\npragma: no-cache\r\nexpires: 0\r\nvary: *\r\nx-api-version: 1\r\nset-cookie: ts_rt_3f949dfe-3372-4caa-baf0-047f88323cfa=ANmUCUOmR4kbQgQSPEjEBJwwZ8rYSVPmThmDCB9GnFixDMOA; expires=Sat, 21 Nov 2026 12:55:35 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None\r\ncache-control: no-cache, no-store, no-transform, must-revalidate, no-transform\r\nx-robots-tag: none, noindex, nofollow\r\nreport-to: { \"url\": \"https://pxl.tsyndicate.com/api/v1/heavy-ad/report\", \"max_age\": 86401 }\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64\r\npermissions-policy: ch-ua-model=(self \"https://tsyndicate.com\"), ch-ua-platform-version=(self)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ba036c43037cfe89320d1ef7b64cd43f","sha1":"88c72d3e26047eb1e45e5564a76427734f120efe","sha256":"42cb846e07917f6731406e500f24aeb2e88c42cda124eaa59e08c5331cad8bcb","sha512":"aa80ccd27c05eb729f730b9d830b011650bcf12cbb25d19edf29efcf962c7465bb5685a5ff5d084356c6710c08e829d16b59e7a59a41767eb14744f326b6c124","ssdeep":"","tlshash":"19900403f5400003d175d03107170340134cd110057c0307405d505cdc553510c01010","first_seen":"2023-05-10T09:10:20Z","last_seen":"2026-04-15T20:31:43.691212Z","times_seen":14723,"resource_available":false,"data":null}},"time_used":149,"timings":{"blocked":61,"dns":0,"connect":24,"send":0,"wait":26,"receive":1,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-5R6C28C","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://smdispsecure.com/s?a=16507\u0026sm=1163\u0026co=10603\u0026mt=7\u0026s2=8z10nrg3","date":"2025-11-21T12:55:35.846Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:33:43 GMT","end":"Mon, 19 Jan 2026 08:33:42 GMT"},"fingerprint":{"sha1":"4E:9E:D1:61:E4:7D:C2:8A:B6:AD:D2:31:C7:07:01:E4:DB:A0:A7:A9","sha256":"C5:DD:D4:CA:97:B7:B5:8C:B4:99:E8:56:30:AC:1B:F0:FD:7C:5A:FD:19:ED:13:D0:27:D6:0B:76:C7:C7:A0:66"}}},"request":{"raw":"GET /gtm.js?id=GTM-5R6C28C HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://smdispsecure.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Fri, 21 Nov 2025 12:55:35 GMT\r\nexpires: Fri, 21 Nov 2025 12:55:35 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Fri, 21 Nov 2025 12:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 106161\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":312859,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (7429)","md5":"5751897fef533ad52ec8c150c5f27a6e","sha1":"70f0c2c58019f7e57a150ad53ee14c9862e2c08e","sha256":"60864bf2d804d68b048b25b79522229666f6f385380813abe298e882c2e98a3e","sha512":"76024fd6ca189013ad91022a5c7338c05aa64391d268d15005bc2c8e14deb4bff0fb786239bfd8f878303da0132911549926050ecfaa1312843db5e919c881b4","ssdeep":"3072:yZw+P05vkzUrnMo0ulFe1dRGeefSJQWfQXr2XdArNbE0fcVWo6O7nGQuO7yH2fn:yBULt+eUI2X6u0UVWo6O7GQuO7yWfn","tlshash":"b46419cd73da742683a3a474403f018bb17b7892e84cd895f186d8d52e70aaa4277f7d","first_seen":"2025-11-21T12:56:00.873383Z","last_seen":"2025-11-21T12:56:00.873383Z","times_seen":1,"resource_available":true,"data":null}},"time_used":117,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":75,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"luckfusion.info/lib/ajax/lp_timing.php?c=4vz18rirz4uz0\u0026k=ac5e6cdfaf6ecf1ef5d0a25e53e6cd5e\u0026d=3232_32\u0026t=0.6983879113298767","fqdn":"luckfusion.info","domain":"luckfusion.info","tld":"info"},"ip":{"addr":"172.67.149.