{"report_id":"e3029679-d471-4160-81d9-3029dd422c60","version":6,"status":"done","tags":[],"date":"2025-09-28T16:27:47Z","url":{"schema":"http","addr":"dadocric.st/","fqdn":"dadocric.st","domain":"dadocric.st","tld":"st"},"ip":{"addr":"172.67.187.188","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"dadocric.st/","fqdn":"dadocric.st","domain":"dadocric.st","tld":"st"},"title":"CricHD | Watch Live Cricket Streaming"},"submit":{"url":{"schema":"http","addr":"dadocric.st/","fqdn":"dadocric.st","domain":"dadocric.st","tld":"st"},"ip":{"addr":"172.67.187.188","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-02T16:27:47Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":9}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"dadocric.st","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"riskexcel.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"riskexcel.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"riskexcel.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"riskexcel.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"amt3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"gleecheeftoo.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"gleecheeftoo.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"gleecheeftoo.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null},"summary":[{"fqdn":"gleecheeftoo.net","ip":{"addr":"139.45.197.243","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2025-02-10","domain_rank":531523,"first_seen":"2025-03-15T15:38:27.766488Z","last_seen":"2025-09-25T22:59:36.103012Z","alert_count":3,"request_count":1,"received_data":3034,"sent_data":581,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"tzegilo.com","ip":{"addr":"104.21.11.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2022-01-14","domain_rank":18163,"first_seen":"2022-01-14T15:27:15Z","last_seen":"2025-09-22T00:37:39.284979Z","alert_count":0,"request_count":1,"received_data":18653,"sent_data":410,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"st.chatango.com","ip":{"addr":"208.93.230.28","port":443,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"domain_registered":"2004-05-23","domain_rank":442176,"first_seen":"2012-06-04T02:57:52Z","last_seen":"2025-09-25T20:27:59.764698Z","alert_count":0,"request_count":5,"received_data":792319,"sent_data":2404,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"bvtpk.com","ip":{"addr":"172.67.154.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-03-16","domain_rank":37068,"first_seen":"2025-05-21T11:34:02.786268Z","last_seen":"2025-09-23T14:20:40.270423Z","alert_count":0,"request_count":1,"received_data":111098,"sent_data":408,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"professionaltrafficmonitor.com","ip":{"addr":"3.73.105.217","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2025-01-23","domain_rank":16376,"first_seen":"2025-01-25T08:56:07.448138Z","last_seen":"2025-09-21T22:22:39.297989Z","alert_count":0,"request_count":1,"received_data":420,"sent_data":445,"comment":"","tags":null,"fingerprints":null},{"fqdn":"my.rtmark.net","ip":{"addr":"172.64.146.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-10-29","domain_rank":43911,"first_seen":"2015-02-04T09:54:57Z","last_seen":"2025-09-21T23:59:49.858604Z","alert_count":0,"request_count":1,"received_data":838,"sent_data":437,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"ust.chatango.com","ip":{"addr":"208.93.230.28","port":443,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"domain_registered":"2004-05-23","domain_rank":468722,"first_seen":"2012-12-10T16:31:50Z","last_seen":"2025-09-22T03:08:34.753237Z","alert_count":0,"request_count":10,"received_data":11764,"sent_data":4610,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"dadocric.st","ip":{"addr":"172.67.187.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-05-07","domain_rank":0,"first_seen":"2025-09-28T16:27:47.960453Z","last_seen":"2025-09-28T16:27:47.960453Z","alert_count":4,"request_count":4,"received_data":61164,"sent_data":1762,"comment":"","tags":null,"fingerprints":[{"name":"Chatango","description":"Chatango is a website used for connecting to a large selection of users.","website":"https://chatango.com","common_platform_enumeration":"","icon":"Chatango.png","categories":["Widgets"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"s63.chatango.com","ip":{"addr":"208.93.230.178","port":8081,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"domain_registered":"2004-05-23","domain_rank":5668038,"first_seen":"2014-02-09T06:27:13Z","last_seen":"2025-09-14T08:17:59.475946Z","alert_count":0,"request_count":1,"received_data":129,"sent_data":559,"comment":"","tags":null,"fingerprints":null},{"fqdn":"riskexcel.com","ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-05-13","domain_rank":1423241,"first_seen":"2024-05-17T02:25:09Z","last_seen":"2025-09-27T19:25:58.980132Z","alert_count":4,"request_count":1,"received_data":38466,"sent_data":440,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"gizokraijaw.net","ip":{"addr":"172.67.192.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-11-06","domain_rank":156158,"first_seen":"2024-11-27T06:54:34.804318Z","last_seen":"2025-09-23T23:32:15.355714Z","alert_count":0,"request_count":1,"received_data":168909,"sent_data":415,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"amt3.com","ip":{"addr":"139.45.195.9","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2004-03-18","domain_rank":8122,"first_seen":"2025-04-23T17:00:21.322227Z","last_seen":"2025-09-23T20:56:37.911128Z","alert_count":1,"request_count":1,"received_data":830,"sent_data":594,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"riskexcel.com/9dd12203842fdbb7ff56cfdbd2c7d020/invoke.js","fqdn":"riskexcel.com","domain":"riskexcel.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"fd6e33c100b2a01a9c1b5a4d679ed54c","sha1":"b8e34e4d63e6dcaf81906ff78060d046df0395b0","sha256":"664c1ab816ecac6b549d63be9178333d317a51a894c805d6a848ee8a820e351e","sha512":"f092c2c367fc73fd2882383d1c738caed03ddf54f9f3cb39a72cc5b564998f8cef4cbdff8a6a42c895469254797a7a6c8d546ced9cb20dcad7d4e9668a030b3a","ssdeep":"768:Pfho7kMPFiARuKBp3zCrPj0c2XVgciy3kjKNaQWFXnFKDy:PSuARtBRaj0cQVgc/nNLCnFKDy","tlshash":"ecf2e6c87f91f17407a76433222f954af56bcd05598ed048f43be4ac2d6c726e936a38","size":37627,"data":"","first_seen":"2025-09-28T16:27:53.0024Z","last_seen":"2025-09-28T16:27:53.0024Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"st.chatango.com/js/gz/emb.js","fqdn":"st.chatango.com","domain":"chatango.com","tld":"com"},"ip":{"addr":"208.93.230.24","port":443,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"bcfb7580b5bc06959ab6d3d8554a8a53","sha1":"227a8c031a118f0a0781cd59abb8d0f2408e7dad","sha256":"01b6769cd0a313d1af75d8a0e640cbd31aef88d6f38292ef7ee582ef58d4ada2","sha512":"52c91433039900c149b2d88b8124504ac950b8b20983425aa1ed235ea05796ce0b6c5a50b1999e60cd827a62da54ffb3d8408bbe2ab9c98be28e4262df03a674","ssdeep":"1536:HZ/fvf0QYlkQd39ZQ2xcGpXHYfkHoQ0MMgB6GLwl9Vevk:9f0QYJEkHoQP6IK9Vevk","tlshash":"306309c9734274a68262e0f6402f054b7236b469f54885bcb19cdce52d789a9237ff7c","size":69564,"data":"","first_seen":"2025-09-20T18:59:54.7661Z","last_seen":"2025-09-28T20:19:35.297877Z","times_seen":22,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"st.chatango.com/h5/gz/r0920251123/id.html","fqdn":"st.chatango.com","domain":"chatango.com","tld":"com"},"ip":{"addr":"208.93.230.28","port":443,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"19720c164d56f7e7dfe6748e376f868e","sha1":"0387db7b6a453b71114985d199838b7a3928c76b","sha256":"56e50d855741d508ab6465d3860ef0ad117ab967993b9111caeaec90f64e912b","sha512":"92c957c0af072acc16b029e12b727004dc62c1e88297a9710cb90584299c0158b9033b8d31a44e234488940489c8695dd372cdda93ed83b1dfd062542496a252","ssdeep":"","tlshash":"b07000080000802800228200002ab2a028220008200220020888800080a0800208ac02","size":19,"data":"","first_seen":"2023-03-07T01:18:54Z","last_seen":"2026-04-11T19:43:25.13497Z","times_seen":1947,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"st.chatango.com/h5/gz/r0920251123/id.html","fqdn":"st.chatango.com","domain":"chatango.com","tld":"com"},"ip":{"addr":"208.93.230.28","port":443,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"3243c0841916ec8412445cf28dc213e1","sha1":"e03e2b55026c2d5a48478b494038ac237a570356","sha256":"43809cbb40cf2c409373635a089746ebaf238092ec2dd2c0880e5ff57b729f99","sha512":"a0d730bbc3c90f7292f18725f4de9b9570dcd6ecfa9992120eab10a07bf7c5d40162892477221c2c1ce534912e5936b9733f9d1f26c0d5b3b2fcd6dec2b4c52a","ssdeep":"","tlshash":"e651d95cd27b48ab69253c6027249f1f8f84ccd3b742d05eaade0dcc305ea47b588931","size":2817,"data":"","first_seen":"2023-03-07T01:18:53Z","last_seen":"2026-04-11T19:43:25.102926Z","times_seen":1440,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google-analytics.com/analytics.js","fqdn":"www.google-analytics.com","domain":"google-analytics.