{"report_id":"e3365015-9ef7-4214-bb7c-caf203708265","version":6,"status":"done","tags":[],"date":"2026-05-04T08:57:56Z","url":{"schema":"http","addr":"ptdufrain.com","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"172.67.136.99","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"ptdufrain.com/#/login","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"title":"Welcome to Dufrain","dom":{"size":43138,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (18981)","md5":"5723f7229bfbc3dafbaa81d42775dcdd","sha1":"12fddffe515ea5b669f8af6b8f901cfc72b4c044","sha256":"57cf18de02baaa6d5f582b71dd201b2a784edc40a0672f40875d742e211aa4f2","sha512":"9ac7fec8bcc755e87cde5dc84da4fd10a06246b781722ed57f0bed8447f2d0fced90b471628f3b3a22aa3f1bfc217dcf015f413f4e462adb988395b3d75c78b3","ssdeep":"384:O1ZCxh7WF75Y1bQ8C1TPimdIFGjsbJgYJnpKUq0Px3IYH5WHZ43oyyodc/shpif6:8QxNzk88PVdIC8bb3IYH5GOn","tlshash":"8d13ba30e015117a406fa9c8a47cefda32fbf30ede4741156aac63922fe7e90e956570","dom_hash":"domhash62c254fc15c61f8755eaa59029d88a81","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"ptdufrain.com","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"172.67.136.99","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-08T08:57:56Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"ptdufrain.com","ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":97,"request_count":97,"received_data":4502350,"sent_data":43029,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"d2kn51ra8uyuf5.cloudfront.net","ip":{"addr":"54.192.209.37","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2008-04-25","domain_rank":0,"first_seen":"2025-09-15T09:27:51.005036Z","last_seen":"2025-12-30T13:44:49.736851Z","alert_count":0,"request_count":5,"received_data":2011716,"sent_data":2452,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"api.iconify.design","ip":{"addr":"172.67.71.159","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2018-10-17","domain_rank":89604,"first_seen":"2018-12-24T02:01:40Z","last_seen":"2026-04-30T07:33:16.744103Z","alert_count":0,"request_count":2,"received_data":10416,"sent_data":913,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"ptdufrain.com/assets/loading-l0sNRNKZ.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"68b329da9893e34099c7d8ad5cb9c940","sha1":"adc83b19e793491b1c6ea0fd8b46cd9f32e592fc","sha256":"01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b","sha512":"be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09","ssdeep":"","tlshash":"c700000000000000c00000300000000030300000000000000000000000000000000000","size":1,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-06-07T19:30:29.083606Z","times_seen":213532,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/index-DKa3v8JK.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"d1c97b6e2ba46a1776a099ca5803bc6f","sha1":"bf1a9b4aa0e8a9c23a3bccd7816bfee2e090315d","sha256":"130115448f48e432f31bc2c333c6f916a6dd8b65a7e3afc5677d21c4bdd3e83d","sha512":"23122c80d81b32335aa2f08b937982a0331856d16eef408fb1b64ded2ff3bdda4ee3145d61ebaa3dd4cfa412399ce4f3b473a01d1ddb945428f2bc699c44b847","ssdeep":"","tlshash":"fbb092a74cb161b0008009c823185e92c83195bc37a682814699ca6a82986a75eaca24","size":118,"data":"","first_seen":"2026-05-04T08:58:09.528833Z","last_seen":"2026-05-04T09:00:42.128217Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/index-DBQDCAf-.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"fac8f3e0b90bd6cffc6948d658ec0824","sha1":"fe2924848c15ed8fb8a28584e5ee7b7750320fba","sha256":"63bb3ef49665c73366b269f28b8a26f90381f9552e71e2b3848aad37ef193cf7","sha512":"d0e4fecb4d24b416f7307d0f7ba891562f8d31ddfa5dd311d37ce6083a3ebc2544a08522af481910463c61479b56fefd5920f3fff384f0dfc5e1c74c4069874e","ssdeep":"384:sA4c4mRxX6sUaDkeHixFUXdIuFu7tJc/3W1:Cc4mRxX6XaDhHixUWJK3W1","tlshash":"1f92c95ce591a36cfd32894632187824d22d16dafed24cf891bebd112381cfcd29659f","size":21243,"data":"","first_seen":"2026-05-04T08:58:09.566852Z","last_seen":"2026-05-04T09:00:42.148849Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/useLevelList-BEYpNbMe.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"281c99abe6e898c372fdc57fe15d7c0d","sha1":"01b6d3d33231ca4e705f3920f7ede8845123d845","sha256":"818b16dc72ec800e013aa93243936e5089373e7deaad1e178c52ad8d70785108","sha512":"c71686e73134c5260acf221332dd76b9893038a62db99d864a175798f07b1f65a452ddd70fc6ca3a1e6b55edca62eb5be5df6265fb8366f9695cd5d059de8f7e","ssdeep":"","tlshash":"90e06167655791b700552cd8a23c741369b1c7a83346d6c0e00d1f5d1bb4487ad5eac9","size":401,"data":"","first_seen":"2026-05-04T08:58:09.559281Z","last_seen":"2026-05-04T09:00:42.129631Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/provide-wn3gcSia.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"294513d785ffd391a84e326f4f595cb3","sha1":"1123b285c8e7bd82f15d9b5c5b806019df5a4333","sha256":"1b17073fa327d0723c2079a95a214e0198004f5d9c1df8c5257926415e552ce6","sha512":"18cdc7e106f7f771cb436bf7eae93a6dea50b53d812dfa6d93fdf023460fb04c230d7c61878f88afdb868588e0653ac4995bf1b03dcf16dba991baf9e2acf2c0","ssdeep":"","tlshash":"e5c02b3f19c06170c5032c8749adfd028538b46d3ec4918060450e9327b80ee9e5de49","size":142,"data":"","first_seen":"2026-05-04T08:58:09.570759Z","last_seen":"2026-05-04T09:00:42.126807Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/TopNavBar-BZDqHTrm.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"01eebcbc87f24a07e633e24a5c1b50b8","sha1":"595a87af31a95ca4822688c1b713c5fd6d8b5082","sha256":"9a42a19afb42803a50df6601ba1f5370356fb6ee4a33e8454a49a68aa5835f87","sha512":"39ac79de233011e71e1efb8fe3128dde5fb510c5e73d69b5b3ede92192ccf88e5a7072dedabf1f4f6a41a7f408afd65dc41808acdd6947b421c5f46d13ae6f3b","ssdeep":"96:Z/JUGz4tviKUoc1G1pNPAdT5ZzhT4n5AagJT+ZOqjg9gZb4Gmkliy6TO:ZyGz4h1tAiPIvunfyTBKeob4GqPTO","tlshash":"f8b15cac5130897477276824ed2ccd143f7e22edeb5646c1a0bf4b35a785cb1e515338","size":5141,"data":"","first_seen":"2026-05-04T08:58:09.538593Z","last_seen":"2026-05-04T09:00:42.141662Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/chip-M8M-weOK.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"9bb25de8e0123654beb26eb2b0163a05","sha1":"dabea460fbc898f2a0a696aa2878950276b2b49c","sha256":"56b00db90c05dd2629eea68fea7fe6af4bb92888795bac910970c9d688657965","sha512":"d60cf75f75022b05301fcc35c383b87a14998f92965302a51f0fca3f65b91b18b8988fe8b8ac2dc4f12897efa640a11f3bd8f5e9b165f822b49d331a23712017","ssdeep":"","tlshash":"1331769dbc82e232357b885e401517027b391eccf4389fc3daf2953e29d1849b64bb15","size":1764,"data":"","first_seen":"2026-05-04T08:58:09.598036Z","last_seen":"2026-05-04T09:00:42.137987Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/useCurrencyType-CJWjRXuk.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"eea9773b482716c732610ec523e323b7","sha1":"fa89547bbfe2f63fcc47b7d4d0a4fa75f551f705","sha256":"dc5e3a821dc7cabc85f764a8ec37cea39bd62f67755d2dd8695e05d6458f5d3e","sha512":"25320c8f252f233998bb846ef2ede0bab35df6a4857ac9b3a6282a3206b8058af4b484e96a3684fe6a389ae318b4c0be81d4b718aeb969711b2619044726f2a5","ssdeep":"","tlshash":"46f0a34b7216f2bf42017cac911034765b75839423a1d7e0d18f0f1b563708e511ee6d","size":438,"data":"","first_seen":"2026-05-04T08:58:09.600041Z","last_seen":"2026-05-04T09:00:42.157931Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/CommonEnums-DWIwllum.