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://luckfusion.info/bonus/com-eu-1-9831/ru-global-bb.php?c=4vz18rirz4uz0\u0026k=ac5e6cdfaf6ecf1ef5d0a25e53e6cd5e\u0026country_code=KZ\u0026carrier=-\u0026country_name=Kazakhstan\u0026region=North%20Kazakhstan\u0026city=Petropavlovsk\u0026isp=LLP%20Asket\u0026lang=ru\u0026os=Android\u0026osv=10.\u0026browser=Chrome\u0026browserv=142\u0026brand=unknown\u0026model=unknown\u0026marketing_name=K\u0026tablet=2\u0026rheight=0\u0026rwidth=0\u0026e=5","date":"2025-11-21T12:55:36.153Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"luckfusion.info","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 12 Oct 2025 14:08:28 GMT","end":"Sat, 10 Jan 2026 15:07:11 GMT"},"fingerprint":{"sha1":"53:35:FF:86:9B:4D:95:37:33:B4:D5:E4:08:A7:1D:3C:27:00:46:A0","sha256":"BB:2C:A8:2D:51:6E:5B:80:65:9F:EB:3E:01:E2:24:C8:FA:2B:C5:BF:CD:5F:CD:6F:21:1D:CF:70:31:4C:C8:0A"}}},"request":{"raw":"GET /lib/ajax/lp_timing.php?c=4vz18rirz4uz0\u0026k=ac5e6cdfaf6ecf1ef5d0a25e53e6cd5e\u0026d=3232_32\u0026t=0.6983879113298767 HTTP/1.1\r\nHost: luckfusion.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://luckfusion.info/bonus/com-eu-1-9831/ru-lp2.php?c=4vz18rirz4uz0\u0026k=ac5e6cdfaf6ecf1ef5d0a25e53e6cd5e\u0026country_code=KZ\u0026carrier=-\u0026country_name=Kazakhstan\u0026region=North%20Kazakhstan\u0026city=Petropavlovsk\u0026isp=LLP%20Asket\u0026lang=ru\u0026os=Android\u0026osv=10.\u0026browser=Chrome\u0026browserv=142\u0026brand=unknown\u0026model=unknown\u0026marketing_name=K\u0026tablet=2\u0026rheight=0\u0026rwidth=0\u0026e=5\r\nCookie: fc_t_8=1763729733_1763729733_1763729733_1763729733_1763729733; fc_n_8=1_1_1_1_1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 21 Nov 2025 12:55:36 GMT\r\ncontent-type: image/gif\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BjK0gMwq9j3hxygsmFAgmMHPsu9xQ%2BZwPx5YrgknswHCTGatIpMqxMrESWZY3petmccE4m7UZWJvVZWLyxfw94Kq92laRrln1t0VUH0%3D\"}]}\r\ncf-ray: 9a2057a2fa675688-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ffce86e7c036f733c99e4aac1951d1f0","sha1":"9d27322a607424247d05b3aa22ed8a9bbf3977ca","sha256":"adc1673711c18a8770805224a7c110405cb60a6e933d56f47a7b36585fe37fcc","sha512":"9cec634b2248459ca2380cdea45af272eb6662a7703fc5586ef66ce482125f1bda5793aadf758999b85e52fea285187be6304cab4548fe00f1e4ee9ff22f8426","ssdeep":"","tlshash":"0a900403d540c104c141c0300c04d340574070704544470f70dc375ddc151d70c11000","first_seen":"2023-05-01T17:01:48Z","last_seen":"2026-04-15T09:27:00.761783Z","times_seen":138,"resource_available":false,"data":null}},"time_used":199,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":199,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-21","alert":"Sinkholed","trigger":"luckfusion.info","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-21","alert":"Sinkholed","trigger":"luckfusion.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"luckfusion.info/bonus/com-eu-1-9831/carrier/main.js","fqdn":"luckfusion.info","domain":"luckfusion.info","tld":"info"},"ip":{"addr":"172.67.149.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://luckfusion.info/bonus/com-eu-1-9831/ru-global-bb.php?c=4vz18rirz4uz0\u0026k=ac5e6cdfaf6ecf1ef5d0a25e53e6cd5e\u0026country_code=KZ\u0026carrier=-\u0026country_name=Kazakhstan\u0026region=North%20Kazakhstan\u0026city=Petropavlovsk\u0026isp=LLP%20Asket\u0026lang=ru\u0026os=Android\u0026osv=10.