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"f24128d0c9cba7be2916c693427a3483","sha1":"1b6397d496ea896ebc2018b01b995cee4f166029","sha256":"58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8","sha512":"c4950733b44e258bbc817ce6396f002caec1e11a6413fd0038c9baef2d5f1d992b1fd0ec52515aba52faedb52c28b996a7fc063f28a0f45f3aab5e2f91bf5be5","ssdeep":"96:A1VdZYqhPnjpWx4/eTe8qSMbqaQd6VL2Jyt9LdJoyayCVPVD5wdBfQPfCHiUr3:AXdZYqNjpU4yPqSMbqaQGL2QfdDayCZC","tlshash":"a6a1dc9939fb50210233b1bd1bafa918b23895236208dd61b98c9364bf94437d7f1fc9","size":4691,"data":"","first_seen":"2023-04-11T21:07:53Z","last_seen":"2026-04-12T13:55:36.608492Z","times_seen":786434,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"st.chatango.com/h5/gz/r0920251123/id.html","fqdn":"st.chatango.com","domain":"chatango.com","tld":"com"},"ip":{"addr":"208.93.230.28","port":443,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"bd95f6c0630caa0a874ffb96ab25b46d","sha1":"064c2e60fc3e9d89d339bf25409dbc711fa30161","sha256":"1c5724eca50b127136e5d351e0ee568130148ff242473a8bf36d8bed17f9a045","sha512":"92ef36073926b47e89896007240616539c9057ca62508f654127697bdf1d1f6bba5b44f136fc0c01a6875ca38a938e28991f2d2a00fd7024d1ea3c9ed692c197","ssdeep":"","tlshash":"3651bc3f1574213ae85824c7e875eacc6ea0306ae69388a8e58ddcddf21cd911973430","size":2533,"data":"","first_seen":"2025-09-20T18:59:54.769535Z","last_seen":"2025-09-28T20:19:35.235342Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"st.chatango.com/h5/gz/r0920251123/id.html","fqdn":"st.chatango.com","domain":"chatango.com","tld":"com"},"ip":{"addr":"208.93.230.28","port":443,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"73497a37c3561adbd8ce84e4f017b368","sha1":"9193ae73cb3dd2833be8c942714d5544bfb628c9","sha256":"9312a1adbbf0a4c05fc296d158ec3bd39acfe50e9e98ff02688139aad6fc3351","sha512":"b265a65f30fa9ffac3fb7ffca07326823466dcd67a238a47091a497c7f2b2d13e09603cbb8e85dce136efeb8bbb9d246e4894d6f672dededc47c88a1a85d9a5b","ssdeep":"","tlshash":"c150000003000003030c0000c000000000000003000030c000c0000000000000000000","size":9,"data":"","first_seen":"2023-03-07T01:03:23Z","last_seen":"2026-04-12T12:15:59.921403Z","times_seen":5366,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dadocric.st/","fqdn":"dadocric.st","domain":"dadocric.st","tld":"st"},"ip":{"addr":"172.67.187.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"7172e5e187b57ca1bcd552aa56959db6","sha1":"f8d4f3f28963e79a5abb8e807fa4440fe67586be","sha256":"a6aa17e41a887e605543414a6c262c355133fec75691dca2abd6b8d9c6668cb2","sha512":"e1e97b19a493a857630fdbfaa49b35ac9ae8a4652c1de0464fe4f792e62cea26923db24d1e1ec09d8738fa60a95b2a125840411a5374d448546e12b3483a8c6b","ssdeep":"","tlshash":"36c09be9c118f68441d1cc183d7cd551d2108d517669045f37e4543e459455784d17ed","size":140,"data":"","first_seen":"2024-07-06T18:50:33Z","last_seen":"2025-11-16T06:39:24.038333Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"st.chatango.com/h5/gz/r0920251123/id.html","fqdn":"st.chatango.com","domain":"chatango.com","tld":"com"},"ip":{"addr":"208.93.230.28","port":443,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"441a378db25abb5c4db8560de9b87189","sha1":"4801220a00826fb7fb65f2753204881f393e69dd","sha256":"25ebf35db1f4166c31ae3ed946d1c1d436c4d5bbc9e1cdb791d4c892773e7dfe","sha512":"c65e50b9e12b349a60894fc1eedf1b2ca55ced6365cace11675fb8ac52334f577ea691a03776896d99c91832b071870df22b7dce036a89854ed32b9c4d858ec5","ssdeep":"","tlshash":"64a002a9021bd761860204d993447751640c5653936decb778cf2b3c4f40520724a0c5","size":68,"data":"","first_seen":"2023-03-07T01:18:54Z","last_seen":"2026-04-11T19:43:25.103625Z","times_seen":1435,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"st.chatango.com/h5/gz/r0920251123/id.html","fqdn":"st.chatango.com","domain":"chatango.com","tld":"com"},"ip":{"addr":"208.93.230.28","port":443,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"51c06619951fa550760ad54048fa0b98","sha1":"18b18a23e8454584c8468b20608774f3678a5894","sha256":"976e8dfa76f94c12aa882439baebef91bfaf8e6b5940a03f135722a234d119c7","sha512":"834f9973270018b2a16f3979c9d37664b8394744722c13028580f718a486ce6120b33a6dc32e0db20edc4248bd63d4cf677c0ba602a344dd6fe945971bfdc3e8","ssdeep":"","tlshash":"516000033cf0033c00000000cf00000000000003000c0c0c000c3c0000000f00c0003c","size":13,"data":"","first_seen":"2023-03-07T01:29:22Z","last_seen":"2026-04-11T19:43:25.120409Z","times_seen":847,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gizokraijaw.net/401/9283842","fqdn":"gizokraijaw.net","domain":"gizokraijaw.net","tld":"net"},"ip":{"addr":"172.67.192.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"313ed9241e5235962e74fd8caec4f2c2","sha1":"7dda0fe5e1847960b063ccf1e38a20ef64d079aa","sha256":"bc3037e9126699808f781f35a65fd377f54a7363c3a8922928894ac08dd514eb","sha512":"27e7a57287bdf79baa77b989eb3fa5b50055672a3cedf5679134b32194c318104421ce2a41d71945d3ed1918115bb0252b4d0b26297b55c620dd460c854f7f8b","ssdeep":"3072:vw+08/+ugr0a9bQee57WSSybf0AEq7WYV9u5OVny6/PKSWxyScqe//kAoUBEMY:vwfjWCybdh7b9u5OVy6/PKSWx6m7tMY","tlshash":"c1f3fcc9768174562a63b030522fad5fb92b8e20585f8d04e166f0e93e3945ee353efc","size":168022,"data":"","first_seen":"2025-09-26T23:04:00.881219Z","last_seen":"2025-09-28T22:15:47.028712Z","times_seen":20,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dadocric.st/","fqdn":"dadocric.st","domain":"dadocric.st","tld":"st"},"ip":{"addr":"172.67.187.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"054e5a09a812099812db5ca940cd57b7","sha1":"149f352f2560900c41c3821fcf8e98401b76d30f","sha256":"b2ac197478e8ba1e0e4c158ebbddfda13b4b493d8de80f5ecbafea560a874457","sha512":"e1cbcf1b3ae4b01c413c7a6a7f0308d5740a1c0cf505d040f499af8b8432a5b6062424ea45d1c154bb630fb4ce669556abcc086f7670b90dd67a508a08252313","ssdeep":"","tlshash":"14c02be1c444f65a80f3cd041c3cf040c3018c503c2c402b32d0183901a0501a0d3b6c","size":139,"data":"","first_seen":"2025-08-06T10:33:40.38485Z","last_seen":"2025-09-28T16:27:53.01454Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"st.chatango.com/h5/gz/r0920251123/id.html","fqdn":"st.chatango.com","domain":"chatango.com","tld":"com"},"ip":{"addr":"208.93.230.28","port":443,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"a10f4072165143879fb47d4d88bad1e7","sha1":"ae2b02d364fb07021ab2a9b78f25cde49bea448c","sha256":"939bdf4c9c08a4ec8b6965423b6bba7db7ac23a28fcc6c0d48c575118457199a","sha512":"bdbb182edb401c3b6a22c2cc45bb4cf68da15909edea9cca0012cfa36e5a30d18a0a601cf44c205c53fa4562541f94e35550cb99e47ea574a2d8a3d1e70855a2","ssdeep":"768:blJ2Z0x7RdbE8LeJC4+9CZafnlJSSwtsNrORplaxbDm8fW9r86X4hKS8FhpCX5Ol:7BDSQP9CQPAt+CR6hON+h6QXux","tlshash":"af83e8d9766630568262e4f4907f040b627b79aaf4448abc708cecd96d74c6c127bfbc","size":86528,"data":"","first_seen":"2025-09-20T18:59:54.784417Z","last_seen":"2025-09-28T20:19:35.320385Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"st.chatango.com/h5/gz/r0920251123/id.html","fqdn":"st.chatango.com","domain":"chatango.com","tld":"com"},"ip":{"addr":"208.93.230.28","port":443,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"27543eb3d80d69bdb014f5a3b4f19963","sha1":"7f8b4b6cdde77f63c0df6676c19a11c480ac90aa","sha256":"9d7bf2516c34273d8809fae0fecf01119b54be83feaf0759fed7116f6d36406b","sha512":"25711f8c535d94df7baeb284847d78c637b6f5c02538e627d35eb07544a055d6c700458853ec9d3d9244b4b35462eab3822901ad02b70326776e4ce97859a5a5","ssdeep":"384:l/YCCywYyufacPsKZOyNxMF0QIZP5qxP5qvCfZdi1jN:N9facPsKZ5xWQHeCtN","tlshash":"3192085bb2623167e262f0f4047f411a1637a549a89582ac349eede45ebdc2c3377f38","size":21140,"data":"","first_seen":"2025-09-20T18:59:54.733769Z","last_seen":"2026-04-05T10:10:49.538656Z","times_seen":222,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"st.chatango.com/h5/gz/r0920251123/id.html","fqdn":"st.chatango.com","domain":"chatango.com","tld":"com"},"ip":{"addr":"208.93.230.28","port":443,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"bb9c0061caf7213d3fbf7447e79842d6","sha1":"c5ede6768b894687859c626320ef15bfc53bb61b","sha256":"9477f48617ea6f08ccdfafc32bcc1e7a92aac876fddb8c2d338493ee88d180a8","sha512":"52d64e60e4660736ffdaaba2611ef20f28286aa693d42fde485576f50f921d43f28393dcb7bb51bd93129dbe6b5177080289a2d6a8567d2166b9e4d615cecffa","ssdeep":"6144:byFstbyL36x6+RVoPc8TKkAyRi/Qel15rJhzrcJ3aPVHjCQFr74GzKRfY7Jtobv:bu6x6+odT8yRiNiGFr74GQY/6v","tlshash":"4da4e79db7623365d1a3e2f4406b2165723b519caa045a6cb24dcdf4fd3482c227bfb8","size":470865,"data":"","first_seen":"2025-09-20T18:59:54.792294Z","last_seen":"2025-09-28T20:19:35.330935Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dadocric.st/","fqdn":"dadocric.st","domain":"dadocric.st","tld":"st"},"ip":{"addr":"172.67.187.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"b2bd2d88dd2cfbe4a95f58546eccbda9","sha1":"052768249731c197449c1a9c803a9761c4e2ce4c","sha256":"13afc51dfa936124f39bd07375820340c9fe017586c8109f084741f5ee4f3abe","sha512":"a90b1b1c022177415d7e937799f9ae970f77c5303be936376847c31ed670bd3050fb5b40ff0afdd52ac2e07d5d3e83b63d444c5ab46a4745886b2d5daabc1d3f","ssdeep":"","tlshash":"aac08c96b0622027409f2ce033878c5c3628ca0fa04480033a4cc7094f3356008f31fc","size":174,"data":"","first_seen":"2025-09-28T16:27:53.016749Z","last_seen":"2025-09-28T16:27:53.016749Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dadocric.st/","fqdn":"dadocric.st","domain":"dadocric.st","tld":"st"},"ip":{"addr":"172.67.187.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"7ac1d1e83db116f87dbf0b197a7ee587","sha1":"268f730e2c189cc70847f3c1661d9d3aa5d62a02","sha256":"5da9ca8929b080bd0f9205d112f4e2f47cbfd867c15f248070f6dc901640449f","sha512":"1641fd5c8d0d585fc62bac951be2c7988560f1e80d80b05874c171b616b6bf35f3d82eaf2c27c6423963b04a3ee9982ade918ddc635b10bb7a7ad11d0583ea63","ssdeep":"","tlshash":"d231d3f765234c890d9e80e9232f741dd7ce821fccdecc917a8da2908f721435619ab0","size":1560,"data":"","first_seen":"2025-09-28T16:27:53.017657Z","last_seen":"2025-09-28T16:27:53.017657Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dadocric.st/","fqdn":"dadocric.st","domain":"dadocric.st","tld":"st"},"ip":{"addr":"172.67.187.