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"ea55104e22e81cf41dda2bf3b2b4a6b5","sha1":"98175d95318be3f46a4986f24f4f05c7a456c231","sha256":"e117656c983c9ede380daa5709252c1ff96f77e0d6125108a539278b27407ac1","sha512":"4900c6139f277087c0c8df858960e934bf4289cc2fd7a4ff38db111715c77fa4fac8a51edab83c0c736b658af6ee5b3b1c7b0bcc2f65b32249989b983a1aaaf4","ssdeep":"","tlshash":"0931c042bc267e74d04deb2cf42d395791ddb3cb89a823405fed6a3190c9ba45514ce7","size":1579,"data":"","first_seen":"2025-07-01T14:24:46.954203Z","last_seen":"2026-06-01T00:01:49.949027Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/index-BgfhDPph.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"285abc09e5583615c53749ea7df64e50","sha1":"02d6f1d7ccefacb29307dc63fd7c4a23d50e94e5","sha256":"7432d1e2a1a51f00b08555100a899f40ab963b5ac82828f9e1247ecab8ae2c56","sha512":"f803eee71751c2e5932057264e9afdf7704b22b786c5e613c8b865841a29c0d7cfb13301632b774911fc5e56534259d3fbe75e8a21928720486f4f9a5c2e39e6","ssdeep":"","tlshash":"bdd02b9e445bc27710081b576d064f239c2a8a1631350a79320e181b471dc89600ad9c","size":274,"data":"","first_seen":"2026-05-04T08:58:09.548765Z","last_seen":"2026-05-04T09:00:42.15846Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/formDetails-DeSED_a9.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"f9484bfda8540a29534f7c249ccad35c","sha1":"aa0231454887311087e6e26e8dc6a95d8b31683f","sha256":"651174ba8e9e7ba2aa5b055bb42f9da2897444882a8bf518ba1131ce1e1ab9c0","sha512":"21ff44e87f4c559d4771ed34b26539dc71e9908cb0cbf3bb0948c9feadda20c67e42d575ca28dc5bef2a27681c804cc7b309c5312ce7961b03ea1af761203d46","ssdeep":"","tlshash":"933132087c94effe60ab08a5742d3a05b2772e1c6078b0e1b38ce6e91b01593562f711","size":1686,"data":"","first_seen":"2026-05-04T08:58:09.563926Z","last_seen":"2026-05-04T09:00:42.136114Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/space-Dzk4V_ze.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"e8e560ba38b2d17213ab683b98f9f096","sha1":"3a3f450e32b7ba370fe9d81c2f1a8380c5a637d6","sha256":"11625b752da846a465c99da6ef685d6cd4bcfe706167f34a97c818eb00ed26a1","sha512":"04d346d1aede8c3be168113f2faba004deaf38186d13c94dc40cd45c48ddbdd71dd86697e125445c590a6f9154ffb36f7ac15c7f6208b6082c208322a33a235c","ssdeep":"192:SAF8Rw1Ekdirgd7Onx2bYLAsH7uflSivBMwJfnA6XTuO38/5B9YQuyH:BFL1Ekdikcnx2bY0sHifljLJfTXTuO3O","tlshash":"f23209c834ae69530d6b869d30eb5102a734339ecc9925e1815a4e2d2fd9c4463bebbd","size":11084,"data":"","first_seen":"2026-05-04T08:58:09.602625Z","last_seen":"2026-05-04T09:00:42.147668Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/OptionSfc-B-mh0p36.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"24110eff19ec164f4a421b21ac291850","sha1":"be5ceae1d0bf288bd8959ad80c370dcd1177e247","sha256":"19129c099f79f9081729ac411b22863243aed71c6ee547f78d027d4ab8104eee","sha512":"1b9f5a92ac25d2c83799e5c6ab1156cbbb3e283215478b6b64645328b9e6e4a136f4d55b386813b96e55168fbf0801a3aebae51a8450c9ae664cca388d6b1057","ssdeep":"768:4sgcyaZHUJ8tu5K4iJK28t7MzX+ZKYY8pVOXUAa21FAYHvHZ63e1Vu3Y6xdZAz1p:4qZq8tu84iJK28t7MzX+ZKOVOeY43KVl","tlshash":"84133c8c34597673467f85f6909f040ab3321759900c95a0a26edb9d3deac68d2bbf3c","size":44569,"data":"","first_seen":"2026-05-04T08:58:09.53321Z","last_seen":"2026-05-04T09:00:42.140535Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/ripple-CQQt-rVd.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"ccb3ea18aa8110a068210135c6c1b2af","sha1":"77b424a8fc8070ca262d3b486e70919f16d39e00","sha256":"01c56537322008b6e5fe17bb35f41aefdacfae83d79dde8593bc3c86a1e06d17","sha512":"586cf19f8a90394c80a513e57962375baadaf85efe9bb2779725d7acde40f121564245a7d4904c10764611f3afca48ae74636853336e6bc6fd6fd01526b48bd1","ssdeep":"","tlshash":"de7176e55b112e7432e6aacbb2f6e301b3390189a0e65490307fce7037b5de6529d4b6","size":3692,"data":"","first_seen":"2026-05-04T08:58:09.555125Z","last_seen":"2026-05-04T09:00:42.133178Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/index-eYwX1BVN.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"f5c0b90514c474de0b65e01d4007a40a","sha1":"85da9155aa79a2831b76991c366507072025569b","sha256":"ad1742c5d663891cfe93a144c739aa22d9a4164c68aee14cbaa4e545f08ee9d8","sha512":"658a13d780b0f5d6280cb02457c6b767f77cab1375f304f78c8912e4e9d609e3e8441b3b17b79aaa9c38f4d9b34d1a09dc5380771af1d01437b8382b4b1af74d","ssdeep":"","tlshash":"79116ddd422f92b643041b7357451b72612a861036359ebae61e2d176b6fc81f417fc8","size":1076,"data":"","first_seen":"2026-05-04T08:58:09.578052Z","last_seen":"2026-05-04T09:00:42.13261Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/useUserDetails-DhUnoleY.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"693cd5fc5553ee5cef7f178577a79372","sha1":"5293fab701de9023e5ee9b468254094d62ec09f4","sha256":"d4af6eef846c1514760b575c4d995f9334866ec5b39e825326c22f49609fd878","sha512":"3157c9f9a8619584f1f303b386f67a3b5269c55ec6ed89b75f9e5fa135657f8d4ca1a18776baec4b688ce3f002039a977726730509876c2b0d4ceeb9a3759b4f","ssdeep":"","tlshash":"0cf0c03bec51d3b2c35c9d845621201712bcab913394d3c1a34e0b19363d88e676be4e","size":550,"data":"","first_seen":"2026-05-04T08:58:09.540302Z","last_seen":"2026-05-04T09:00:42.139915Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/popup-a-rrNNWE.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"921c5debdba9cc32389fb363642de1d5","sha1":"760794631144a3c3bb427be242381ac377182ed2","sha256":"a8f54d42ff9646c882a7855f5c8c70f049127b74ae298f51145640da12676520","sha512":"eb6eff02107d85c931fe6939eca7c3a17feabbfa6d21539c3b196b607fbace610f6929056a936342262519bd5a2e0aa4ce6cf97287ec1550fc365158879f4220","ssdeep":"","tlshash":"9061a769b85bb3fad19744b99015144267348eccce365fc1e265fa7031e4888125ef7f","size":3196,"data":"","first_seen":"2026-05-04T08:58:09.541734Z","last_seen":"2026-05-04T09:00:42.125508Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/index-DRtma1RG.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"f8b45b3fad182fe73dd720f7033f1a77","sha1":"821b91c50d30a630ba2a12080a5356965458e536","sha256":"e18be78e0b145809835f0f8f7455914ae0f776aefc1a48933e60c705d968df52","sha512":"b6bf0f8c3be1a3afbf7157fc8b39b9f28e20eda67bf3e3256cd3c075ff7116ad599b9dfa8c7e282b1a94d5ce13ddc9c247951882379a5bf1d57bb62ae8c70f67","ssdeep":"192:yhDnGjlJ0pA/DFgtstu2gIcMuMdLSDdtbLSn:8qlJ0ygtstluMMd5LSn","tlshash":"5d1271e8b291b5f24be770b8503fa10bf2769864a08d9440d26dd4f0bdb899d0473f39","size":9762,"data":"","first_seen":"2026-05-04T08:58:09.571654Z","last_seen":"2026-05-04T09:00:42.126171Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/elevation-l0sNRNKZ.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"68b329da9893e34099c7d8ad5cb9c940","sha1":"adc83b19e793491b1c6ea0fd8b46cd9f32e592fc","sha256":"01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b","sha512":"be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09","ssdeep":"","tlshash":"c700000000000000c00000300000000030300000000000000000000000000000000000","size":1,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-06-07T19:30:29.083606Z","times_seen":213532,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/button-BRRKRYaa.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"735d9b04aa8aab5e489b6962e63bf52d","sha1":"d1ff55628212f915c6f116efd6b4f04435dd6e09","sha256":"f0c968f0c915a29be76b47a9ca1c8d409b71c80235f5bff988b99761040382f9","sha512":"303823021b7b8e019a3b2915653f38614b2517bf92bea9e0e69858cb4a2f61925de86aaa4384494cc2f7cb1005b3dd13a2538adfefa1ba42f62b2bf6a1848805","ssdeep":"96:Kw0inMsswmpm2XLSTVdwSgWFeLS0Xy3XHT:Kw0eMHteTVdwSgIPHT","tlshash":"d891fa0e7c1ba07f7eb344c8a05e0445db3097afd0789ad4f3955b395aca408726cb27","size":4393,"data":"","first_seen":"2026-05-04T08:58:09.584208Z","last_seen":"2026-05-04T09:00:42.134383Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/common-dialog.vue_vue_type_script_setup_true_lang-DNoAHc98.