\u0026browser=Chrome\u0026browserv=142\u0026brand=unknown\u0026model=unknown\u0026marketing_name=K\u0026tablet=2\u0026rheight=0\u0026rwidth=0\u0026e=5","date":"2025-11-21T12:55:32.892Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"luckfusion.info","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 12 Oct 2025 14:08:28 GMT","end":"Sat, 10 Jan 2026 15:07:11 GMT"},"fingerprint":{"sha1":"53:35:FF:86:9B:4D:95:37:33:B4:D5:E4:08:A7:1D:3C:27:00:46:A0","sha256":"BB:2C:A8:2D:51:6E:5B:80:65:9F:EB:3E:01:E2:24:C8:FA:2B:C5:BF:CD:5F:CD:6F:21:1D:CF:70:31:4C:C8:0A"}}},"request":{"raw":"GET /bonus/com-eu-1-9831/carrier/main.js HTTP/1.1\r\nHost: luckfusion.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://luckfusion.info/bonus/com-eu-1-9831/ru-global-bb.php?c=4vz18rirz4uz0\u0026k=ac5e6cdfaf6ecf1ef5d0a25e53e6cd5e\u0026country_code=KZ\u0026carrier=-\u0026country_name=Kazakhstan\u0026region=North%20Kazakhstan\u0026city=Petropavlovsk\u0026isp=LLP%20Asket\u0026lang=ru\u0026os=Android\u0026osv=10.\u0026browser=Chrome\u0026browserv=142\u0026brand=unknown\u0026model=unknown\u0026marketing_name=K\u0026tablet=2\u0026rheight=0\u0026rwidth=0\u0026e=5\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 21 Nov 2025 12:55:32 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding, Accept-Encoding\r\nlast-modified: Wed, 15 May 2024 13:01:32 GMT\r\netag: W/\"6644b22c-a16\"\r\nexpires: Sat, 22 Nov 2025 23:11:42 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\nage: 579044\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9SXmU0nmoLrAlWQgLF9122FXC4spsA94kY882VJZYRrEMUUiEP1EUdEH5oawcvCMxi9zgM8PuUwBa404nRFLefVpIn1EEn73EcZVRMw%3D\"}]}\r\ncf-ray: 9a20578e99af5688-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2582,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"6749081dc8d2e65a8b31a4495747e537","sha1":"784b69c2160032e2603b09e53b32055b5ec320cd","sha256":"9d8aff015322729c4149911f4353e18184b97149b39cc77fcf3ceccecc2dc1e4","sha512":"34f1df1164f865a4a4a96e4147cfc0f3d05a6e7739b6bb82436ab7fb011dc3c05ff08448b76a11af21bc761432523f2cf338911904e710ca0ac078cf2d3474da","ssdeep":"","tlshash":"5151131ea564121215f7f228466f4304f0176737193b6902ba2e52d9ff3270e86b5efa","first_seen":"2024-06-30T09:51:57Z","last_seen":"2026-04-15T09:27:00.771537Z","times_seen":58,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-21","alert":"Sinkholed","trigger":"luckfusion.info","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-21","alert":"Sinkholed","trigger":"luckfusion.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/firebase/8.2.2/firebase-app.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://smdispsecure.com/s?a=16507\u0026sm=1163\u0026co=10603\u0026mt=7\u0026s2=8z10nrg3","date":"2025-11-21T12:55:34.120Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 20:49:06 GMT","end":"Fri, 13 Feb 2026 21:49:04 GMT"},"fingerprint":{"sha1":"9A:71:C8:6F:E2:4B:9A:91:7D:C8:4A:1D:79:98:2F:97:C1:85:D8:79","sha256":"4E:C5:BB:7A:81:A0:D9:00:73:8D:D5:57:59:3D:A0:C3:D3:BE:62:18:4E:6F:6D:98:DA:F0:90:94:5E:E0:0B:63"}}},"request":{"raw":"GET /ajax/libs/firebase/8.2.2/firebase-app.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://smdispsecure.