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"e0b9fe7857cc0afffef8d4b41d718482","sha1":"eb5d202451c8105898f4659cbbb8456ddd7e80fc","sha256":"26589d0b46137ae0b1188626b2bdfab1a30f0dec3ca5d76c4b665dd278f4a639","sha512":"240881340465d3efdd7369ed1a113a62a8326f41708d6d54d58c5851e4096a52c29796d2022c7a20bac3c00b056f44926ef9c416e2a8dccb568dd54299204523","ssdeep":"","tlshash":"ecd0c2745bea4a72483bf12f0b4d7642367360a32106ad10fa6f8d40ff4482086e97c1","size":284,"data":"","first_seen":"2025-07-14T09:58:30.523603Z","last_seen":"2025-09-28T16:27:53.018841Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dadocric.st/sandbox%20eval%20code","fqdn":"dadocric.st","domain":"dadocric.st","tld":"st"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"","is_inline":false,"md5":"92b651082ce234f66bb544e678befda3","sha1":"14c21c55ddce43b6f677caadf51d4ab98c6a3df8","sha256":"25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded","sha512":"b4fcbc037e0a3d91db2a624921e96b878e9e18dd998ad5649d77d7d053faf28b09c8725a0542aef702310bf85f3037b70985c274db8acabd021efb171d41f361","ssdeep":"","tlshash":"34c08ca3e74026ae2a1166b2b810e003a2866b015aa78402b00a003b1441fe21aaa1a8","size":147,"data":"","first_seen":"2023-04-11T21:07:53Z","last_seen":"2026-04-12T13:55:36.614106Z","times_seen":788002,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"st.chatango.com/h5/gz/r0920251123/id.html","fqdn":"st.chatango.com","domain":"chatango.com","tld":"com"},"ip":{"addr":"208.93.230.28","port":443,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"7e842f797e1d4178e78e703e0019d86f","sha1":"402a738f5a830a221c7b8d4cbc8f92cd3a2fb474","sha256":"4665a16dfa73267424f403df3bd5533096cd9abb82f96ce5fa8857179147a432","sha512":"c2abfb2fe8fb5fd56c92280c431698316fe4e47bc08c719cbd7ee2c0096a89c95c85b7565a0a469cdebd791eb0866ded22610935c9dad0fd15dbdfcb3c66d374","ssdeep":"1536:7KGFkt+5Y3PtG1WZ31Km0xi/GSqKU8jsYF/u2xPb/vsGBI7S5iE:ZQPtGYdr0xQGSqKU8jsq/u2xPbz","tlshash":"a783f65ff220346a91a3f0f8512f124a5637a55a9981833c399cdce55eb8c1d33bbb78","size":81482,"data":"","first_seen":"2025-09-20T18:59:54.809237Z","last_seen":"2025-09-28T20:19:35.34118Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"st.chatango.com/h5/gz/r0920251123/id.html","fqdn":"st.chatango.com","domain":"chatango.com","tld":"com"},"ip":{"addr":"208.93.230.28","port":443,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"ff7740eb4626a42bc3c5931080184792","sha1":"8eae299530fe6b2aa2f48d3af8e7c2566e10cd81","sha256":"6b8a3c1db7301e1456b3e8324242f1d31b27dda2e945211bec25519eef3181ca","sha512":"ec96a8f9d9153f3cad9e8e286476bd8fd913e1382433cd9f9d1be6c821bf30f92cb53f70ba79b59e027f4bc8cc71a8f9e49d320626be8edcd69cc36969bec075","ssdeep":"","tlshash":"56f09e4a352754824563d5ef27f38208acb2670b2440d5727b1c86981f404dd04975fc","size":500,"data":"","first_seen":"2023-03-07T01:18:54Z","last_seen":"2026-04-11T19:43:25.137776Z","times_seen":1402,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bvtpk.com/tag.min.js","fqdn":"bvtpk.com","domain":"bvtpk.com","tld":"com"},"ip":{"addr":"172.67.154.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"df59b89d2b10e781595a9bbb06b5fb1a","sha1":"7cba199aa8cc8b54628df40893b70ae37406097f","sha256":"1470685003608bc3294b12dab4323c2a1168b0dd52fbb1ac58db5e3a96beaca4","sha512":"61acf5be86e8a01ec47c278227bbfad14bf286481ba4823387fc7162b2904c07518b009e4907c20d44327f64ba2bbc8384826842e54e6955d15ee692232ad3a2","ssdeep":"1536:KORV5n7I9pN5MSlR8L6Ru5HjQdXog6wTEDtr0r0:KORVd4nWqvXoRGEhr0r0","tlshash":"25b30a9c625734711d7a9129785fc44daeeaef80048e89e4d0daac732653071d3bbfe8","size":109903,"data":"","first_seen":"2025-09-25T11:02:30.329168Z","last_seen":"2026-01-02T20:38:25.96051Z","times_seen":81,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dadocric.st/","fqdn":"dadocric.st","domain":"dadocric.st","tld":"st"},"ip":{"addr":"172.67.187.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"a84a1a2c0faa7cea475bd51bf0c9a1c4","sha1":"a9ec8e4ad6deee286e53a110bd4cf946413635c4","sha256":"42742c21ab3226e8d0e0c8ef76933733e1b3bc4573a3b1e4e45f863d49afbdc1","sha512":"4b3ca633868bbf3f140d5cfe73e39079eb041182960bd33db7d757208e89ff07dcebdcc2141b09e2c4b3baf973562295d9317c2e0490518e4a4a7f06fa670d33","ssdeep":"","tlshash":"97e0ab2998e70a384cfa3a441034ca3934f838a0aaa3d017525cc82cce39fc60c41aec","size":424,"data":"","first_seen":"2025-07-14T09:58:30.529119Z","last_seen":"2025-09-28T16:27:53.021029Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tzegilo.com/stattag.js","fqdn":"tzegilo.com","domain":"tzegilo.com","tld":"com"},"ip":{"addr":"104.21.11.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"01227f5edc20e0ff4ed643b27cb8bb68","sha1":"d71a88f7341f2b1bdaa7deb9a66888607bd52598","sha256":"75c91d86601e23ab56d872b31b42660f893fc6d6b0785e085c06c2c038e98fb2","sha512":"88046b07c07ff6de47ef7d1e0d7ca281fc48e91fc6a292cdf611457b96ac92bb0068971cfd55c0cc3e6179d7335e77a6a14b15fa502bbae7b2233546da6c0f98","ssdeep":"384:WDWdyJ+TJTwWV+6RUL2qq8L6jW4+QL1zWAWvVRIDiei:7so1V+g+d+j4pJ5","tlshash":"8d82094a72d525ee82a3a1d10cef612ffb664e86a97e1785e381b49c187404ec3d7f90","size":17879,"data":"","first_seen":"2024-07-11T16:28:55Z","last_seen":"2026-04-12T13:58:29.206349Z","times_seen":6458,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"st.chatango.com/h5/gz/r0920251123/id.html","fqdn":"st.chatango.com","domain":"chatango.com","tld":"com"},"ip":{"addr":"208.93.230.28","port":443,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://dadocric.st/","date":"2025-09-28T16:27:40.841Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.chatango.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 15 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:69:E1:D0:F3:D1:74:D0:DA:D5:22:F8:D3:1E:06:08:AD:10:C4:11","sha256":"09:28:F7:57:15:FC:10:13:9B:36:F1:1C:C5:1D:EE:8C:45:0E:F5:7B:37:E3:7C:84:D3:8B:89:EE:9E:19:0E:20"}}},"request":{"raw":"GET /h5/gz/r0920251123/id.html HTTP/1.1\r\nHost: st.chatango.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dadocric.st/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 28 Sep 2025 16:27:42 GMT\r\nContent-Type: text/html\r\nContent-Length: 224045\r\nLast-Modified: Sat, 20 Sep 2025 18:27:21 GMT\r\nConnection: keep-alive\r\nExpires: Mon, 28 Sep 2026 16:27:42 GMT\r\nCache-Control: max-age=31536000\r\nContent-Encoding: gzip\r\nP3P: CP=\"Chatango does not have a P3P policy. Please see our privacy policy: http://chatango.com/page?full_privacy\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":697315,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (54430), with CRLF, LF line terminators","md5":"d94bb718ac90def23046dfc25158e6c4","sha1":"5ecafba9fcd7f41b0bc32a1258b934adbfafb850","sha256":"6de3a78692bfa5f1f8f5b9febc46ecc98f59c78b9e39d090b8aaa59b85b8f175","sha512":"6b10eec769df764f9d1b76b15ec102aaf97f45cd0e6f65d7546084456d2d38b81fb645444af574eb5f7cee2d195a2afa9df3bbbe58cd0a98c85d09135559545d","ssdeep":"12288:cRHV9ZUBGSXu/u6x6+odT8yRiNiGFr74GQY/6Xdq2t:YHV9ZULu/u6x6+oT8yRiNLFr74GQYg","tlshash":"c4e4189db7613225c2a3e1f0806b1155723b60ade5449b6cb24ddcf4ae7486c227bfbc","first_seen":"2025-09-20T18:59:54.745917Z","last_seen":"2025-09-28T20:19:35.190092Z","times_seen":23,"resource_available":false,"data":null}},"time_used":2052,"timings":{"blocked":634,"dns":0,"connect":157,"send":0,"wait":313,"receive":471,"ssl":476},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ust.chatango.com/profileimg/j/u/judokiwo11/thumb.jpg","fqdn":"ust.chatango.com","domain":"chatango.com","tld":"com"},"ip":{"addr":"208.93.230.28","port":443,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://st.chatango.com/h5/gz/r0920251123/id.html","date":"2025-09-28T16:27:43.533Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.chatango.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 15 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:69:E1:D0:F3:D1:74:D0:DA:D5:22:F8:D3:1E:06:08:AD:10:C4:11","sha256":"09:28:F7:57:15:FC:10:13:9B:36:F1:1C:C5:1D:EE:8C:45:0E:F5:7B:37:E3:7C:84:D3:8B:89:EE:9E:19:0E:20"}}},"request":{"raw":"GET /profileimg/j/u/judokiwo11/thumb.jpg HTTP/1.1\r\nHost: ust.chatango.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://st.chatango.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 28 Sep 2025 16:27:45 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 640\r\nLast-Modified: Tue, 09 Jun 2009 03:36:06 GMT\r\nConnection: keep-alive\r\nExpires: Sun, 28 Sep 2025 16:27:45 GMT\r\nCache-Control: max-age=0\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":640,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 50x50, components 3","md5":"81a620d0a6b17b31632ca56ac588ecbb","sha1":"c93fc7d3b7c2ab12a68edf54be4b71753cb8f5e8","sha256":"fcfa793d204b4144bf54f59bd9c5c720843af02dd02999d1653c8fafc0ebd8ea","sha512":"e1ae4145dbab484376e98f7e3df244238a8a588268df8707b956fbaf7b54f770903ba36352ed94fcbd2f23cd582b0a248f2baf6bde7bbaac64910e5475a89a90","ssdeep":"","tlshash":"71f0202b69909f38e8ec147a1981c7543b8e2e26b1336e8c120030e0f8ef197073e1a7","first_seen":"2023-04-15T21:57:07Z","last_seen":"2026-04-09T22:38:46.496666Z","times_seen":714,"resource_available":false,"data":null}},"time_used":1620,"timings":{"blocked":722,"dns":1,"connect":179,"send":0,"wait":178,"receive":0,"ssl":539},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ust.chatango.com/profileimg/t/o/touchytouchy30/thumb.jpg","fqdn":"ust.chatango.com","domain":"chatango.com","tld":"com"},"ip":{"addr":"208.93.230.28","port":443,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://st.chatango.com/h5/gz/r0920251123/id.html","date":"2025-09-28T16:27:43.708Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.chatango.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 15 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:69:E1:D0:F3:D1:74:D0:DA:D5:22:F8:D3:1E:06:08:AD:10:C4:11","sha256":"09:28:F7:57:15:FC:10:13:9B:36:F1:1C:C5:1D:EE:8C:45:0E:F5:7B:37:E3:7C:84:D3:8B:89:EE:9E:19:0E:20"}}},"request":{"raw":"GET /profileimg/t/o/touchytouchy30/thumb.jpg HTTP/1.1\r\nHost: ust.chatango.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://st.chatango.