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"08dfbd96301863d25f6daa49286dff22","sha1":"5cd508a524022c7b555073fa09f9ac4179f22778","sha256":"d89328b5dd3dd0f8081dd603cd5d27af5e079ee8d17c73f81a06db2b27aef80d","sha512":"49696d1b72d3dc9cb13c3b6125850bb8ede83173e41b17bb11f736c75fdca640b0231c576447f6d7aade572acd308580b47a3abf4e1efefc0e115e2353f7eb2c","ssdeep":"48:GlXtCPl1dJWY4p0EoUpA8VxVyes7akaw22eFVjCYAGxrxMsVrlAbiAei9nEh:GldCPrWY4ptoUu8TL/X2eFVWmxPXGs","tlshash":"9b91fc41349650a6a7f5fe6c00252dc9c5c493dad2b28ce0359acb237bf2de59bc2886","size":4475,"data":"","first_seen":"2026-05-04T08:58:09.537648Z","last_seen":"2026-05-04T09:00:42.135001Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"cd7a34e714de94d5c29b8ac5acdde24b","sha1":"b722bccb435490630d97ef88cafeb02d92f70fd0","sha256":"312ebfdc50a0e168cff60c206811b02e944263a7d9060c2685509dacfacd7f71","sha512":"a724bc648a508c24e5bb1788e1f02b47030893bbb0b80a99e380d95480095983a35d8ec11193c53f0a67db47a289ab608fcbc9dbca846bfdd5d61a8832290f43","ssdeep":"","tlshash":"58e07d48ff28c7f316ce28ab516e770858d104d58c1b58024cebccc86935ed87291527","size":314,"data":"","first_seen":"2023-03-11T11:23:25Z","last_seen":"2026-06-07T19:32:58.90518Z","times_seen":36407,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/hoverOverlay-l0sNRNKZ.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"68b329da9893e34099c7d8ad5cb9c940","sha1":"adc83b19e793491b1c6ea0fd8b46cd9f32e592fc","sha256":"01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b","sha512":"be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09","ssdeep":"","tlshash":"c700000000000000c00000300000000030300000000000000000000000000000000000","size":1,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-06-07T19:30:29.083606Z","times_seen":213532,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/index-BEYGIRmU.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e9a51c87c6313234a9d06ec872578694","sha1":"c9f8bf5e4fbb1e86da3cd27e3769bf3e78a58ec9","sha256":"b109f1f31cec463a43297c5e283438c49d60372e89b68fd0ca7771bdc69008f5","sha512":"e9f9d5b0d01b483faef0fc5cf5dcaac5c102336bcf99b16a123b6627eb3a67f36c566847f341e8b0ef817687eab170a9a9be8a8197ca03b831c0c1036ff381d2","ssdeep":"24576:vBRotUkutfiS/JbOACp5DLB7krBI4gkIMsDo5u5zKPZNUlx4MT4ERE3z74V7j:vBRotUkutfiS/JbOACp5DLB7krBI4gk4","tlshash":"0c158d29add9313d4aa203c4b2531a77f2acb014b548c891e5ddc7bd21dae8cd17ea7c","size":899521,"data":"","first_seen":"2026-05-04T08:58:09.621903Z","last_seen":"2026-05-04T09:00:42.157364Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/badge-Do0PY6zV.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"aecd9f866e1e0be2ba02eaa24eb85f43","sha1":"e0b340cb061735f7a33641ebce82499472195caf","sha256":"842fc359500d201517e70f0a373cbac806495994213007304931ae055c16e947","sha512":"aa9f794cd12be4651275a2779c05c23850fcee6307279b645702db82d3c1dcaf140230476850c0692c55118c71472fe86e431320b53465e92adae38db3cbe308","ssdeep":"","tlshash":"2e41339c7401eab707a785c5512d1500b3241a9ddcb8a6d6a3df9d782fab406304f765","size":2016,"data":"","first_seen":"2026-05-04T08:58:09.596179Z","last_seen":"2026-05-04T09:00:42.133754Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/index-COJZw4LS.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"d88307669f1692489cafefb909445cf6","sha1":"0385f1c739ed7948c2db3e5c5bebadd61199a0da","sha256":"083eff654f3fa0e837063d83131eec543daaebaf48778f971ea25a053fc496f3","sha512":"e741f5d538c899eeb542e0569ced1dbacef5e56d261269c0a004b7569c6780135e55a3ae06d2d26b1e35757ccaef1f903151cae9143d0e598df042f6acfd73c1","ssdeep":"","tlshash":"ea4125185c059f3af4a740d50628550937380f8cb1b542dda7f6853c7b82e97adf8759","size":2059,"data":"","first_seen":"2026-05-04T08:58:09.594987Z","last_seen":"2026-05-04T09:00:42.151447Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/index-DyPrblxI.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"2e0e64dfe193a2ae8da0aa341552e6e3","sha1":"5863c65f61e43b11c1092c91971667ba33e8c501","sha256":"06900f192febdf7dd86b85c01753ff4531b88a9cd884974b184291f658f4e17a","sha512":"d9b2bd3e438b6f11adc5fbe15cb773de4e291b2c24a0d1c843f6666778427eec6ef95e0d11693f395a205759df965d7818bfedb96c040f02e6a11eac83ed81dd","ssdeep":"","tlshash":"8f41cbcd7bc1ac38a6b609e0956f217a23a71643e57c80c4b638bcd53c1987887a7d2d","size":1979,"data":"","first_seen":"2026-05-04T08:58:09.615927Z","last_seen":"2026-05-04T09:00:42.139169Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/index-Bl8TdkM2.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"c9e2f874f500ce76cbeb1f51136f0dba","sha1":"48d1e62bc0926d8e65975f5af66e68884b67a9ff","sha256":"2c96a129b34ae7a9d8d12c74550d9b30fbeb51079e1be0c50988ede3ad67bf8d","sha512":"3683efb548efeb0ede1ae0e602c20096b1ab625c8fdafbb27a582f19475d39b523e82a5efaf67ab9dff6cbbb85f95380786f77a519b549bc11f58392f4401584","ssdeep":"1536:TILqFhiSFoHI1tEalHFjSF9J/ibNtkI0tdQu:TILqDiczEalHFuF9VASdQu","tlshash":"5963f7d47ad1b07643da22e0401f4406f23c5a35b49c94e0f698e9fb79fa50a8667f3e","size":69237,"data":"","first_seen":"2026-05-04T08:58:09.612936Z","last_seen":"2026-05-04T09:00:42.142945Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/index-RI4O5uHh.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0bd7c677fd55c9f844e45f852c9095b9","sha1":"3a0b91683399bc65cf2084ed1ba1690949f85800","sha256":"d27e13281d3d72288ecadf52088799b7b2ddf8158c0aa88ad280dea3e840f768","sha512":"eab78fdbe9517e5eec6bce7fbddf2564c69e11a40e9034c4888178a2fac2c13e9ac9d8ad0ae3f7b7483f2a06ee5324124a7d42e5967997f1421618fbc23a4c2d","ssdeep":"96:Ps1JcRslAxTjHIUYYbsWvFVPbUyW0ylIqXdgbFClXTqj4:KcGexTjIUVsW9VPAP0ylIqXdgbFClDO4","tlshash":"5cc1950c78294bbab56754f8e042c810a41d1baec695c471f1ed8e223fd2ef69a5933c","size":5967,"data":"","first_seen":"2026-05-04T08:58:09.53193Z","last_seen":"2026-05-04T09:00:42.144798Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/index-DrRPUsqS.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"c9a65a9b5bae235fa7a20e77c11f3b72","sha1":"68729c8a032d81e5264d57b2115d3bb6f519feab","sha256":"1e492bb3eb7a564d2c8d5294746d81f9c7ea09cdd324f05346a16cf7518ceb04","sha512":"7cca8d0076479f98b82bbf325927ad4cafcb71bd5f831902a73353893a70fe13a96256781b3291de9816424789e599b4930edafa131e4d43ab6cc92339454eb0","ssdeep":"192:yXlu0POMEpULy+gyzvhrvBIAtoWF7545L:Eu0PQQJd2WF75m","tlshash":"43d1e82c936543be9d2b445cea717432522ea2eebb204594f3fe4033b752d60d8da6dc","size":6431,"data":"","first_seen":"2026-05-04T08:58:09.561845Z","last_seen":"2026-05-04T09:00:42.131404Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/OpenChat-C1SCj8rC.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"1d52594c3c1c131a42ba5f069521fc94","sha1":"511a81b35074911dc4edac2ddc2fd51359e6963d","sha256":"4e01bcc1c7a5a5a647d7ecaf08efcd85d056e799eb25b21fb0048322ad2a32be","sha512":"0e6980cb01ff2b060df688f9cd4275cfe7a4acfa44fd9d48dd8e8175780569523f9f025822fdbb8e351a0257db23a6cb4e514fc8a2d0c09ee28cc80c94b6394f","ssdeep":"768:0SMcAPGQJHWvU7J3rgBW/8QcB4Ur14i+7RB6hJg4tNqJFVsfk7f:LAUU7d7+6Uh4i+7RB8J1tNqJwu","tlshash":"7b23f8dcb287b069937354b9047f6047b23a3c61681d8952e437c9853cb9e6e813bfb9","size":46672,"data":"","first_seen":"2026-05-04T08:58:09.574369Z","last_seen":"2026-05-04T09:00:42.127422Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/icon-D0afa0aR.