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 21 Nov 2025 12:55:34 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 5762\r\ncf-ray: 9a2057964f5b56ca-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5ff7ae08-4d44\"\r\nlast-modified: Fri, 08 Jan 2021 00:57:44 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1218283\r\nexpires: Wed, 11 Nov 2026 12:55:34 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=RFDobhWyt%2BQ2Sy4J%2FlcA2CNQtlmBO8nHfrw0%2FRWYu1WCRU%2F6HVWQ0PuoWHvFMbdhm8KM2thJ66VC6M1I3kSR%2FHIg25%2FFIY1wZWaklGw%2FNyeckxVyPzhNSinU3rZF3voO%2FlaknXHS\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19780,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (19780), with no line terminators","md5":"5e2898beab1505a629bf1254fbdf9ed8","sha1":"f17ac22f600d694ae4341c4da46576e3fec0e6f4","sha256":"00d770fea1249b4be3f55a037a9edd20c1fe55bda8ab1e4b6251e56cd74cd05b","sha512":"f4897b323c78eab01815bbdb302ebf286e8c43a0faa2bbeb4504d7329e0a68ebd6a832e71e3d1f4358d5b77937faf77e3411027c0e2d9b812011f88643ee6ca1","ssdeep":"384:mcaM4MIyXfihMRfF0Fg0ABMsVaAkdB2NAXtICZDzU:EM4MIyqqRfF2DKUYYICZDzU","tlshash":"da92d7ccf7e2b062539350b8443f310ba33e2558984c80a8b659e5e66df690f616ff79","first_seen":"2024-08-13T13:55:42Z","last_seen":"2026-04-15T19:40:49.637963Z","times_seen":3439,"resource_available":true,"data":null}},"time_used":48,"timings":{"blocked":9,"dns":1,"connect":1,"send":0,"wait":18,"receive":1,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-5R6C28C","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://smdispsecure.com/s?a=16507\u0026sm=1163\u0026co=10603\u0026mt=7\u0026s2=8z10nrg3","date":"2025-11-21T12:55:35.906Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:33:43 GMT","end":"Mon, 19 Jan 2026 08:33:42 GMT"},"fingerprint":{"sha1":"4E:9E:D1:61:E4:7D:C2:8A:B6:AD:D2:31:C7:07:01:E4:DB:A0:A7:A9","sha256":"C5:DD:D4:CA:97:B7:B5:8C:B4:99:E8:56:30:AC:1B:F0:FD:7C:5A:FD:19:ED:13:D0:27:D6:0B:76:C7:C7:A0:66"}}},"request":{"raw":"GET /gtm.js?id=GTM-5R6C28C HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://smdispsecure.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Fri, 21 Nov 2025 12:55:35 GMT\r\nexpires: Fri, 21 Nov 2025 12:55:35 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Fri, 21 Nov 2025 12:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 106107\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":312832,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (7429)","md5":"3006ee60e18f60342d22011509e58f16","sha1":"1f3e7c544ba22850474075a2cdd0cd70d623c2e1","sha256":"04088dfbaedeb718c7b425dcdfa0c303392414770dde2f5ae9338ceed4ff8b77","sha512":"532a18e9f6cfcd392747a71530e52a2f5a30050e38d6eb578eaa10b788954219778996bc58187f925316cae325744e7b27d7e7ed49bbc00a0d64be0cfddd1de6","ssdeep":"3072:yZw+Y05vkzUrnMo0ulFe1dRGeefSJQWfQXr2XdArNbE0fcVWo6O7nGQuO7yH2fn:FBULt+eUI2X6u0UVWo6O7GQuO7yWfn","tlshash":"386419cd73da742683a3a474403f018bb17b7892e84cd895f186d8d52e70aaa4277f7d","first_seen":"2025-11-21T12:56:00.878002Z","last_seen":"2025-11-21T12:56:00.878002Z","times_seen":1,"resource_available":true,"data":null}},"time_used":86,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":54,"receive":32,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.dt-assets.com/prod/push-subscriber-v2.js","fqdn":"cdn.dt-assets.com","domain":"dt-assets.com","tld":"com"},"ip":{"addr":"23.36.76.123","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://smdispsecure.com/s?a=16507\u0026sm=1163\u0026co=10603\u0026mt=7\u0026s2=8z10nrg3","date":"2025-11-21T12:55:34.124Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.smrt-content.