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 28 Sep 2025 16:27:45 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 640\r\nLast-Modified: Tue, 09 Jun 2009 03:36:06 GMT\r\nConnection: keep-alive\r\nExpires: Sun, 28 Sep 2025 16:27:45 GMT\r\nCache-Control: max-age=0\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":640,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 50x50, components 3","md5":"81a620d0a6b17b31632ca56ac588ecbb","sha1":"c93fc7d3b7c2ab12a68edf54be4b71753cb8f5e8","sha256":"fcfa793d204b4144bf54f59bd9c5c720843af02dd02999d1653c8fafc0ebd8ea","sha512":"e1ae4145dbab484376e98f7e3df244238a8a588268df8707b956fbaf7b54f770903ba36352ed94fcbd2f23cd582b0a248f2baf6bde7bbaac64910e5475a89a90","ssdeep":"","tlshash":"71f0202b69909f38e8ec147a1981c7543b8e2e26b1336e8c120030e0f8ef197073e1a7","first_seen":"2023-04-15T21:57:07Z","last_seen":"2026-04-09T22:38:46.496666Z","times_seen":714,"resource_available":false,"data":null}},"time_used":910,"timings":{"blocked":731,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ust.chatango.com/profileimg/c/o/cowli/thumb.jpg","fqdn":"ust.chatango.com","domain":"chatango.com","tld":"com"},"ip":{"addr":"208.93.230.28","port":443,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://st.chatango.com/h5/gz/r0920251123/id.html","date":"2025-09-28T16:27:43.707Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.chatango.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 15 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:69:E1:D0:F3:D1:74:D0:DA:D5:22:F8:D3:1E:06:08:AD:10:C4:11","sha256":"09:28:F7:57:15:FC:10:13:9B:36:F1:1C:C5:1D:EE:8C:45:0E:F5:7B:37:E3:7C:84:D3:8B:89:EE:9E:19:0E:20"}}},"request":{"raw":"GET /profileimg/c/o/cowli/thumb.jpg HTTP/1.1\r\nHost: ust.chatango.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://st.chatango.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 28 Sep 2025 16:27:45 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 1373\r\nLast-Modified: Sun, 06 Oct 2024 11:20:16 GMT\r\nConnection: keep-alive\r\nExpires: Sun, 28 Sep 2025 16:27:45 GMT\r\nCache-Control: max-age=0\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1373,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3","md5":"cb6e85fbc2707655a69d1a1364f07f9f","sha1":"7a6c40e8420f903b4b21e52abee925d4ed5a3622","sha256":"c99dd1dcc199d2032a85e9e1d9e06b5de6995f675279523ee36358c343ed4724","sha512":"2422a6575ce2fcdda6619063ff3e2ce10c7b1ef78cfec7d470931df31400252eb91f48cc0ee86f3c645f4635137227796c1e51b48c59c15b92ccfa14d9a76f3c","ssdeep":"","tlshash":"e521cb56971b8a60cf7bdeb731a7317761f946e16a502539adf146e0c320cf0c444358","first_seen":"2024-10-20T03:52:22.263072Z","last_seen":"2025-11-16T06:39:24.033351Z","times_seen":4,"resource_available":false,"data":null}},"time_used":910,"timings":{"blocked":731,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ust.chatango.com/groupinfo/c/r/crichd-to/gprofile.xml","fqdn":"ust.chatango.com","domain":"chatango.com","tld":"com"},"ip":{"addr":"208.93.230.28","port":443,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://st.chatango.com/h5/gz/r0920251123/id.html","date":"2025-09-28T16:27:42.331Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.chatango.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 15 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:69:E1:D0:F3:D1:74:D0:DA:D5:22:F8:D3:1E:06:08:AD:10:C4:11","sha256":"09:28:F7:57:15:FC:10:13:9B:36:F1:1C:C5:1D:EE:8C:45:0E:F5:7B:37:E3:7C:84:D3:8B:89:EE:9E:19:0E:20"}}},"request":{"raw":"GET /groupinfo/c/r/crichd-to/gprofile.xml HTTP/1.1\r\nHost: ust.chatango.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://st.chatango.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://st.chatango.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 28 Sep 2025 16:27:43 GMT\r\nContent-Type: text/xml\r\nContent-Length: 141\r\nLast-Modified: Tue, 07 Mar 2023 11:32:12 GMT\r\nConnection: keep-alive\r\nExpires: Sun, 28 Sep 2025 16:27:43 GMT\r\nCache-Control: max-age=0\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":141,"size_decoded":0,"mime_type":"text/xml","magic":"XML 1.0 document, ASCII text, with no line terminators","md5":"4407adefc02349cfbaae3aebf7ac062c","sha1":"53e026350329d1ecad0b64470a714f2fb51922de","sha256":"62e565c477293838f6a3268714c90133ae5bebb783c6d407d93d11e2ed351f17","sha512":"9f13d1336852e0bca9e8fe900889f291b88eea2729b22f5b4a051d79a5b159f77db9bc538ebaffb076f28319e3eca06a206e7450170b7cabd4fed9c29ee2de40","ssdeep":"","tlshash":"cbc09b5d6c727435777e11794fa07ac023c05b12d0f6047b514d7414454344ecd0c16f","first_seen":"2023-10-31T17:04:40Z","last_seen":"2026-02-18T20:03:12.112442Z","times_seen":17,"resource_available":false,"data":null}},"time_used":1471,"timings":{"blocked":655,"dns":4,"connect":161,"send":0,"wait":161,"receive":0,"ssl":489},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bvtpk.com/tag.min.js","fqdn":"bvtpk.com","domain":"bvtpk.com","tld":"com"},"ip":{"addr":"172.67.154.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://st.chatango.com/h5/gz/r0920251123/id.html","date":"2025-09-28T16:27:43.883Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bvtpk.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 09 Sep 2025 16:15:33 GMT","end":"Mon, 08 Dec 2025 17:13:51 GMT"},"fingerprint":{"sha1":"57:53:1B:12:8D:B5:A7:B6:96:E2:B4:FE:90:A1:D8:FA:24:94:9A:B9","sha256":"4E:2A:10:4F:06:F6:4E:34:B3:5A:E6:9B:A2:C7:FC:B2:A4:7D:55:44:3D:06:2B:38:35:A7:52:1D:F2:4E:80:5E"}}},"request":{"raw":"GET /tag.min.js HTTP/1.1\r\nHost: bvtpk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://st.chatango.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 16:27:43 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-trace-id: a29e7dbb5f1cf3df66d253c0dbfc3bf5\r\ncache-control: public, max-age=600, s-maxage=1800\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 1723\r\ncf-cache-status: HIT\r\nlast-modified: Sun, 28 Sep 2025 15:59:00 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NlCMLe%2F7QnwrOJ0npU1vaAWiccG%2FUOcZHn6DXEFyp4HY5muC65A8ng%2FShG58DOE9FvQzzSKTxZdvkj856up6iXqdGSoKeapCoQ%3D%3D\"}]}\r\ncf-ray: 98649c1f98c25ebd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":109903,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"df59b89d2b10e781595a9bbb06b5fb1a","sha1":"7cba199aa8cc8b54628df40893b70ae37406097f","sha256":"1470685003608bc3294b12dab4323c2a1168b0dd52fbb1ac58db5e3a96beaca4","sha512":"61acf5be86e8a01ec47c278227bbfad14bf286481ba4823387fc7162b2904c07518b009e4907c20d44327f64ba2bbc8384826842e54e6955d15ee692232ad3a2","ssdeep":"1536:KORV5n7I9pN5MSlR8L6Ru5HjQdXog6wTEDtr0r0:KORVd4nWqvXoRGEhr0r0","tlshash":"25b30a9c625734711d7a9129785fc44daeeaef80048e89e4d0daac732653071d3bbfe8","first_seen":"2025-09-25T11:02:30.329168Z","last_seen":"2026-01-02T20:38:25.96051Z","times_seen":81,"resource_available":true,"data":null}},"time_used":103,"timings":{"blocked":49,"dns":4,"connect":1,"send":0,"wait":5,"receive":0,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dadocric.st/","fqdn":"dadocric.st","domain":"dadocric.st","tld":"st"},"ip":{"addr":"172.67.187.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-28T16:27:23.868Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dadocric.st","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Sep 2025 19:34:35 GMT","end":"Mon, 01 Dec 2025 20:29:03 GMT"},"fingerprint":{"sha1":"C9:36:D7:69:D7:12:77:D9:95:5C:07:6E:3D:DC:89:C1:B3:6E:A1:0A","sha256":"75:93:AD:A8:7F:77:66:64:69:DA:DF:3E:10:31:EA:17:52:0D:B3:7C:D1:32:2A:BD:AC:65:3A:06:23:DE:59:D6"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: dadocric.st\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 16:27:24 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yKss0hxvN%2B%2ByMp0elos4PLFkiGZT893hOcVr7uoznShRct7LvMExOSgqvIGL6KTrsh%2FktpZN%2F1U9bnqtU8X1WyZuGjhw7%2BmIdQ%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 98649ba37e1756c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Chatango","description":"Chatango is a website used for connecting to a large selection of users.","website":"https://chatango.com","common_platform_enumeration":"","icon":"Chatango.png","categories":["Widgets"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19455,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2203), with CRLF line terminators","md5":"5de006d102761c17e68be320c869558d","sha1":"4a4e7a1f78acc8d57512d8fdb2c2f8d85377dfd1","sha256":"8d67c642b14784a0f42bd9d07e356a1dcf5912da840347b3d2a055c931e8d40f","sha512":"acd73376e5446b8bad499abd34c0837d372d0331caec5ec3dead8ad8a81afe5e06b3afe86cf89c862e6bc37bd0061a6efd6cab7056bb71fbc4eae9ea17b834d1","ssdeep":"384:/wvT3u1t3E/RcL1gq4Q1Kr7Sm97fB7pOpU0OqtZlatTpQ4R:Yrmk0Ar797fp6rOcbatTpQ4R","tlshash":"97922a3253c0496e617b81a86133b48cfa9a9053d740d48cb7ee6953efb2de1185b1bd","first_seen":"2025-09-28T16:27:52.99535Z","last_seen":"2025-11-16T06:39:23.922942Z","times_seen":2,"resource_available":false,"data":null}},"time_used":490,"timings":{"blocked":207,"dns":0,"connect":2,"send":0,"wait":76,"receive":0,"ssl":204},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"dadocric.st","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dadocric.st/style.css","fqdn":"dadocric.st","domain":"dadocric.st","tld":"st"},"ip":{"addr":"172.67.187.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://dadocric.st/","date":"2025-09-28T16:27:24.205Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dadocric.st","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Sep 2025 19:34:35 GMT","end":"Mon, 01 Dec 2025 20:29:03 GMT"},"fingerprint":{"sha1":"C9:36:D7:69:D7:12:77:D9:95:5C:07:6E:3D:DC:89:C1:B3:6E:A1:0A","sha256":"75:93:AD:A8:7F:77:66:64:69:DA:DF:3E:10:31:EA:17:52:0D:B3:7C:D1:32:2A:BD:AC:65:3A:06:23:DE:59:D6"}}},"request":{"raw":"GET /style.css HTTP/1.1\r\nHost: dadocric.st\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dadocric.st/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 16:27:24 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Sat, 03 May 2025 21:30:13 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: W/\"68168ae5-3937\"\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rlOuNN3d813h5JynRfAv5WMuedHOoDEI8%2Bu9j5qRNP3fPddgERdyVSR%2BbDZFbSHJl5nP2yQ0JPvHbqrjbySwgF3bKqGCSSVsyw%3D%3D\"}]}\r\ncf-ray: 98649ba44efe56c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14647,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (12352), with CRLF line terminators","md5":"e358ab678fcf1ab51227eaf24d4a1845","sha1":"695a84382b7aeeb84438c29e82ef7cb3f4dfee4e","sha256":"4871c375ad40f5ac2624c6af0ad0372b1d5cf801e01a4d5e87a425c7b3e3f457","sha512":"f765173cdf66eec004835aae31f13f1e09227bbd97e402fec0f99dda961e86385b5cff4c4caab35b2cf40894e5c6f6564131fc8262083e9c79f743c5f8c1aec5","ssdeep":"192:Y7JXYS7JXYZGw2+Mu0kG+ZhhpsGWXnFkz2eZNjr3ul8t9OgT:Gnhw6+Zhhpsl5eZNjr399L","tlshash":"3762d81eaa14102a7d3780fbc4e0ba9d7026a4c5df3696faba835510fbd72f32d93504","first_seen":"2025-09-28T16:27:52.996959Z","last_seen":"2025-11-16T06:39:24.008658Z","times_seen":2,"resource_available":false,"data":null}},"time_used":71,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":71,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"dadocric.st","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ust.chatango.com/profileimg/m/a/marijuanagrass/thumb.jpg","fqdn":"ust.chatango.com","domain":"chatango.com","tld":"com"},"ip":{"addr":"208.93.230.28","port":443,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://st.chatango.com/h5/gz/r0920251123/id.html","date":"2025-09-28T16:27:43.678Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.chatango.