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"087032efbb973d80fccfcf3ae16b1429","sha1":"cd03c836994dc1ac19829f48ac6f529f10aa57ca","sha256":"3c6642910c3c6f6be3213108b9a72de4afa0e555b97350b60edff979ed3b56dc","sha512":"27335735638119e1df3913306531c4d5e401045d00bda65f09659bbce8d8d2cb0e2d29651cb2444895776bf2e080b6759a29cac564c8dd2c0ba3e66448b00674","ssdeep":"","tlshash":"6131561c3905d9b7277f0954904bab061338458df96086fbfb32de352712818eaaaf67","size":1629,"data":"","first_seen":"2026-05-04T08:58:09.620547Z","last_seen":"2026-05-04T09:00:42.128993Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/Footer.vue_vue_type_script_setup_true_lang-CJ5lkL5V.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"b8cdb023f787795940e22f38e616e7e6","sha1":"9e29764806a3daefe0c59ec883675b200385679c","sha256":"df02c57352d381392d2e7c444cc155d2f094abbb753afd923ababaeedc4378fc","sha512":"30b4c0a3e5f4ec1268c355d799568ed7d106eff827eea7347084920efbe88f1ca4144325b23925380c183e59a0bc0c6150913a95665b35d9be36a26392c99e7e","ssdeep":"","tlshash":"2ae0c04c8845ebfc128604bc171e501056080719b368c052a25c9d769bd603bd11b931","size":367,"data":"","first_seen":"2026-05-04T08:58:09.569828Z","last_seen":"2026-05-04T09:00:42.137367Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/home-BiBL-sEQ.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2ac922d30893623dd27feedb13729c2c","sha1":"54fd035660da623efcc562151084e298431df4ba","sha256":"d48ae3e8119d11dc3b625eedfe01b38712c61818ab40952a9537979b4123bd7e","sha512":"8f77f7f9b70e13b6714afbc98f479f81fc702ef66c7aab4ce1454b25f2d513799f71149335cea916d7d11bb794cb338d169ee24473e759000ef9c4afca0d668a","ssdeep":"12288:fGr/Jvqg9qGJ3p7ZnXqC4MFz1+3sa1qeBmjovThl+45G2oA2JNF4:fqx9qGJ3p7Br11ysa1qBovTj+o2JNF4","tlshash":"cd055cd43285603742da90a6907a430073799d697808c5acfa7deedb2de9e04b17ff78","size":865246,"data":"","first_seen":"2026-05-04T08:58:09.622787Z","last_seen":"2026-05-04T09:00:42.152602Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/common-button.vue_vue_type_script_setup_true_lang-BEkc2Csi.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"f5d23d03aabfc1d8ffa6d0d4b5931490","sha1":"f68a4222c3c77c1ddcb72e267ea0b16421c5e4a4","sha256":"a2f872e39a932f30743e08374201340abc11956b2fe0b93396243edc4005baaf","sha512":"f8deb1e22e2f55996ff859e44ec95e901eeed9c93b51aa82c0ac812aa0d298d7084ca4957e08cb822be13b806647004783937510342cca75284e9df7b2f478fe","ssdeep":"","tlshash":"6f11ed48f40f9bbf72ab8c5c8a26162096037b8c6830a6fe5a6749329280c0ed54d776","size":998,"data":"","first_seen":"2026-05-04T08:58:09.57339Z","last_seen":"2026-05-04T09:00:42.14232Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/4-DMN2D1JC.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"c090fb93fb24ddd8edbc604b6e2fbf90","sha1":"211c10d2973b139f4b35849853a23745485787fb","sha256":"43f6311004792badc8480479a61a6f861f5e03118ae6e88e74be99e6fcc6d93a","sha512":"e849c8fc9d95b84d8fd39e94e357016f36a31171dfa168b742d21c53a7fc4ea14198e2b33d8219c12b6c10165f793d7da979e99459685786a6be3d7cd21efd65","ssdeep":"","tlshash":"67c02b8c48404420423338a849b3edc1801c3712ed20c3fc8430c08dfd14c01000fc30","size":146,"data":"","first_seen":"2025-07-01T14:24:46.974761Z","last_seen":"2026-06-01T00:01:50.024997Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/provide-7AHU9OSu.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"2f80329a76543f98086a586b3619316b","sha1":"8b6d2b07ad553ebe6ff65dcd6b87375a26a51eb5","sha256":"2670a30f01e8696540e338d91de2d27f198d311bccb1ffec7d7741fa283f6cbc","sha512":"e9778a277bc4749ee1ff5b101f25bb61df08e8e62d10a895e600de2891339e4179eeff2fbf6db608877eeddaabef2ee511fe0b85180e75a80c878941818fb9b6","ssdeep":"","tlshash":"9b11238df98379b1e2291cd1cc7e0c7d993a15647dafa4c24015fe15aca0899939fe0c","size":882,"data":"","first_seen":"2026-05-04T08:58:09.567787Z","last_seen":"2026-05-04T09:00:42.149427Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/iconify-CBhu5shA.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"6da187bc94d2b1bdfdb1a2946a1fee2a","sha1":"fc36958fd06047eb1a7bcb89ba4d4d90a3b21a69","sha256":"947b6353cdc992dc444290783670a8033a9d2e47f2595ff9b1341f701c017d5d","sha512":"f84eb20136810acfcdd22cb7f80cf4e4e0e69b7aeb1c7bc532f29fe6ed2b2c9e57b78f33ac7370ff824226552c44be24bc05b7de5110e9f7702b24c9e022ca55","ssdeep":"384:t76HpAFqSg7w4abiB7hmrMW4fchnYTrk3rqH5Kd5Ge0XFNeceTL8rzaQYMEuQIdu:tcpAFqSgk4abolmp4fchYTrk3rqHO57X","tlshash":"8e92c7f43097702643e008e040ba0906f2196612789ec4c5f29eecbbbc7665d59b7fbd","size":19905,"data":"","first_seen":"2026-05-04T08:58:09.556979Z","last_seen":"2026-05-04T09:00:42.146975Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"528dd01eb509d1fc3c68b48e165c9d77","sha1":"8d702f33d869eb8c53cf75c17014f96385322395","sha256":"b508dff20bdbd9138e31aa48c45bc501805e509d2fd4709b39c4a60cd5c6b43a","sha512":"4c1edeec560f431005363ff5291acc80c1c42edf7c9a6d6e4fde2f7539b6a35a8e36f0bc228503263277bf5df4525dc579575faadca614c32e5dfa885a2d343b","ssdeep":"","tlshash":"78a012bb71b851710cd51ba7a40455e01c20123105052c101c8d5151c011c171d394c0","size":84,"data":"","first_seen":"2023-04-07T06:55:59Z","last_seen":"2026-06-07T19:32:58.905645Z","times_seen":38708,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"ptdufrain.com/assets/index-DKa3v8JK.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:34.965Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/index-DKa3v8JK.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/assets/index-DBQDCAf-.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:34 GMT\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Mon, 04 May 2026 20:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\nage: 0\r\ncf-cache-status: HIT\r\netag: W/\"69f07c02-76\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1glhAUNujZInJFfQWDiAWvk1K%2BYnIVvDpUV3gghT014B%2BkFzfnbdwdgxcQ4eFx%2BBUg6yoPXsILBg%2FLTOKehFf0IwkE0oNUQYk7ghAgNbIqfdDhwbYhJpZ4%2Bsam%2Fl18QK\"}]}\r\ncf-ray: 9f664c79789256bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":118,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text","md5":"d1c97b6e2ba46a1776a099ca5803bc6f","sha1":"bf1a9b4aa0e8a9c23a3bccd7816bfee2e090315d","sha256":"130115448f48e432f31bc2c333c6f916a6dd8b65a7e3afc5677d21c4bdd3e83d","sha512":"23122c80d81b32335aa2f08b937982a0331856d16eef408fb1b64ded2ff3bdda4ee3145d61ebaa3dd4cfa412399ce4f3b473a01d1ddb945428f2bc699c44b847","ssdeep":"","tlshash":"fbb092a74cb161b0008009c823185e92c83195bc37a682814699ca6a82986a75eaca24","first_seen":"2026-05-04T08:58:09.528833Z","last_seen":"2026-05-04T09:00:42.128217Z","times_seen":2,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/app-api/member/content-carouse/list/3","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.732Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /app-api/member/content-carouse/list/3 HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ntenant-id: 1\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ntrace-id: \r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate, no-cache, no-cache\r\npragma: no-cache\r\nexpires: 0\r\nx-cache: MISS, MISS\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wqvEy0xu0EyCgj6cZvx%2FIQ2IEkckTpxjOWga9BH0%2BUx%2BHYHHdNlrFOfdPLsU9%2F%2F%2BOC5WfzbyWk%2BbveL1V1l95IKXtzuvgX7UvV1hPbqv2y88K8LMx%2BrQ9xvJyNAtJ7AWgz%2B5kRO%2BUL7UkQ%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=3,i=?0\r\ncf-ray: 