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Oct 2025 06:39:41 GMT","end":"Thu, 01 Jan 2026 06:39:40 GMT"},"fingerprint":{"sha1":"D6:06:35:3F:8C:E6:C7:30:72:AF:48:FC:9C:EA:11:CB:2B:0C:2B:72","sha256":"70:AC:9E:04:8C:F6:A7:72:14:4B:52:13:C2:90:B1:13:23:0D:6D:97:7F:B1:24:54:FE:D5:06:E0:20:DF:A7:7D"}}},"request":{"raw":"GET /prod/push-subscriber-v2.js HTTP/1.1\r\nHost: cdn.dt-assets.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://smdispsecure.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: text/javascript\r\nx-amz-replication-status: COMPLETED\r\nLast-Modified: Wed, 16 Jul 2025 07:26:19 GMT\r\nETag: \"cdb8dd9234c060092c4928f914cc211a\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-meta-s3cmd-attrs: atime:1752650764/ctime:1752650763/gid:20/gname:staff/md5:cdb8dd9234c060092c4928f914cc211a/mode:33188/mtime:1752650718/uid:502/uname:nimspy\r\nx-amz-version-id: tKEIZPjrhLALmeOC1bHdEXuPpoz9SHGv\r\nAccept-Ranges: bytes\r\nServer: AmazonS3\r\nX-Amz-Cf-Pop: JFK52-P3\r\nX-Amz-Cf-Id: 1jjbA5X9jNDZBLacWg59hW22Cdmq-amUQTlRsO4d2jgCYfXR0r-I0g==\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nDate: Fri, 21 Nov 2025 12:55:34 GMT\r\nContent-Length: 5301\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":21749,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1167)","md5":"cdb8dd9234c060092c4928f914cc211a","sha1":"f9f6367035056c68fb59765aeb200d23d46bf071","sha256":"71cd1fa0043157bba2b01da8e108e3aa590b887824ebf7e96f5a4bea0ffd4697","sha512":"8ad9ee2ef647acfb1894474a1e08315a07af354a90c18b1a78e9c5db6024033e129cc6a320f872d69f96d9c3b6543a4d935247ebbe5156ca9206984e4e3b6361","ssdeep":"384:U+F+Gou1cKhgA9VQn8dXf8YhxgukUj1vXXGDkfmd+VEZo:Uy+GoFKHVQmNhxgq1vXXGDkf1n","tlshash":"f9a2860e2de3607a55a7702e9f9fa414353394031508cd20becc57a4af69d3d66afbe8","first_seen":"2025-07-16T23:54:04.821163Z","last_seen":"2026-04-15T09:27:00.774884Z","times_seen":248,"resource_available":true,"data":null}},"time_used":222,"timings":{"blocked":-1,"dns":52,"connect":19,"send":0,"wait":119,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-21","alert":"Sinkholed","trigger":"cdn.dt-assets.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.dt-assets.com/assets/1387/js/backoffer.js","fqdn":"cdn.dt-assets.com","domain":"dt-assets.com","tld":"com"},"ip":{"addr":"23.36.76.123","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://smdispsecure.com/s?a=16507\u0026sm=1163\u0026co=10603\u0026mt=7\u0026s2=8z10nrg3","date":"2025-11-21T12:55:34.119Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.smrt-content.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Oct 2025 06:39:41 GMT","end":"Thu, 01 Jan 2026 06:39:40 GMT"},"fingerprint":{"sha1":"D6:06:35:3F:8C:E6:C7:30:72:AF:48:FC:9C:EA:11:CB:2B:0C:2B:72","sha256":"70:AC:9E:04:8C:F6:A7:72:14:4B:52:13:C2:90:B1:13:23:0D:6D:97:7F:B1:24:54:FE:D5:06:E0:20:DF:A7:7D"}}},"request":{"raw":"GET /assets/1387/js/backoffer.js HTTP/1.1\r\nHost: cdn.dt-assets.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://smdispsecure.