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 15 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:69:E1:D0:F3:D1:74:D0:DA:D5:22:F8:D3:1E:06:08:AD:10:C4:11","sha256":"09:28:F7:57:15:FC:10:13:9B:36:F1:1C:C5:1D:EE:8C:45:0E:F5:7B:37:E3:7C:84:D3:8B:89:EE:9E:19:0E:20"}}},"request":{"raw":"GET /profileimg/m/a/marijuanagrass/thumb.jpg HTTP/1.1\r\nHost: ust.chatango.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://st.chatango.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 28 Sep 2025 16:27:45 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 640\r\nLast-Modified: Tue, 09 Jun 2009 03:36:06 GMT\r\nConnection: keep-alive\r\nExpires: Sun, 28 Sep 2025 16:27:45 GMT\r\nCache-Control: max-age=0\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":640,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 50x50, components 3","md5":"81a620d0a6b17b31632ca56ac588ecbb","sha1":"c93fc7d3b7c2ab12a68edf54be4b71753cb8f5e8","sha256":"fcfa793d204b4144bf54f59bd9c5c720843af02dd02999d1653c8fafc0ebd8ea","sha512":"e1ae4145dbab484376e98f7e3df244238a8a588268df8707b956fbaf7b54f770903ba36352ed94fcbd2f23cd582b0a248f2baf6bde7bbaac64910e5475a89a90","ssdeep":"","tlshash":"71f0202b69909f38e8ec147a1981c7543b8e2e26b1336e8c120030e0f8ef197073e1a7","first_seen":"2023-04-15T21:57:07Z","last_seen":"2026-04-09T22:38:46.496666Z","times_seen":714,"resource_available":false,"data":null}},"time_used":1470,"timings":{"blocked":654,"dns":1,"connect":162,"send":0,"wait":162,"receive":0,"ssl":491},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ust.chatango.com/profileimg/r/i/rimurutempestdl/thumb.jpg","fqdn":"ust.chatango.com","domain":"chatango.com","tld":"com"},"ip":{"addr":"208.93.230.28","port":443,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://st.chatango.com/h5/gz/r0920251123/id.html","date":"2025-09-28T16:27:43.682Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.chatango.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 15 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:69:E1:D0:F3:D1:74:D0:DA:D5:22:F8:D3:1E:06:08:AD:10:C4:11","sha256":"09:28:F7:57:15:FC:10:13:9B:36:F1:1C:C5:1D:EE:8C:45:0E:F5:7B:37:E3:7C:84:D3:8B:89:EE:9E:19:0E:20"}}},"request":{"raw":"GET /profileimg/r/i/rimurutempestdl/thumb.jpg HTTP/1.1\r\nHost: ust.chatango.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://st.chatango.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 28 Sep 2025 16:27:45 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 1755\r\nLast-Modified: Sat, 21 Oct 2023 09:00:05 GMT\r\nConnection: keep-alive\r\nExpires: Sun, 28 Sep 2025 16:27:45 GMT\r\nCache-Control: max-age=0\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1755,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3","md5":"fff7bf8e28197157d394303bfd1d1bc6","sha1":"22e7f412e1d034bd92c37210bdabba7d9fcec83d","sha256":"44e45c3f6c4ed8c1db0478f142d2392b0c6951ba9da90f4a03efbee6a60e0e11","sha512":"b2cb73f6954273af74f5f0f744f469387c08bfdd03a22d45ef8689984a3943276c25cc3e16d6d5b1f3b7350646e97a651b501d0668d9b54a6b45e50e00fbe703","ssdeep":"","tlshash":"bb31da1f122637905f1545fd3f05385b53ab65c53970b2725a5261e78211dfdf858604","first_seen":"2025-09-28T16:27:52.998441Z","last_seen":"2025-09-28T16:27:52.998441Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1434,"timings":{"blocked":638,"dns":0,"connect":159,"send":0,"wait":158,"receive":0,"ssl":478},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ust.chatango.com/profileimg/v/a/vabby108/thumb.jpg","fqdn":"ust.chatango.com","domain":"chatango.com","tld":"com"},"ip":{"addr":"208.93.230.28","port":443,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://st.chatango.com/h5/gz/r0920251123/id.html","date":"2025-09-28T16:27:43.704Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.chatango.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 15 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:69:E1:D0:F3:D1:74:D0:DA:D5:22:F8:D3:1E:06:08:AD:10:C4:11","sha256":"09:28:F7:57:15:FC:10:13:9B:36:F1:1C:C5:1D:EE:8C:45:0E:F5:7B:37:E3:7C:84:D3:8B:89:EE:9E:19:0E:20"}}},"request":{"raw":"GET /profileimg/v/a/vabby108/thumb.jpg HTTP/1.1\r\nHost: ust.chatango.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://st.chatango.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 28 Sep 2025 16:27:45 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 640\r\nLast-Modified: Tue, 09 Jun 2009 03:36:06 GMT\r\nConnection: keep-alive\r\nExpires: Sun, 28 Sep 2025 16:27:45 GMT\r\nCache-Control: max-age=0\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":640,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 50x50, components 3","md5":"81a620d0a6b17b31632ca56ac588ecbb","sha1":"c93fc7d3b7c2ab12a68edf54be4b71753cb8f5e8","sha256":"fcfa793d204b4144bf54f59bd9c5c720843af02dd02999d1653c8fafc0ebd8ea","sha512":"e1ae4145dbab484376e98f7e3df244238a8a588268df8707b956fbaf7b54f770903ba36352ed94fcbd2f23cd582b0a248f2baf6bde7bbaac64910e5475a89a90","ssdeep":"","tlshash":"71f0202b69909f38e8ec147a1981c7543b8e2e26b1336e8c120030e0f8ef197073e1a7","first_seen":"2023-04-15T21:57:07Z","last_seen":"2026-04-09T22:38:46.496666Z","times_seen":714,"resource_available":false,"data":null}},"time_used":907,"timings":{"blocked":729,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dadocric.st/logos/logo.webp","fqdn":"dadocric.st","domain":"dadocric.st","tld":"st"},"ip":{"addr":"172.67.187.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dadocric.st/","date":"2025-09-28T16:27:24.206Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dadocric.st","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Sep 2025 19:34:35 GMT","end":"Mon, 01 Dec 2025 20:29:03 GMT"},"fingerprint":{"sha1":"C9:36:D7:69:D7:12:77:D9:95:5C:07:6E:3D:DC:89:C1:B3:6E:A1:0A","sha256":"75:93:AD:A8:7F:77:66:64:69:DA:DF:3E:10:31:EA:17:52:0D:B3:7C:D1:32:2A:BD:AC:65:3A:06:23:DE:59:D6"}}},"request":{"raw":"GET /logos/logo.webp HTTP/1.1\r\nHost: dadocric.st\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dadocric.st/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 16:27:24 GMT\r\ncontent-type: image/webp\r\ncontent-length: 5140\r\nserver: cloudflare\r\nlast-modified: Sat, 03 May 2025 22:09:52 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: \"68169430-1414\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uBTvgdQlijJYgiCkOkIJrfhX0%2F7KMOMdh5w0MtTWiCRA6nKryvOx29SeHYxRQpIT7V75pAgs%2FmS3GKJci%2FS7gE3ML1AvXxTm5w%3D%3D\"}]}\r\ncf-ray: 98649ba44f0056c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5140,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"41e36929961974f4a2131dd59f2fe6ad","sha1":"f1eafe8e35f15032ddf71750a51773618b620bcc","sha256":"18012ce9c45e07590f10d220d913d40b930ded9350d85c72c07c111d1f614e73","sha512":"8d3f5a6cc3708de5729dbfbcc56ce79a01ca8a99304f3b98685fa3884d6da8aaa3eb3d6de882fbc1dbbb4223d2b04cbea50472a6c90a79139744ca6e04c330e6","ssdeep":"96:4u/Sw1079UnTSU27SKgMBL0vyWvOzz9ODZT5vqcFwMHiVBb6bdgbiFr:t/7079Un+U22MJ0RWzz9wBLCXbuaiR","tlshash":"42b18e7cf58bd035fd3a5745c6d8a1021766a7a2a5af885d455b00f08aae1878f2cd31","first_seen":"2025-09-28T16:27:52.999547Z","last_seen":"2026-04-10T04:00:25.01284Z","times_seen":4,"resource_available":false,"data":null}},"time_used":69,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":69,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"dadocric.st","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"s63.chatango.com:8081/","fqdn":"s63.chatango.com","domain":"chatango.com","tld":"com"},"ip":{"addr":"208.93.230.178","port":8081,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://st.chatango.com/h5/gz/r0920251123/id.html","date":"2025-09-28T16:27:42.486Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.chatango.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 15 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:69:E1:D0:F3:D1:74:D0:DA:D5:22:F8:D3:1E:06:08:AD:10:C4:11","sha256":"09:28:F7:57:15:FC:10:13:9B:36:F1:1C:C5:1D:EE:8C:45:0E:F5:7B:37:E3:7C:84:D3:8B:89:EE:9E:19:0E:20"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: s63.chatango.com:8081\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://st.chatango.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: L2J+WevTUyxfk0IaXBEdog==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nUpgrade: websocket\r\nConnection: Upgrade\r\nSec-WebSocket-Accept: qfs+hGYJphvhOfCqBDfsAo0lSZY=\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-12T13:55:58.474524Z","times_seen":13664276,"resource_available":true,"data":null}},"time_used":682,"timings":{"blocked":0,"dns":0,"connect":162,"send":0,"wait":161,"receive":0,"ssl":359},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ust.chatango.com/profileimg/s/r/sriki007/thumb.jpg","fqdn":"ust.chatango.com","domain":"chatango.com","tld":"com"},"ip":{"addr":"208.93.230.28","port":443,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://st.chatango.com/h5/gz/r0920251123/id.html","date":"2025-09-28T16:27:43.703Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.chatango.