9f664c7e591456bd-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":200,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"4a0b4097bb6354ecd575167524815ca3","sha1":"516a9ad14dcacf053f89b9ecf1aaf1d24fbb9346","sha256":"97c7d2db08e33979abd5d00ee8cf16584b0513e10775b1d1c34380d7b5599eaf","sha512":"84b49e3f08b020d3e8e40a4da8aa3db963ee15e497882ba824c312b602eb5600c002cc6110c3ab249f84f6ffa2698e56ba7e0960e3325324e0ae0828c83b0c80","ssdeep":"","tlshash":"53d022aa04e54e021f4102938ac7a88bd1092c2f0c018191d8eb2f2cc2566a4321e09a","first_seen":"2026-05-04T08:58:09.529846Z","last_seen":"2026-05-04T09:00:42.144193Z","times_seen":2,"resource_available":false,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/app-api/member/content-carouse/list","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.741Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /app-api/member/content-carouse/list HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ntenant-id: 1\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ntrace-id: \r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate, no-cache, no-cache\r\npragma: no-cache\r\nexpires: 0\r\nx-cache: MISS, MISS\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=x%2Bt27B9%2F%2BZU2Uao15dKOprWxadoNNyZ6G8gVYiL%2FSBvXbENGDMcr3apMn2IsLUm763ECPh9Z7AlnmFiH5j%2BuwPqydVuBB0CkLXbEz98QIDGor5cDhucx0WyNB7X1c7xV%2B9sPnIFDeRj%2FzQ%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=3,i=?0\r\ncf-ray: 9f664c7e691656bd-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":863,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"d7a86d81ef395a9ee8ee0fe81ed44819","sha1":"85cefafaf70a42c4780f37e418406e58ba34b166","sha256":"40d0f0fe40eb4f035a3b08473794f61a68e0c57742d5025adee229a230d7c7df","sha512":"01c2a364ed6af657c162fe232c3cc610c037bbafacf8273d795bd699ce95c05342a35f5df8503d1aaabea8fe0f2e43571283138d7210b86eaa3bb2e1c8b19c70","ssdeep":"","tlshash":"0111ef9b12d25d596fc642d28dc77889e44c2c1f4d22c5d2d9d72f2cc45a2b5a20e06f","first_seen":"2026-05-04T08:58:09.530956Z","last_seen":"2026-06-01T00:01:49.973779Z","times_seen":3,"resource_available":false,"data":null}},"time_used":58,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":58,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/index-RI4O5uHh.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.848Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/index-RI4O5uHh.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ptdufrain.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-174f\"\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jJppsUHnlWbZeK%2FKNojZaHTc%2Brt9iiovnKsSNMSo9vrpY5uykYjGv4JcLVuKrXFD2GYtS86YQaa67QIwv%2FSSjRQd351dcPNQFONaOazgdxGF%2F8FA6MzKrrKwSPYX8WTb\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c7ef92256bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5967,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (5966)","md5":"0bd7c677fd55c9f844e45f852c9095b9","sha1":"3a0b91683399bc65cf2084ed1ba1690949f85800","sha256":"d27e13281d3d72288ecadf52088799b7b2ddf8158c0aa88ad280dea3e840f768","sha512":"eab78fdbe9517e5eec6bce7fbddf2564c69e11a40e9034c4888178a2fac2c13e9ac9d8ad0ae3f7b7483f2a06ee5324124a7d42e5967997f1421618fbc23a4c2d","ssdeep":"96:Ps1JcRslAxTjHIUYYbsWvFVPbUyW0ylIqXdgbFClXTqj4:KcGexTjIUVsW9VPAP0ylIqXdgbFClDO4","tlshash":"5cc1950c78294bbab56754f8e042c810a41d1baec695c471f1ed8e223fd2ef69a5933c","first_seen":"2026-05-04T08:58:09.53193Z","last_seen":"2026-05-04T09:00:42.144798Z","times_seen":2,"resource_available":true,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":104,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/OptionSfc-B-mh0p36.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.860Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/OptionSfc-B-mh0p36.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ptdufrain.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-ae19\"\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ReLJRV4pzgSvhKKDz29saPpIgwDqJ%2Fou%2B7z3pR1J9q1j1jFErJj3qsoPUfYC5Uyo3S7gdbEx64tjy0VCSnNAw%2FuM7WLrY29FORDdisVMovnwXc0Ju%2FhWLxRd542bQP1e\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c7f192a56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":44569,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (44568)","md5":"24110eff19ec164f4a421b21ac291850","sha1":"be5ceae1d0bf288bd8959ad80c370dcd1177e247","sha256":"19129c099f79f9081729ac411b22863243aed71c6ee547f78d027d4ab8104eee","sha512":"1b9f5a92ac25d2c83799e5c6ab1156cbbb3e283215478b6b64645328b9e6e4a136f4d55b386813b96e55168fbf0801a3aebae51a8450c9ae664cca388d6b1057","ssdeep":"768:4sgcyaZHUJ8tu5K4iJK28t7MzX+ZKYY8pVOXUAa21FAYHvHZ63e1Vu3Y6xdZAz1p:4qZq8tu84iJK28t7MzX+ZKOVOeY43KVl","tlshash":"84133c8c34597673467f85f6909f040ab3321759900c95a0a26edb9d3deac68d2bbf3c","first_seen":"2026-05-04T08:58:09.53321Z","last_seen":"2026-05-04T09:00:42.140535Z","times_seen":2,"resource_available":true,"data":null}},"time_used":69,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":69,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/common-dialog.vue_vue_type_script_setup_true_lang-DNoAHc98.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.154Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/common-dialog.vue_vue_type_script_setup_true_lang-DNoAHc98.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ptdufrain.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-117b\"\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kstdcoX%2B6lwlw%2F6P40LKJMviI0UlsnAixVvi1Bo5UA0cCeWGDrAciE7CtWJsLqws%2Bl3CBKg%2FXsi3G4TDdF9%2Fi%2FeHaycMJx2x4ZBE%2FUpd2IF8b%2FqPnI4Q%2Br6WpGpsRylP\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c7a98a956bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4475,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (4474)","md5":"08dfbd96301863d25f6daa49286dff22","sha1":"5cd508a524022c7b555073fa09f9ac4179f22778","sha256":"d89328b5dd3dd0f8081dd603cd5d27af5e079ee8d17c73f81a06db2b27aef80d","sha512":"49696d1b72d3dc9cb13c3b6125850bb8ede83173e41b17bb11f736c75fdca640b0231c576447f6d7aade572acd308580b47a3abf4e1efefc0e115e2353f7eb2c","ssdeep":"48:GlXtCPl1dJWY4p0EoUpA8VxVyes7akaw22eFVjCYAGxrxMsVrlAbiAei9nEh:GldCPrWY4ptoUu8TL/X2eFVWmxPXGs","tlshash":"9b91fc41349650a6a7f5fe6c00252dc9c5c493dad2b28ce0359acb237bf2de59bc2886","first_seen":"2026-05-04T08:58:09.537648Z","last_seen":"2026-05-04T09:00:42.135001Z","times_seen":2,"resource_available":true,"data":null}},"time_used":110,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":110,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/TopNavBar-BZDqHTrm.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.167Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/TopNavBar-BZDqHTrm.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ptdufrain.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-1415\"\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lSJ65WHun%2FeXSaaiUew2OWvao%2F0jK9uDgdrimsZ54c5nfCnIHq%2BidPyJ8foZu8zlqih8mmXr6fM6kktml6JWcE7yW4MECTpMQ6Osa6P3vlnU32aDw3rse8z4H5oSb16j\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c7aa8af56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5141,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (5140)","md5":"01eebcbc87f24a07e633e24a5c1b50b8","sha1":"595a87af31a95ca4822688c1b713c5fd6d8b5082","sha256":"9a42a19afb42803a50df6601ba1f5370356fb6ee4a33e8454a49a68aa5835f87","sha512":"39ac79de233011e71e1efb8fe3128dde5fb510c5e73d69b5b3ede92192ccf88e5a7072dedabf1f4f6a41a7f408afd65dc41808acdd6947b421c5f46d13ae6f3b","ssdeep":"96:Z/JUGz4tviKUoc1G1pNPAdT5ZzhT4n5AagJT+ZOqjg9gZb4Gmkliy6TO:ZyGz4h1tAiPIvunfyTBKeob4GqPTO","tlshash":"f8b15cac5130897477276824ed2ccd143f7e22edeb5646c1a0bf4b35a785cb1e515338","first_seen":"2026-05-04T08:58:09.538593Z","last_seen":"2026-05-04T09:00:42.141662Z","times_seen":2,"resource_available":true,"data":null}},"time_used":146,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":145,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/home-BiBL-sEQ.