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: text/javascript\r\nContent-Length: 660\r\nLast-Modified: Thu, 06 May 2021 12:38:04 GMT\r\nETag: \"e7e1dc07852a36f89e4be03aa3787316\"\r\nAccept-Ranges: bytes\r\nServer: AmazonS3\r\nX-Amz-Cf-Pop: JFK51-C1\r\nX-Amz-Cf-Id: Ct4gwLcTloBEVOXNAkPHVE_nt09klAc2VQmBXL2NgHnXp5GYhbW-rA==\r\nDate: Fri, 21 Nov 2025 12:55:34 GMT\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":660,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"e7e1dc07852a36f89e4be03aa3787316","sha1":"0dc3f8e7eb943af093cf8f4600fcf0e421891025","sha256":"33b8a5c4f883a3a775162d3c5287fe94bc4b22a86fe8b52fcb5aa615d2ffe388","sha512":"bdc3b3b78e10cd9afb54e3cd7e29c3849be0a581714845a8a79a8f1a5ede467c215a1a2f95af5f712f17bd37404882af503fc2f2b61e88ac356ff61f058ac49f","ssdeep":"","tlshash":"e901968f7b181c7955f2d4665b7e5228ed7b009b05039f007dec84401f31989a69add5","first_seen":"2023-03-07T01:02:22Z","last_seen":"2026-04-15T09:27:00.777419Z","times_seen":1082,"resource_available":true,"data":null}},"time_used":313,"timings":{"blocked":89,"dns":63,"connect":1,"send":0,"wait":123,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-21","alert":"Sinkholed","trigger":"cdn.dt-assets.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.dt-assets.com/prod/push-lang-config.js","fqdn":"cdn.dt-assets.com","domain":"dt-assets.com","tld":"com"},"ip":{"addr":"23.36.76.123","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://smdispsecure.com/s?a=16507\u0026sm=1163\u0026co=10603\u0026mt=7\u0026s2=8z10nrg3","date":"2025-11-21T12:55:34.123Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.smrt-content.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Oct 2025 06:39:41 GMT","end":"Thu, 01 Jan 2026 06:39:40 GMT"},"fingerprint":{"sha1":"D6:06:35:3F:8C:E6:C7:30:72:AF:48:FC:9C:EA:11:CB:2B:0C:2B:72","sha256":"70:AC:9E:04:8C:F6:A7:72:14:4B:52:13:C2:90:B1:13:23:0D:6D:97:7F:B1:24:54:FE:D5:06:E0:20:DF:A7:7D"}}},"request":{"raw":"GET /prod/push-lang-config.js HTTP/1.1\r\nHost: cdn.dt-assets.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://smdispsecure.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nLast-Modified: Tue, 15 Feb 2022 10:45:43 GMT\r\nETag: \"7152525f63649929a736f6efb78b58a5\"\r\nx-amz-meta-s3cmd-attrs: atime:1644921890/ctime:1644921887/gid:20/gname:staff/md5:7152525f63649929a736f6efb78b58a5/mode:33188/mtime:1644921887/uid:501/uname:nimspy\r\nAccept-Ranges: bytes\r\nServer: AmazonS3\r\nX-Amz-Cf-Pop: EWR53-C1\r\nX-Amz-Cf-Id: PlzHg_kpLQKC63Gp9E61K1OBX5ibTIl975NYZyc2dmovD1t05XIN0Q==\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nDate: Fri, 21 Nov 2025 12:55:34 GMT\r\nContent-Length: 2366\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":7853,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (7658), with no line terminators","md5":"7152525f63649929a736f6efb78b58a5","sha1":"5bf8138b39eaeebdf4681ad31fac3a02075e36ad","sha256":"f1f5518e39341d6f4189be101a85c496add2a43b569a809bd3193d52f3e61de1","sha512":"0a7eda2735e297e729386b7d44558035f27abfb99163570d692f2996cdbe975c8da7ca7a2ad35851e14cde7c13bfaecf9c97720c8d8f8fccb9d8475d2c4b6bad","ssdeep":"192:Wjq9DPq7e3RIcPdf1Wfjejq9DP4Ojq9DPWWfPCfFdC7elUZqwutgiZn9DPmT:5Lb3V18BL4RLVPED9LS","tlshash":"7ef145bfe50186ff1e820749642753aee24f9bccf550e2a0378edd3a25bd0194135798","first_seen":"2023-03-07T01:02:22Z","last_seen":"2026-04-15T09:27:00.798971Z","times_seen":1072,"resource_available":true,"data":null}},"time_used":343,"timings":{"blocked":98,"dns":61,"connect":1,"send":0,"wait":133,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-21","alert":"Sinkholed","trigger":"cdn.dt-assets.