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 15 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:69:E1:D0:F3:D1:74:D0:DA:D5:22:F8:D3:1E:06:08:AD:10:C4:11","sha256":"09:28:F7:57:15:FC:10:13:9B:36:F1:1C:C5:1D:EE:8C:45:0E:F5:7B:37:E3:7C:84:D3:8B:89:EE:9E:19:0E:20"}}},"request":{"raw":"GET /profileimg/s/r/sriki007/thumb.jpg HTTP/1.1\r\nHost: ust.chatango.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://st.chatango.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 28 Sep 2025 16:27:45 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 1574\r\nLast-Modified: Sat, 27 Nov 2010 14:44:18 GMT\r\nConnection: keep-alive\r\nExpires: Sun, 28 Sep 2025 16:27:45 GMT\r\nCache-Control: max-age=0\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1574,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3","md5":"86e554af6678357b296b6100e2608ef0","sha1":"7cf795409e10a7784962955e6706890425d605ba","sha256":"af28ac42724ae1c7299787e9f474341986cff45f2c471fe3cd825981f23f6b1f","sha512":"aa6cb6c6df584053acd9a4d245df92330eeaa0da8bba872edd70ec29a637a1d1617556d138a0529ca13481008077866d4cac66c75779b278cd36509fd1bfe537","ssdeep":"","tlshash":"243195755b861690cf1549bd2458333fb0b8ee823cb4623425680ba59a14ff4c998b5a","first_seen":"2025-09-28T16:27:53.001273Z","last_seen":"2025-09-28T16:27:53.001273Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1468,"timings":{"blocked":653,"dns":0,"connect":162,"send":0,"wait":162,"receive":0,"ssl":490},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"riskexcel.com/9dd12203842fdbb7ff56cfdbd2c7d020/invoke.js","fqdn":"riskexcel.com","domain":"riskexcel.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dadocric.st/","date":"2025-09-28T16:27:24.206Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"riskexcel.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 07 Sep 2025 21:35:27 GMT","end":"Sat, 06 Dec 2025 21:35:26 GMT"},"fingerprint":{"sha1":"1F:A6:04:FD:96:91:55:CE:17:3C:BE:0F:0F:B4:0F:BD:17:5F:B1:25","sha256":"DC:70:45:62:5D:56:4C:23:9C:BC:E3:BA:A7:51:ED:B2:FB:A9:3F:7D:42:87:E0:58:E8:C9:19:40:F2:A4:02:15"}}},"request":{"raw":"GET /9dd12203842fdbb7ff56cfdbd2c7d020/invoke.js HTTP/1.1\r\nHost: riskexcel.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dadocric.st/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Sep 2025 16:27:40 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 16260\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 4\r\nHost: riskexcel.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 3fe6f714badfb72de8ecef11c0efc479\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":37627,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (37627), with no line terminators","md5":"fd6e33c100b2a01a9c1b5a4d679ed54c","sha1":"b8e34e4d63e6dcaf81906ff78060d046df0395b0","sha256":"664c1ab816ecac6b549d63be9178333d317a51a894c805d6a848ee8a820e351e","sha512":"f092c2c367fc73fd2882383d1c738caed03ddf54f9f3cb39a72cc5b564998f8cef4cbdff8a6a42c895469254797a7a6c8d546ced9cb20dcad7d4e9668a030b3a","ssdeep":"768:Pfho7kMPFiARuKBp3zCrPj0c2XVgciy3kjKNaQWFXnFKDy:PSuARtBRaj0cQVgc/nNLCnFKDy","tlshash":"ecf2e6c87f91f17407a76433222f954af56bcd05598ed048f43be4ac2d6c726e936a38","first_seen":"2025-09-28T16:27:53.0024Z","last_seen":"2025-09-28T16:27:53.0024Z","times_seen":1,"resource_available":true,"data":null}},"time_used":25193,"timings":{"blocked":8575,"dns":51,"connect":108,"send":0,"wait":7932,"receive":108,"ssl":8418},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"riskexcel.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"riskexcel.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"riskexcel.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"riskexcel.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"st.chatango.com/js/gz/r0920251123/CommonUIModule.js","fqdn":"st.chatango.com","domain":"chatango.com","tld":"com"},"ip":{"addr":"208.93.230.28","port":443,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://st.chatango.com/h5/gz/r0920251123/id.html","date":"2025-09-28T16:27:43.508Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.chatango.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 15 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:69:E1:D0:F3:D1:74:D0:DA:D5:22:F8:D3:1E:06:08:AD:10:C4:11","sha256":"09:28:F7:57:15:FC:10:13:9B:36:F1:1C:C5:1D:EE:8C:45:0E:F5:7B:37:E3:7C:84:D3:8B:89:EE:9E:19:0E:20"}}},"request":{"raw":"GET /js/gz/r0920251123/CommonUIModule.js HTTP/1.1\r\nHost: st.chatango.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://st.chatango.com/h5/gz/r0920251123/id.html\r\nCookie: session_id=5187597182706562\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 28 Sep 2025 16:27:44 GMT\r\nContent-Type: application/x-javascript\r\nContent-Length: 7614\r\nLast-Modified: Sat, 20 Sep 2025 18:27:21 GMT\r\nConnection: keep-alive\r\nExpires: Mon, 28 Sep 2026 16:27:44 GMT\r\nCache-Control: max-age=31536000\r\nContent-Encoding: gzip\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21140,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (1121)","md5":"27543eb3d80d69bdb014f5a3b4f19963","sha1":"7f8b4b6cdde77f63c0df6676c19a11c480ac90aa","sha256":"9d7bf2516c34273d8809fae0fecf01119b54be83feaf0759fed7116f6d36406b","sha512":"25711f8c535d94df7baeb284847d78c637b6f5c02538e627d35eb07544a055d6c700458853ec9d3d9244b4b35462eab3822901ad02b70326776e4ce97859a5a5","ssdeep":"384:l/YCCywYyufacPsKZOyNxMF0QIZP5qxP5qvCfZdi1jN:N9facPsKZ5xWQHeCtN","tlshash":"3192085bb2623167e262f0f4047f411a1637a549a89582ac349eede45ebdc2c3377f38","first_seen":"2025-09-20T18:59:54.733769Z","last_seen":"2026-04-05T10:10:49.538656Z","times_seen":222,"resource_available":true,"data":null}},"time_used":157,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":157,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ust.chatango.com/profileimg/s/h/shukla2208/thumb.jpg","fqdn":"ust.chatango.com","domain":"chatango.com","tld":"com"},"ip":{"addr":"208.93.230.28","port":443,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://st.chatango.com/h5/gz/r0920251123/id.html","date":"2025-09-28T16:27:43.539Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.chatango.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 15 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:69:E1:D0:F3:D1:74:D0:DA:D5:22:F8:D3:1E:06:08:AD:10:C4:11","sha256":"09:28:F7:57:15:FC:10:13:9B:36:F1:1C:C5:1D:EE:8C:45:0E:F5:7B:37:E3:7C:84:D3:8B:89:EE:9E:19:0E:20"}}},"request":{"raw":"GET /profileimg/s/h/shukla2208/thumb.jpg HTTP/1.1\r\nHost: ust.chatango.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://st.chatango.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 28 Sep 2025 16:27:45 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 640\r\nLast-Modified: Tue, 09 Jun 2009 03:36:06 GMT\r\nConnection: keep-alive\r\nExpires: Sun, 28 Sep 2025 16:27:45 GMT\r\nCache-Control: max-age=0\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":640,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 50x50, components 3","md5":"81a620d0a6b17b31632ca56ac588ecbb","sha1":"c93fc7d3b7c2ab12a68edf54be4b71753cb8f5e8","sha256":"fcfa793d204b4144bf54f59bd9c5c720843af02dd02999d1653c8fafc0ebd8ea","sha512":"e1ae4145dbab484376e98f7e3df244238a8a588268df8707b956fbaf7b54f770903ba36352ed94fcbd2f23cd582b0a248f2baf6bde7bbaac64910e5475a89a90","ssdeep":"","tlshash":"71f0202b69909f38e8ec147a1981c7543b8e2e26b1336e8c120030e0f8ef197073e1a7","first_seen":"2023-04-15T21:57:07Z","last_seen":"2026-04-09T22:38:46.496666Z","times_seen":714,"resource_available":false,"data":null}},"time_used":1620,"timings":{"blocked":721,"dns":0,"connect":179,"send":0,"wait":178,"receive":0,"ssl":541},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"st.chatango.com/js/gz/r0920251123/RklModule.js","fqdn":"st.chatango.com","domain":"chatango.com","tld":"com"},"ip":{"addr":"208.93.230.28","port":443,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://st.chatango.com/h5/gz/r0920251123/id.html","date":"2025-09-28T16:27:43.715Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.chatango.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 15 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:69:E1:D0:F3:D1:74:D0:DA:D5:22:F8:D3:1E:06:08:AD:10:C4:11","sha256":"09:28:F7:57:15:FC:10:13:9B:36:F1:1C:C5:1D:EE:8C:45:0E:F5:7B:37:E3:7C:84:D3:8B:89:EE:9E:19:0E:20"}}},"request":{"raw":"GET /js/gz/r0920251123/RklModule.js HTTP/1.1\r\nHost: st.chatango.