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.172Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/home-BiBL-sEQ.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/assets/index-BEYGIRmU.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-d33de\"\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2KVZrnT%2BlqC%2FfOS%2FNY%2F%2FLOzzrN0K1YWMo1itqhdjp4hNsyRKKTnx1rLNNmPQMBIY3z3GHVi117FK9BjASMw2MHm1CBhTp%2FZlHwLhf%2BGw59%2Fg7s0Id1aGZd1tkEOfDJY4\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c7aa8b356bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":865246,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"3b1527672f73b28d09151ac0ee199b7f","sha1":"0b3f706da68bf3395716a79fca97b0eafc11f929","sha256":"90b8b294e9c1d75ce00738f103260f7d07cb1ef4a07b5e8e419db7fa59ca098b","sha512":"fae51d5b0eb2b557e59d7a235c173e8fb3434bd26eac18e4342cf777f77a3f63417da85e748c68ed65d52930fe24ac6c13d3bad85afc117b2ca14ef6da50d1b8","ssdeep":"12288:fGr/Jvqg9qGJ3p786/VC4MFz10ysa1qeBmjovThl+45G2oA2JNF4:fqx9qGJ3p7K11tsa1qBovTj+o2JNF4","tlshash":"9e055b957285713742da90e6907a03007339dd687808c5acfa7deddb2da8e48b17fb78","first_seen":"2026-05-04T08:58:09.539452Z","last_seen":"2026-05-04T08:58:09.539452Z","times_seen":1,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":83,"receive":95,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/useUserDetails-DhUnoleY.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.462Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/useUserDetails-DhUnoleY.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/assets/home-BiBL-sEQ.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\nage: 0\r\ncf-cache-status: HIT\r\netag: W/\"69f07c02-226\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=D97zXUbbgim0Smiqa3jB1l51LGRGiaWpu1Y8AIlPvpUFbWry6keSfAaC7NOt%2FtBBid%2Fuhm37dBsT2PZOOa3X%2BmEmrd%2FHZvcALRD2%2BEJO54yp2G6ASkV96sHrKyg5BmRv\"}]}\r\ncf-ray: 9f664c7c98c956bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":550,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (533)","md5":"693cd5fc5553ee5cef7f178577a79372","sha1":"5293fab701de9023e5ee9b468254094d62ec09f4","sha256":"d4af6eef846c1514760b575c4d995f9334866ec5b39e825326c22f49609fd878","sha512":"3157c9f9a8619584f1f303b386f67a3b5269c55ec6ed89b75f9e5fa135657f8d4ca1a18776baec4b688ce3f002039a977726730509876c2b0d4ceeb9a3759b4f","ssdeep":"","tlshash":"0cf0c03bec51d3b2c35c9d845621201712bcab913394d3c1a34e0b19363d88e676be4e","first_seen":"2026-05-04T08:58:09.540302Z","last_seen":"2026-05-04T09:00:42.139915Z","times_seen":2,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/popup-a-rrNNWE.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.474Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/popup-a-rrNNWE.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/assets/home-BiBL-sEQ.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-c7c\"\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DG%2Bcv1rt1J%2FxpoYnvVnAV4yLFnkvggQEqVDLb33x%2F0b%2F27WZYI0ma5r5yqRceM3mQ7MjMgcFNJkXl9h5LL3vW3HHYBVGG48Ds5FMYYwZi6C1nGNhu9oxpB33G2NMFIfd\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c7c98db56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3196,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (3195)","md5":"921c5debdba9cc32389fb363642de1d5","sha1":"760794631144a3c3bb427be242381ac377182ed2","sha256":"a8f54d42ff9646c882a7855f5c8c70f049127b74ae298f51145640da12676520","sha512":"eb6eff02107d85c931fe6939eca7c3a17feabbfa6d21539c3b196b607fbace610f6929056a936342262519bd5a2e0aa4ce6cf97287ec1550fc365158879f4220","ssdeep":"","tlshash":"9061a769b85bb3fad19744b99015144267348eccce365fc1e265fa7031e4888125ef7f","first_seen":"2026-05-04T08:58:09.541734Z","last_seen":"2026-05-04T09:00:42.125508Z","times_seen":2,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/0-DEkZBvIr.png","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.600Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/0-DEkZBvIr.png HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-3636\"\r\nexpires: Wed, 03 Jun 2026 08:57:35 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=poFrkaQ3AFzAQZujQon3lfGSOMX7p5UJJdI%2B31aE1nmFQtIrcESj7bFHFmPM3T%2FATkpKAYzilKHDaY8YkUPXTiYvq%2FQ2HL9XwhAxdNITQTSgoh3RFAbLnMm%2B4Bh0fkrG\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c7d890456bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13878,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"5e6fca5cabd272cd6a3b5d12cf8aaef0","sha1":"8a21b50c652ca477ae85d9a8a80fdb394f9ace92","sha256":"da0edcd9519a9bc8d33b7e09eb40f32efafb1150c3e37915db2090ee366607de","sha512":"14aeef6cf59342cf103534f9ffabf47a7ce0bc2991b86b21cb3cbfa8465fab4756584422a4b11558e4333c9f8f5df214e0338833400f58238c1d50e561710307","ssdeep":"384:JklUzf3D7aXOce+oCrZqrsKrsKrsKrsKrsKob29E:JkcHa+j+oCGs8s8s8s8sfbx","tlshash":"94525da1fa04501af2284632e7172f8c9ee843e5a5a0c49dd723b9d0287a1f67d373dd","first_seen":"2025-09-24T16:02:07.750093Z","last_seen":"2026-06-01T00:01:49.953814Z","times_seen":7,"resource_available":false,"data":null}},"time_used":131,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":131,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/app-api/member/notify/unread","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.730Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /app-api/member/notify/unread HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ntenant-id: 1\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ntrace-id: \r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate, no-cache, no-cache\r\npragma: no-cache\r\nexpires: 0\r\nx-cache: MISS, MISS\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xQRwZdKS23jKSYk8XvxFWtuor8q9tZeDWFUq%2F%2FTOmBvwdKCnYXn4hth2nCSUzahZXP7K7PQs6OLUkLe2%2FYvkT02OngNh1xB91QngOqCuRNayvQwqgH1Cl9lszLgrjFPR1O9VE8Xr9dEqlQ%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=3,i=?0\r\ncf-ray: 9f664c7e591356bd-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":42,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"f1357eba0057d63c83b1307eec846cbf","sha1":"759f2e835901044ff360ef0ddb87557ddf8db1e0","sha256":"b3a06fa0ef702ce7c8e25b62f03582c52d029d3b04c242de653ee000bf6606d1","sha512":"9089d29d13fdc142d6947ecc27540ce9971bd64d3d83fb0e0c8733ad4c9f49e442bec021db8858985746653fdfed6997e625a3bfa13520151388780539165851","ssdeep":"","tlshash":"849004057d0c0417155743dc000dff04401f314344010f114d5cd73170554f4f450434","first_seen":"2025-09-24T16:02:07.717019Z","last_seen":"2026-06-01T00:01:49.959433Z","times_seen":9,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":59,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/app-api/member/notice/bulletin?lang=pt-PT","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.749Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /app-api/member/notice/bulletin?lang=pt-PT HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ntenant-id: 1\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ntrace-id: \r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate, no-cache, no-cache\r\npragma: no-cache\r\nexpires: 0\r\nx-cache: MISS, MISS\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QDarmHUN%2BpKo9LD7HisgT3knQ3glbTbwzX7KVWXPEepDLcMW9t%2BKVyb7a34Y6hj4NT2IzKunmmRrEiExJ5N50yBrzy%2B166e6Z4%2FEu0ehDinoyJjLlScyHioraq%2FNJ%2FJbzaTU%2BwuJxqYPHg%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=3,i=?0\r\ncf-ray: 9f664c7e691956bd-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"9add656c51d126048dd0f7125b1b564c","sha1":"254aa728afc89b92780aa6dd27dd9899eaa60100","sha256":"4718b3212dc7d85086df6ca4c8eea5b57e13933e7190fbecd96f08b9992422cb","sha512":"d0cc3e502cc855ec6ffcbdfcb2333d3248edbe914f540908ba2f3d98734eff9b103011a4728a7b6e40843a4af473ce9ae7541284adca1da5d5dbca768f274600","ssdeep":"","tlshash":"47800008283c08030a02028a200eba80002c20a30c000b208c8eeb20c2a80b0a200830","first_seen":"2024-06-08T23:35:13Z","last_seen":"2026-06-05T12:24:08.821442Z","times_seen":49,"resource_available":false,"data":null}},"time_used":65,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":65,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/3-CpLCzRic.png","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.603Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/3-CpLCzRic.png HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-6f10\"\r\nexpires: Wed, 03 Jun 2026 08:57:35 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UU8ADl8Hb85vUO3rbeuBp3NAhPseK2OY6xoweWCLwG2%2FoUYxFfcvpZ1cMoxfl52Xyk7ESoWMJAo4c%2BBg0JiUPm7FcyfgM5%2FKFwVc4zisCDk487vvNPhRHIKIXYxXNvXZ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c7d890556bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":28432,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 456 x 456, 8-bit colormap, interlaced","md5":"af2f60d4fce3104a500434411e96ac73","sha1":"5ebf26aeb88182cadcf9a1ae16cdf28bd21ff455","sha256":"5e62b70d6e2150890ea81ab4c5d2743d9e02083580eccfc6c3138face3135d8d","sha512":"fad504aeb8aef9fde80a14294b87c72fe44582be96654ba1c64f69888208e2eefb1d6564dab3a4a3abe266f5fdb6b2d138a3e024e40d6cfb53107fb310ece597","ssdeep":"768:cK7LVMbmC1NJhi8T+sH9921+N1aAaq2U+eEsr:cfKC+sd9mAaPeEsr","tlshash":"63d2d0d7b13dce72ac09a7be81ac9a02930c9e15476b800fd5bb4393f761079764487e","first_seen":"2025-09-24T16:02:07.778628Z","last_seen":"2026-06-01T00:01:50.031722Z","times_seen":9,"resource_available":false,"data":null}},"time_used":156,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":155,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/CommonEnums-DWIwllum.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.486Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/CommonEnums-DWIwllum.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/assets/home-BiBL-sEQ.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-62b\"\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=guR7l%2FzuclGNlF844T3XVstOhYL0VfZFhwd2yI9IxqByguCYSek0JBBaiCIjM69RPTMKgmJbOh2iWtatBCW%2Fm1bHytm3opJKinGKhB7p1m3XIkrKvNcdMlkosNumtTKU\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c7ca8ee56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1579,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (1578)","md5":"ea55104e22e81cf41dda2bf3b2b4a6b5","sha1":"98175d95318be3f46a4986f24f4f05c7a456c231","sha256":"e117656c983c9ede380daa5709252c1ff96f77e0d6125108a539278b27407ac1","sha512":"4900c6139f277087c0c8df858960e934bf4289cc2fd7a4ff38db111715c77fa4fac8a51edab83c0c736b658af6ee5b3b1c7b0bcc2f65b32249989b983a1aaaf4","ssdeep":"","tlshash":"0931c042bc267e74d04deb2cf42d395791ddb3cb89a823405fed6a3190c9ba45514ce7","first_seen":"2025-07-01T14:24:46.954203Z","last_seen":"2026-06-01T00:01:49.949027Z","times_seen":13,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/index-BgfhDPph.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.497Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/index-BgfhDPph.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/assets/home-BiBL-sEQ.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\nage: 0\r\ncf-cache-status: HIT\r\netag: W/\"69f07c02-112\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=e5dC0czFQz0A07bPq0O2Pe4NScVpjtmB3sGeHD%2FUXN5l2S6vn5JyK0p5%2FCFRiLiPcTojVrKpnX6LRWClZgRTLXgzXWrp%2FJf7k%2BoaK39xr%2BCNlGcvlHrkFUceRcb0E42M\"}]}\r\ncf-ray: 9f664c7ca8f456bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":274,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text","md5":"285abc09e5583615c53749ea7df64e50","sha1":"02d6f1d7ccefacb29307dc63fd7c4a23d50e94e5","sha256":"7432d1e2a1a51f00b08555100a899f40ab963b5ac82828f9e1247ecab8ae2c56","sha512":"f803eee71751c2e5932057264e9afdf7704b22b786c5e613c8b865841a29c0d7cfb13301632b774911fc5e56534259d3fbe75e8a21928720486f4f9a5c2e39e6","ssdeep":"","tlshash":"bdd02b9e445bc27710081b576d064f239c2a8a1631350a79320e181b471dc89600ad9c","first_seen":"2026-05-04T08:58:09.548765Z","last_seen":"2026-05-04T09:00:42.15846Z","times_seen":2,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/header-bg-CkfjIR-Y.jpg","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.663Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/header-bg-CkfjIR-Y.jpg HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/assets/style-sg74ike2.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-4d08\"\r\nexpires: Wed, 03 Jun 2026 08:57:35 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3DMd7AyPxSH5QMxGm4ysGNY6vw0O2PW3q6zySdYjw8gP6WICLvRjQsh%2FVJvtpwefqXe4K8UsiipOAV8uvCY1RH2OScwsz3Z%2FttpomkQhVjjEQ%2BwrYsYhb3n%2BVmjulqih\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c7de90d56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19720,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=201, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=640], progressive, precision 8, 640x201, components 3","md5":"27196a14b51a6b1445e9bae05e49b11a","sha1":"44fed32a4945aeb22984df572d8df9d108023900","sha256":"68be760a597b8d7df8b1d413688d5c98f84c7c17a8df0391d5d6f6f590c9b491","sha512":"6ed0c6a0f73919fdc06f3206db7c75d0ec5c23c3cce138d8c3eb2b3921298a59c352c30d3bc23caec754dc02712c009aad1c4bd51bc398aa47d2a7858c680e0d","ssdeep":"384:taPifUnthB/2cl+huRwEeSrlCS4Oe4hWLq:APrEcl+8eECmwLq","tlshash":"9792097de3926e03eaf0017585a4d3574721d6d8c5a3c2b7748c2890bf75be8ee29b11","first_seen":"2026-05-04T08:58:09.549598Z","last_seen":"2026-06-01T00:01:49.95667Z","times_seen":3,"resource_available":false,"data":null}},"time_used":144,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":144,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/app-api/member/user/details","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.742Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /app-api/member/user/details HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ntenant-id: 1\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ntrace-id: \r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate, no-cache, no-cache\r\npragma: no-cache\r\nexpires: 0\r\nx-cache: MISS, MISS\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tLSJRmcM16YgpPd3sP5mQ4uOOJ3pDGNOodwl78V7XRlPbh1D%2FfCEgYd%2BftvcWpfNCTLaFKj23R6POYsMF9fpfpsRaNFa0wDWCR8yGv0y9WZnyza4qI2DVwOy%2BqJVqsm7VQxSh83KMYx8jQ%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=3,i=?0\r\ncf-ray: 