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ipinfo.io/json?callback=jQuery37105775528462568728_1763729734236\u0026_=1763729734237","fqdn":"ipinfo.io","domain":"ipinfo.io","tld":"io"},"ip":{"addr":"34.117.59.81","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://smdispsecure.com/s?a=16507\u0026sm=1163\u0026co=10603\u0026mt=7\u0026s2=8z10nrg3","date":"2025-11-21T12:55:35.607Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipinfo.io","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 04 Nov 2025 20:29:41 GMT","end":"Mon, 02 Feb 2026 20:29:40 GMT"},"fingerprint":{"sha1":"B3:74:BE:7D:0D:B0:DC:28:D7:31:69:D0:4F:3C:BD:A7:30:1B:19:0F","sha256":"07:FA:17:68:0A:9F:AD:4C:D9:D3:6A:8B:6B:22:8A:59:5C:75:10:22:67:16:D3:31:95:4C:03:FF:9C:D9:5C:0D"}}},"request":{"raw":"GET /json?callback=jQuery37105775528462568728_1763729734236\u0026_=1763729734237 HTTP/1.1\r\nHost: ipinfo.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://smdispsecure.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncontent-type: text/javascript; charset=utf-8\r\ncontent-encoding: gzip\r\ndate: Fri, 21 Nov 2025 12:55:35 GMT\r\nvary: accept-encoding\r\nvia: 1.1 google\r\nstrict-transport-security: max-age=2592000; includeSubDomains\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":672,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (391)","md5":"fb92ac765e205bce0660f7d2c95af7ae","sha1":"633d736867bd6467d04d6ed0d86ea43e3cf5e436","sha256":"0445ffb12cea7db73397b400d5c80ec3a542b05531d849a42a7472fb3e54d081","sha512":"d1f78d96a22ba705fc3b3b359d8baf287947e91bc8d268a77ca09197a55de73c7700c01bd96fedcb570c4029ed38c0bc12775640d062379ec420746af1426ea5","ssdeep":"","tlshash":"da01706720382f37a9bd4648440bda0a236d3a2b4145a5964ea25f1c14446b770a126e","first_seen":"2025-11-21T12:56:00.883235Z","last_seen":"2025-11-21T12:56:00.883235Z","times_seen":1,"resource_available":true,"data":null}},"time_used":303,"timings":{"blocked":71,"dns":4,"connect":27,"send":0,"wait":160,"receive":0,"ssl":37},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"luckfusion.info/lib/ajax/lp_engage.php?c=4vz18rirz4uz0\u0026k=ac5e6cdfaf6ecf1ef5d0a25e53e6cd5e\u0026t=0.4329776594602738","fqdn":"luckfusion.info","domain":"luckfusion.info","tld":"info"},"ip":{"addr":"172.67.149.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://luckfusion.info/bonus/com-eu-1-9831/ru-global-bb.php?c=4vz18rirz4uz0\u0026k=ac5e6cdfaf6ecf1ef5d0a25e53e6cd5e\u0026country_code=KZ\u0026carrier=-\u0026country_name=Kazakhstan\u0026region=North%20Kazakhstan\u0026city=Petropavlovsk\u0026isp=LLP%20Asket\u0026lang=ru\u0026os=Android\u0026osv=10.\u0026browser=Chrome\u0026browserv=142\u0026brand=unknown\u0026model=unknown\u0026marketing_name=K\u0026tablet=2\u0026rheight=0\u0026rwidth=0\u0026e=5","date":"2025-11-21T12:55:36.159Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"luckfusion.info","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 12 Oct 2025 14:08:28 GMT","end":"Sat, 10 Jan 2026 15:07:11 GMT"},"fingerprint":{"sha1":"53:35:FF:86:9B:4D:95:37:33:B4:D5:E4:08:A7:1D:3C:27:00:46:A0","sha256":"BB:2C:A8:2D:51:6E:5B:80:65:9F:EB:3E:01:E2:24:C8:FA:2B:C5:BF:CD:5F:CD:6F:21:1D:CF:70:31:4C:C8:0A"}}},"request":{"raw":"GET /lib/ajax/lp_engage.php?c=4vz18rirz4uz0\u0026k=ac5e6cdfaf6ecf1ef5d0a25e53e6cd5e\u0026t=0.4329776594602738 HTTP/1.1\r\nHost: luckfusion.