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://st.chatango.com/h5/gz/r0920251123/id.html\r\nCookie: session_id=5187597182706562\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 28 Sep 2025 16:27:44 GMT\r\nContent-Type: application/x-javascript\r\nContent-Length: 945\r\nLast-Modified: Sat, 20 Sep 2025 18:27:21 GMT\r\nConnection: keep-alive\r\nExpires: Mon, 28 Sep 2026 16:27:44 GMT\r\nCache-Control: max-age=31536000\r\nContent-Encoding: gzip\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2533,"size_decoded":0,"mime_type":"application/x-javascript","magic":"ASCII text, with very long lines (540)","md5":"bd95f6c0630caa0a874ffb96ab25b46d","sha1":"064c2e60fc3e9d89d339bf25409dbc711fa30161","sha256":"1c5724eca50b127136e5d351e0ee568130148ff242473a8bf36d8bed17f9a045","sha512":"92ef36073926b47e89896007240616539c9057ca62508f654127697bdf1d1f6bba5b44f136fc0c01a6875ca38a938e28991f2d2a00fd7024d1ea3c9ed692c197","ssdeep":"","tlshash":"3651bc3f1574213ae85824c7e875eacc6ea0306ae69388a8e58ddcddf21cd911973430","first_seen":"2025-09-20T18:59:54.769535Z","last_seen":"2025-09-28T20:19:35.235342Z","times_seen":13,"resource_available":true,"data":null}},"time_used":158,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":157,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"3.73.105.217","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dadocric.st/","date":"2025-09-28T16:27:40.830Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dadocric.st\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dadocric.st/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 16:27:41 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://dadocric.st\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=ab2200b5-a9bf-41ae-b2c4-54d3314a5d07:3:1; expires=Wed, 26 Sep 2035 16:27:41 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"27c42d3d9b6c0e323e5b6224a0623c24","sha1":"5396f934cbf9f577f7f6e5ee376b1c801d430ace","sha256":"4db2dc76de1ec2a4cd311e0a6edd54b6adc687295a834bb649741a119cfb1f44","sha512":"68e2bb93832ad66f528b2edb4121b08017938cc7e9241a921e46bf8b845efe5bf7d76d95a864100690e50a2997f6ce0babf1758d987942d855b931d1ebbf39f6","ssdeep":"","tlshash":"6590045107f40404304d00d40dd03d51f1c4171351744135005cd3f04373307d151741","first_seen":"2025-09-28T16:27:53.004642Z","last_seen":"2025-09-28T16:27:53.004642Z","times_seen":1,"resource_available":false,"data":null}},"time_used":417,"timings":{"blocked":194,"dns":46,"connect":29,"send":0,"wait":29,"receive":0,"ssl":118},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ust.chatango.com/profileimg/p/a/paulvac/thumb.jpg","fqdn":"ust.chatango.com","domain":"chatango.com","tld":"com"},"ip":{"addr":"208.93.230.28","port":443,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://st.chatango.com/h5/gz/r0920251123/id.html","date":"2025-09-28T16:27:43.536Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.chatango.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 15 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:69:E1:D0:F3:D1:74:D0:DA:D5:22:F8:D3:1E:06:08:AD:10:C4:11","sha256":"09:28:F7:57:15:FC:10:13:9B:36:F1:1C:C5:1D:EE:8C:45:0E:F5:7B:37:E3:7C:84:D3:8B:89:EE:9E:19:0E:20"}}},"request":{"raw":"GET /profileimg/p/a/paulvac/thumb.jpg HTTP/1.1\r\nHost: ust.chatango.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://st.chatango.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 28 Sep 2025 16:27:45 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 640\r\nLast-Modified: Tue, 09 Jun 2009 03:36:06 GMT\r\nConnection: keep-alive\r\nExpires: Sun, 28 Sep 2025 16:27:45 GMT\r\nCache-Control: max-age=0\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":640,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 50x50, components 3","md5":"81a620d0a6b17b31632ca56ac588ecbb","sha1":"c93fc7d3b7c2ab12a68edf54be4b71753cb8f5e8","sha256":"fcfa793d204b4144bf54f59bd9c5c720843af02dd02999d1653c8fafc0ebd8ea","sha512":"e1ae4145dbab484376e98f7e3df244238a8a588268df8707b956fbaf7b54f770903ba36352ed94fcbd2f23cd582b0a248f2baf6bde7bbaac64910e5475a89a90","ssdeep":"","tlshash":"71f0202b69909f38e8ec147a1981c7543b8e2e26b1336e8c120030e0f8ef197073e1a7","first_seen":"2023-04-15T21:57:07Z","last_seen":"2026-04-09T22:38:46.496666Z","times_seen":714,"resource_available":false,"data":null}},"time_used":1448,"timings":{"blocked":723,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":546},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/gid.js","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"172.64.146.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://st.chatango.com/h5/gz/r0920251123/id.html","date":"2025-09-28T16:27:43.968Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"my.rtmark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 28 Aug 2025 13:14:02 GMT","end":"Wed, 26 Nov 2025 14:13:48 GMT"},"fingerprint":{"sha1":"7A:B2:21:7F:72:E3:39:3E:95:5D:FB:ED:BB:1C:7E:88:C4:7A:B1:B3","sha256":"FB:1D:6D:AF:DA:57:8D:9A:8B:B2:CC:FF:A2:55:C8:F3:71:3D:49:77:06:FC:4D:6F:16:91:61:6F:89:1C:A3:CB"}}},"request":{"raw":"GET /gid.js HTTP/1.1\r\nHost: my.rtmark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://st.chatango.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://st.chatango.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 16:27:44 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: https://st.chatango.com\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token\r\naccess-control-expose-headers: Authorization\r\naccess-control-allow-credentials: true\r\nset-cookie: ID=080252cd2a1544d3f2526d99dfbc968e; expires=Mon, 28 Sep 2026 16:27:44 GMT; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncf-ray: 98649c20186f56af-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":65,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"5692c5cdee7bb76c93fbbdf802bc6206","sha1":"158c6a8a2899bd2f437b027570dbfdb93c72fbb2","sha256":"a4e45bf47f6cffec5ee2828bc554c7e4571655c7aa045c404ccbae326507e206","sha512":"c3334b1514ff805fbf125c9ce1112276e16fdacfe9420ef9532d955408c5322413b981ffe477070c64664b336f61353a6b015d5fba20b0367fd280befd5ab6c6","ssdeep":"","tlshash":"0ca022a0083c288020c0380acc83eb00000000028000830802cc8000808320cc2e22c0","first_seen":"2025-09-28T16:27:53.005928Z","last_seen":"2025-09-28T16:27:53.005928Z","times_seen":1,"resource_available":false,"data":null}},"time_used":135,"timings":{"blocked":49,"dns":3,"connect":1,"send":0,"wait":37,"receive":0,"ssl":44},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dadocric.st/favicon.ico","fqdn":"dadocric.st","domain":"dadocric.st","tld":"st"},"ip":{"addr":"172.67.187.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dadocric.st/","date":"2025-09-28T16:27:26.231Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dadocric.st","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Sep 2025 19:34:35 GMT","end":"Mon, 01 Dec 2025 20:29:03 GMT"},"fingerprint":{"sha1":"C9:36:D7:69:D7:12:77:D9:95:5C:07:6E:3D:DC:89:C1:B3:6E:A1:0A","sha256":"75:93:AD:A8:7F:77:66:64:69:DA:DF:3E:10:31:EA:17:52:0D:B3:7C:D1:32:2A:BD:AC:65:3A:06:23:DE:59:D6"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: dadocric.st\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dadocric.st/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 28 Sep 2025 16:27:26 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=akmhn38WDKd1JmnYO3M%2BBDM13WLu2tw0Y2DrnlZDu33YNUwixwkzFtAdyDvQMjlEhiLnSJtb8%2B7uh414XaeOJK2Qo14DDdS5S0Dh\"}]}\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 28 Sep 2025 16:27:26 GMT\r\ncf-ray: 98649bb0fe001a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19455,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2203), with CRLF line terminators","md5":"5de006d102761c17e68be320c869558d","sha1":"4a4e7a1f78acc8d57512d8fdb2c2f8d85377dfd1","sha256":"8d67c642b14784a0f42bd9d07e356a1dcf5912da840347b3d2a055c931e8d40f","sha512":"acd73376e5446b8bad499abd34c0837d372d0331caec5ec3dead8ad8a81afe5e06b3afe86cf89c862e6bc37bd0061a6efd6cab7056bb71fbc4eae9ea17b834d1","ssdeep":"384:/wvT3u1t3E/RcL1gq4Q1Kr7Sm97fB7pOpU0OqtZlatTpQ4R:Yrmk0Ar797fp6rOcbatTpQ4R","tlshash":"97922a3253c0496e617b81a86133b48cfa9a9053d740d48cb7ee6953efb2de1185b1bd","first_seen":"2025-09-28T16:27:52.99535Z","last_seen":"2025-11-16T06:39:23.922942Z","times_seen":2,"resource_available":false,"data":null}},"time_used":70,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":67,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"dadocric.st","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gizokraijaw.net/401/9283842","fqdn":"gizokraijaw.net","domain":"gizokraijaw.net","tld":"net"},"ip":{"addr":"172.67.192.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://st.chatango.com/h5/gz/r0920251123/id.html","date":"2025-09-28T16:27:43.884Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gizokraijaw.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 19 Aug 2025 19:16:10 GMT","end":"Mon, 17 Nov 2025 20:11:08 GMT"},"fingerprint":{"sha1":"E6:7D:B3:84:29:8B:81:50:5E:19:53:E2:4B:17:00:59:2D:83:ED:54","sha256":"E7:80:92:FA:FB:C2:73:54:4D:54:2C:88:1D:16:35:32:BB:1D:CC:74:69:80:6A:E1:E2:42:1A:27:D2:A7:7D:62"}}},"request":{"raw":"GET /401/9283842 HTTP/1.1\r\nHost: gizokraijaw.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://st.chatango.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 16:27:44 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: public, max-age=600, s-maxage=1800\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HPoXyyKojgR04n628bQHHPlF2vkVwUWPznS9DeLgw%2Fuqb4SkDsO3xRQfOsJS17CiHw6U3XfK%2Fs1YiYsPp9pXMjgeoi1hN1jN%2FNEt4SPE%2BA%3D%3D\"}]}\r\ncf-ray: 98649c20e829120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":168022,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"313ed9241e5235962e74fd8caec4f2c2","sha1":"7dda0fe5e1847960b063ccf1e38a20ef64d079aa","sha256":"bc3037e9126699808f781f35a65fd377f54a7363c3a8922928894ac08dd514eb","sha512":"27e7a57287bdf79baa77b989eb3fa5b50055672a3cedf5679134b32194c318104421ce2a41d71945d3ed1918115bb0252b4d0b26297b55c620dd460c854f7f8b","ssdeep":"3072:vw+08/+ugr0a9bQee57WSSybf0AEq7WYV9u5OVny6/PKSWxyScqe//kAoUBEMY:vwfjWCybdh7b9u5OVy6/PKSWx6m7tMY","tlshash":"c1f3fcc9768174562a63b030522fad5fb92b8e20585f8d04e166f0e93e3945ee353efc","first_seen":"2025-09-26T23:04:00.881219Z","last_seen":"2025-09-28T22:15:47.028712Z","times_seen":20,"resource_available":true,"data":null}},"time_used":557,"timings":{"blocked":258,"dns":5,"connect":1,"send":0,"wait":40,"receive":0,"ssl":251},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"amt3.com/5/9353294/?oo=1\u0026js_build=iclick-v1.1578.0\u0026userId=080252cd2a1544d3f2526d99dfbc968e\u0026dmn=bvtpk.com\u0026tt=2\u0026ix=1","fqdn":"amt3.com","domain":"amt3.com","tld":"com"},"ip":{"addr":"139.45.195.9","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://st.chatango.com/h5/gz/r0920251123/id.html","date":"2025-09-28T16:27:44.223Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"amt3.