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://luckfusion.info/bonus/com-eu-1-9831/ru-lp2.php?c=4vz18rirz4uz0\u0026k=ac5e6cdfaf6ecf1ef5d0a25e53e6cd5e\u0026country_code=KZ\u0026carrier=-\u0026country_name=Kazakhstan\u0026region=North%20Kazakhstan\u0026city=Petropavlovsk\u0026isp=LLP%20Asket\u0026lang=ru\u0026os=Android\u0026osv=10.\u0026browser=Chrome\u0026browserv=142\u0026brand=unknown\u0026model=unknown\u0026marketing_name=K\u0026tablet=2\u0026rheight=0\u0026rwidth=0\u0026e=5\r\nCookie: fc_t_8=1763729733_1763729733_1763729733_1763729733_1763729733; fc_n_8=1_1_1_1_1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 21 Nov 2025 12:55:36 GMT\r\ncontent-type: image/gif\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EpCY6GnW3UCsVI7xkTMs5gNrIioMGccSB62EWqZo%2FY4pdPxAIGBlX02c%2FAp5LzdiOCa2rkBit1egL7MJ%2Fm5Pg9LUi%2FCbVFJCn4RHOp4%3D\"}]}\r\ncf-ray: 9a2057a2fa6c5688-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ffce86e7c036f733c99e4aac1951d1f0","sha1":"9d27322a607424247d05b3aa22ed8a9bbf3977ca","sha256":"adc1673711c18a8770805224a7c110405cb60a6e933d56f47a7b36585fe37fcc","sha512":"9cec634b2248459ca2380cdea45af272eb6662a7703fc5586ef66ce482125f1bda5793aadf758999b85e52fea285187be6304cab4548fe00f1e4ee9ff22f8426","ssdeep":"","tlshash":"0a900403d540c104c141c0300c04d340574070704544470f70dc375ddc151d70c11000","first_seen":"2023-05-01T17:01:48Z","last_seen":"2026-04-15T09:27:00.761783Z","times_seen":138,"resource_available":false,"data":null}},"time_used":189,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":189,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-21","alert":"Sinkholed","trigger":"luckfusion.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-21","alert":"Sinkholed","trigger":"luckfusion.info","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-5R6C28C","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://smdispsecure.com/s?a=16507\u0026sm=1163\u0026co=10603\u0026mt=7\u0026s2=8z10nrg3","date":"2025-11-21T12:55:35.874Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:33:43 GMT","end":"Mon, 19 Jan 2026 08:33:42 GMT"},"fingerprint":{"sha1":"4E:9E:D1:61:E4:7D:C2:8A:B6:AD:D2:31:C7:07:01:E4:DB:A0:A7:A9","sha256":"C5:DD:D4:CA:97:B7:B5:8C:B4:99:E8:56:30:AC:1B:F0:FD:7C:5A:FD:19:ED:13:D0:27:D6:0B:76:C7:C7:A0:66"}}},"request":{"raw":"GET /gtm.js?id=GTM-5R6C28C HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://smdispsecure.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Fri, 21 Nov 2025 12:55:35 GMT\r\nexpires: Fri, 21 Nov 2025 12:55:35 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Fri, 21 Nov 2025 12:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 106107\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":312832,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (7429)","md5":"3006ee60e18f60342d22011509e58f16","sha1":"1f3e7c544ba22850474075a2cdd0cd70d623c2e1","sha256":"04088dfbaedeb718c7b425dcdfa0c303392414770dde2f5ae9338ceed4ff8b77","sha512":"532a18e9f6cfcd392747a71530e52a2f5a30050e38d6eb578eaa10b788954219778996bc58187f925316cae325744e7b27d7e7ed49bbc00a0d64be0cfddd1de6","ssdeep":"3072:yZw+Y05vkzUrnMo0ulFe1dRGeefSJQWfQXr2XdArNbE0fcVWo6O7nGQuO7yH2fn:FBULt+eUI2X6u0UVWo6O7GQuO7yWfn","tlshash":"386419cd73da742683a3a474403f018bb17b7892e84cd895f186d8d52e70aaa4277f7d","first_seen":"2025-11-21T12:56:00.878002Z","last_seen":"2025-11-21T12:56:00.878002Z","times_seen":1,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":55,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}