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Fri, 11 Jul 2025 05:21:33 GMT","end":"Thu, 09 Oct 2025 05:21:32 GMT"},"fingerprint":{"sha1":"4F:52:B5:E1:62:6B:8E:6A:12:14:9C:87:72:1B:0C:49:B6:1B:B3:DD","sha256":"60:A1:B7:F3:D5:3A:87:F3:6A:F6:90:C5:70:D6:FD:50:C1:44:A8:9F:C9:62:EA:57:E1:E2:29:B4:19:91:E9:F5"}}},"request":{"raw":"POST /5/9353294/?oo=1\u0026js_build=iclick-v1.1578.0\u0026userId=080252cd2a1544d3f2526d99dfbc968e\u0026dmn=bvtpk.com\u0026tt=2\u0026ix=1 HTTP/1.1\r\nHost: amt3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 2673\r\nOrigin: https://st.chatango.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://st.chatango.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx\r\ndate: Sun, 28 Sep 2025 16:27:44 GMT\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: https://st.chatango.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\npragma: no-cache, no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-12T13:55:58.474524Z","times_seen":13664276,"resource_available":true,"data":null}},"time_used":210,"timings":{"blocked":84,"dns":0,"connect":27,"send":0,"wait":41,"receive":0,"ssl":56},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"amt3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gleecheeftoo.net/401/9283842?oo=1\u0026sw_version=v1.736.0-s\u0026oaid=080252cd2a1544d3f2526d99dfbc968e\u0026st=true","fqdn":"gleecheeftoo.net","domain":"gleecheeftoo.net","tld":"net"},"ip":{"addr":"139.45.197.243","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://st.chatango.com/h5/gz/r0920251123/id.html","date":"2025-09-28T16:27:44.356Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gleecheeftoo.net","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Sun, 20 Jul 2025 05:22:37 GMT","end":"Sat, 18 Oct 2025 05:22:36 GMT"},"fingerprint":{"sha1":"65:2E:92:B8:48:B4:CA:65:C3:E8:34:F0:21:65:4B:00:AE:CF:9C:59","sha256":"52:EC:DF:1B:83:18:E4:8F:68:1C:EC:0E:02:BC:4E:67:E6:B0:14:72:39:3B:D8:23:5F:0A:81:DD:2A:AE:2E:7F"}}},"request":{"raw":"POST /401/9283842?oo=1\u0026sw_version=v1.736.0-s\u0026oaid=080252cd2a1544d3f2526d99dfbc968e\u0026st=true HTTP/1.1\r\nHost: gleecheeftoo.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 2673\r\nOrigin: https://st.chatango.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://st.chatango.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 28 Sep 2025 16:27:44 GMT\r\ncontent-type: application/json\r\nx-trace-id: 3f73a86029795b62ed59c05d44f489b9\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\ncache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0\r\npragma: no-cache\r\nvary: Origin\r\naccess-control-allow-origin: https://st.chatango.com\r\naccess-control-expose-headers: Link\r\naccess-control-allow-credentials: true\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version\r\nset-cookie: OAID=080252cd2a1544d3f2526d99dfbc968e; expires=Mon, 28 Sep 2026 16:27:44 GMT; path=/; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *, *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2162,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"131ecfe3d98375052f3478298b847e39","sha1":"fafec8b075cf9b2dc682009d454164baa599c9bd","sha256":"95ef1889edde341c6740e082f5616b5ce2f8f98eca3ed3aaccf69b620f197021","sha512":"f3315fc3267aaf49de3476b26d8457ca1bfa2006b6fa4185240b874d9c9a93fb1b8c9599de5c4cebcc0f88309697a959bd9afab29d060f87be14096dfddb7da5","ssdeep":"","tlshash":"4f4134089d28013e82ee5ab5dc076d471abc562f7a4c752ee7490d1770ebce403eb20b","first_seen":"2025-09-28T16:27:53.007506Z","last_seen":"2025-09-28T16:27:53.007506Z","times_seen":1,"resource_available":false,"data":null}},"time_used":205,"timings":{"blocked":86,"dns":4,"connect":27,"send":0,"wait":32,"receive":0,"ssl":55},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"gleecheeftoo.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"gleecheeftoo.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-28","alert":"Sinkholed","trigger":"gleecheeftoo.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"st.chatango.com/js/gz/emb.js","fqdn":"st.chatango.com","domain":"chatango.com","tld":"com"},"ip":{"addr":"208.93.230.24","port":443,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dadocric.st/","date":"2025-09-28T16:27:24.207Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.chatango.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 15 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:69:E1:D0:F3:D1:74:D0:DA:D5:22:F8:D3:1E:06:08:AD:10:C4:11","sha256":"09:28:F7:57:15:FC:10:13:9B:36:F1:1C:C5:1D:EE:8C:45:0E:F5:7B:37:E3:7C:84:D3:8B:89:EE:9E:19:0E:20"}}},"request":{"raw":"GET /js/gz/emb.js HTTP/1.1\r\nHost: st.chatango.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dadocric.st/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 28 Sep 2025 16:27:24 GMT\r\nContent-Type: application/x-javascript\r\nContent-Length: 23805\r\nLast-Modified: Sat, 20 Sep 2025 18:27:21 GMT\r\nConnection: keep-alive\r\nETag: \"68cef209-5cfd\"\r\nExpires: Sun, 28 Sep 2025 16:27:24 GMT\r\nCache-Control: max-age=0\r\nContent-Encoding: gzip\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":69564,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (1651)","md5":"bcfb7580b5bc06959ab6d3d8554a8a53","sha1":"227a8c031a118f0a0781cd59abb8d0f2408e7dad","sha256":"01b6769cd0a313d1af75d8a0e640cbd31aef88d6f38292ef7ee582ef58d4ada2","sha512":"52c91433039900c149b2d88b8124504ac950b8b20983425aa1ed235ea05796ce0b6c5a50b1999e60cd827a62da54ffb3d8408bbe2ab9c98be28e4262df03a674","ssdeep":"1536:HZ/fvf0QYlkQd39ZQ2xcGpXHYfkHoQ0MMgB6GLwl9Vevk:9f0QYJEkHoQP6IK9Vevk","tlshash":"306309c9734274a68262e0f6402f054b7236b469f54885bcb19cdce52d789a9237ff7c","first_seen":"2025-09-20T18:59:54.7661Z","last_seen":"2025-09-28T20:19:35.297877Z","times_seen":22,"resource_available":true,"data":null}},"time_used":1311,"timings":{"blocked":493,"dns":5,"connect":162,"send":0,"wait":322,"receive":0,"ssl":328},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"st.chatango.com/cfg/nc/r.json?708390020000406333197662","fqdn":"st.chatango.com","domain":"chatango.com","tld":"com"},"ip":{"addr":"208.93.230.24","port":443,"asn":29893,"as":"CHATANGO","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://dadocric.st/","date":"2025-09-28T16:27:40.842Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.chatango.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 15 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:69:E1:D0:F3:D1:74:D0:DA:D5:22:F8:D3:1E:06:08:AD:10:C4:11","sha256":"09:28:F7:57:15:FC:10:13:9B:36:F1:1C:C5:1D:EE:8C:45:0E:F5:7B:37:E3:7C:84:D3:8B:89:EE:9E:19:0E:20"}}},"request":{"raw":"GET /cfg/nc/r.json?708390020000406333197662 HTTP/1.1\r\nHost: st.chatango.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://dadocric.st\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dadocric.st/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 28 Sep 2025 16:27:41 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 20\r\nLast-Modified: Sat, 20 Sep 2025 18:27:21 GMT\r\nConnection: keep-alive\r\nETag: \"68cef209-14\"\r\nCache-Control: max-age=0, no-cache, no-store, must-revalidate\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JSON text data","md5":"858ab715e5307110a4a47f5a9817ae28","sha1":"64ce0a14e63850fd965d4187f01688b4a40d616d","sha256":"9240ee88df8cdc510553e634a6d60e9683637ca3cc8474d141ceb2749de0acc2","sha512":"ed3121ab86b5b8bc76d2b4ad8e4fb4de1cd175445e7c74b2ff2c7f1c940332f7ed3e95463658ac07aad685d87ce81119e1a390ef60a3995d4f0ebae0fe3b2e64","ssdeep":"","tlshash":"c2700000a20828a20a2c0a02202a8000a000c8820280a888aa2388000a8020a0002808","first_seen":"2025-09-20T18:59:54.754589Z","last_seen":"2025-09-28T20:19:35.302979Z","times_seen":23,"resource_available":false,"data":null}},"time_used":1149,"timings":{"blocked":493,"dns":0,"connect":162,"send":0,"wait":163,"receive":0,"ssl":330},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tzegilo.com/stattag.js","fqdn":"tzegilo.com","domain":"tzegilo.com","tld":"com"},"ip":{"addr":"104.21.11.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://st.chatango.com/h5/gz/r0920251123/id.html","date":"2025-09-28T16:27:44.496Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tzegilo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Sep 2025 14:26:46 GMT","end":"Fri, 12 Dec 2025 07:20:07 GMT"},"fingerprint":{"sha1":"F3:16:05:8F:DD:38:43:0F:BB:E2:C4:D7:85:80:BC:FF:31:61:3D:76","sha256":"B5:31:C1:B7:C6:EF:62:4B:FF:EC:63:B7:C3:FC:AB:46:1C:7C:09:8C:E2:11:C2:6C:DC:B2:3A:57:84:15:F3:EC"}}},"request":{"raw":"GET /stattag.js HTTP/1.1\r\nHost: tzegilo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://st.chatango.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Sep 2025 16:27:44 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Thu, 11 Jul 2024 10:23:58 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nlink: \u003chttps://flerap.com/\u003e; rel=preconnect; crossorigin, \u003chttps://fleraprt.com/\u003e; rel=preconnect; crossorigin\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4FX5Z3AjR3UonVd5JVT%2BtlF1K0Dt6TJYoAu8cYR96g%2FMeXi1qdjIg9fZB6p5Yw9DieguiarVJ66P7gKa%2BI9yAPdv8ylfjWE0nQ%3D%3D\"}]}\r\nage: 20\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\netag: W/\"668fb2be-45d7\"\r\ncontent-encoding: br\r\ncf-ray: 98649c2368580b61-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17879,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (17229)","md5":"01227f5edc20e0ff4ed643b27cb8bb68","sha1":"d71a88f7341f2b1bdaa7deb9a66888607bd52598","sha256":"75c91d86601e23ab56d872b31b42660f893fc6d6b0785e085c06c2c038e98fb2","sha512":"88046b07c07ff6de47ef7d1e0d7ca281fc48e91fc6a292cdf611457b96ac92bb0068971cfd55c0cc3e6179d7335e77a6a14b15fa502bbae7b2233546da6c0f98","ssdeep":"384:WDWdyJ+TJTwWV+6RUL2qq8L6jW4+QL1zWAWvVRIDiei:7so1V+g+d+j4pJ5","tlshash":"8d82094a72d525ee82a3a1d10cef612ffb664e86a97e1785e381b49c187404ec3d7f90","first_seen":"2024-07-11T16:28:55Z","last_seen":"2026-04-12T13:58:29.206349Z","times_seen":6458,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":44,"dns":3,"connect":2,"send":0,"wait":7,"receive":0,"ssl":39},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}