9f664c7e691756bd-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":42,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"f1357eba0057d63c83b1307eec846cbf","sha1":"759f2e835901044ff360ef0ddb87557ddf8db1e0","sha256":"b3a06fa0ef702ce7c8e25b62f03582c52d029d3b04c242de653ee000bf6606d1","sha512":"9089d29d13fdc142d6947ecc27540ce9971bd64d3d83fb0e0c8733ad4c9f49e442bec021db8858985746653fdfed6997e625a3bfa13520151388780539165851","ssdeep":"","tlshash":"849004057d0c0417155743dc000dff04401f314344010f114d5cd73170554f4f450434","first_seen":"2025-09-24T16:02:07.717019Z","last_seen":"2026-06-01T00:01:49.959433Z","times_seen":9,"resource_available":false,"data":null}},"time_used":60,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":59,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/1-Blk-4Mgh.png","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.877Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/1-Blk-4Mgh.png HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-1e92\"\r\nexpires: Wed, 03 Jun 2026 08:57:35 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bwxg3S2g58UOg%2FwCq5SbwiARJccYGEybTnve%2FnXC4KiD8A0zvlWF861doDxU8V3dCXzwfCyYTzm6VbWBdVO%2FfAAIiQ%2Ba%2FqP9SFudb4d1VCq3PFz2rW7RmXZ9BcCUmZsf\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c7f393256bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7826,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 180, 8-bit/color RGBA, non-interlaced","md5":"8dd0a422c46fde02eea732f36a5d678f","sha1":"23895fe2d10290126caedb3303942ab572293d85","sha256":"3c5a2fc16c166f7131ffcbb7294f317bca602fdcc55e783322c8b1859c616913","sha512":"760548c836775e441f01935c1f90f3f822a75ed3845e75fc08b64860cb65743f0d6c8c2c2c9af1cdfd963ceab8e0697dbb01399360cf8059923d9cec510c51f2","ssdeep":"192:/banWRGyiNDt8376i7/04qkxaCUAnE2MO/RDaW9w/:/bqWiTM7R7s4qs6aEhikQu","tlshash":"87f19ea36d2e74e6eb8ee42c41004d2572178402d4e4af09afa8601b35ff4542d9d3ad","first_seen":"2025-09-24T16:02:07.684625Z","last_seen":"2026-06-01T00:01:49.977423Z","times_seen":5,"resource_available":false,"data":null}},"time_used":115,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":115,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/4-CT0PYwKp.png","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.880Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/4-CT0PYwKp.png HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-1637\"\r\nexpires: Wed, 03 Jun 2026 08:57:35 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5u%2FSkvgvC%2Fv%2BKs6umcz4OcT1WHn3MFnycqLLsAhgI%2BoKfwA8ovSN9Mvv59tSlGMj4AfLOKusU0bHiybg7jROatLPlg9N%2Fq72sJLGwxGzx9qM4sp1Mq3RFjSBOhAT%2F5Ge\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c7f393556bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5687,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 180, 8-bit/color RGBA, non-interlaced","md5":"a2197a9d16de96610117a8d281beea57","sha1":"f14107f5d4e8e7546cf3835fa86a7a4f701dd44a","sha256":"cea083bd4d99371088b9a56e4ab17971fd779ec8b4354982d89aeba1b972322b","sha512":"c3cdf92c4899675f02155934704c1f64a9b4dce49e6f5f19f88b9bfe16df7cf4707923b4e273281a3dedf54d5e6c48f77a390f5839854b87d0f691b019035408","ssdeep":"96:ucQggggggggggggggggggggggggggggggggggg+BCYWx9xvxzZ5tmwzZ26QvKp6n:nYWxfvtntmYp6/pKHl9wDF","tlshash":"25c119b7e53f2913c1b11bb55498832019361ecca0bd71857ae67e624b7d3ef30229a1","first_seen":"2025-09-24T16:02:07.775345Z","last_seen":"2026-06-01T00:01:49.974427Z","times_seen":5,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/5-f2Kg6mGr.png","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.881Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/5-f2Kg6mGr.png HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-1ca3\"\r\nexpires: Wed, 03 Jun 2026 08:57:35 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9%2BJhyCDj%2FbQ5Bzk2IxkTRrGDYH3L%2BxWViKox32p9wPyViB5pVt2zZmgbgTo4Nd%2BZ%2B9W9PKs80KVc%2Fq0QbhEYDGVOhV5oZJ2FX5ejmtpBdVsCTB1psYzSSL5vx89FRpo0\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c7f393656bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7331,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 180, 8-bit/color RGBA, non-interlaced","md5":"3a1c6bcd0ae3797f3aed466fc44b6b5b","sha1":"f8ad11a5d0cbc06733550536f8b99805fc5448f2","sha256":"29aae74391613230524f0c77d69d2f5782e292841fad9bdd5edef0420f0297d8","sha512":"4ab51cdc60cbab1bdbb1019e25737a3f2d0342bf78d54fb59cb3ba571bef92a8e5e6e95b350e0f77b7c42c38d75d1cdebe81793badbc8971eaff58e6282512b7","ssdeep":"96:uciPa0/IR/+lG12dSwiekAF4wjV7tASnSzD2ZimXFmhjklLvyo/rGL:iPXQBUGwdSnekAvjT/nSzQmhjWvyQu","tlshash":"d7e17b4edf3726c4be7368fe5b6e3e52598309cb32a81d224236c80e701b04902d6eb4","first_seen":"2025-09-24T16:02:07.697878Z","last_seen":"2026-06-01T00:01:49.95812Z","times_seen":5,"resource_available":false,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/loading-l0sNRNKZ.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:34.833Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/loading-l0sNRNKZ.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ptdufrain.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:34 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 1\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\netag: \"69f07c02-1\"\r\nexpires: Mon, 04 May 2026 20:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Sv0ulCfPpGM5Ar6cdzUYNMt%2Ffluq7OSRoz0tuZtJ%2FdGR27Z%2FLQJeF1TmVycZZ5%2FKpWV2zsXhEObT34xXUe7B4cNBC4IZDiVBAL4LjsJFbhEnGbHKQY8XwSsFiewAfgCD\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f664c78987c56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1,"size_decoded":0,"mime_type":"application/javascript","magic":"very short file (no magic)","md5":"68b329da9893e34099c7d8ad5cb9c940","sha1":"adc83b19e793491b1c6ea0fd8b46cd9f32e592fc","sha256":"01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b","sha512":"be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09","ssdeep":"","tlshash":"c700000000000000c00000300000000030300000000000000000000000000000000000","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-06-07T19:30:29.083606Z","times_seen":213532,"resource_available":true,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/ripple-CQQt-rVd.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:34.960Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/ripple-CQQt-rVd.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/assets/index-DBQDCAf-.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:34 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-e6c\"\r\nexpires: Mon, 04 May 2026 20:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hANKBqDJMdPQTLlyV3gmvsMC5kR0OoAcIwVrtKmqGH82ZPJ5JETvAelwsFXMVdWjDZxGaUuFER0RYYSmXCovblK8xV%2FKAIoAZ3UJkWFcv%2FwZRMgQk9Kt3z%2FYyfWGiZrE\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c79788d56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3692,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (3691)","md5":"ccb3ea18aa8110a068210135c6c1b2af","sha1":"77b424a8fc8070ca262d3b486e70919f16d39e00","sha256":"01c56537322008b6e5fe17bb35f41aefdacfae83d79dde8593bc3c86a1e06d17","sha512":"586cf19f8a90394c80a513e57962375baadaf85efe9bb2779725d7acde40f121564245a7d4904c10764611f3afca48ae74636853336e6bc6fd6fd01526b48bd1","ssdeep":"","tlshash":"de7176e55b112e7432e6aacbb2f6e301b3390189a0e65490307fce7037b5de6529d4b6","first_seen":"2026-05-04T08:58:09.555125Z","last_seen":"2026-05-04T09:00:42.133178Z","times_seen":2,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/iconify-CBhu5shA.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.135Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/iconify-CBhu5shA.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ptdufrain.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-4dc1\"\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Jb2uJQb9OGi3UPXx538hMLT5wX7OD2LueFG%2BJCa2Onb9f4MNd0MsEgFG8ZJVUpynQK%2BIswZIY4Mp36loPeIsd8owzJ1VmKmvWfH%2FvtkVm4YJVtfK%2BfBQ55aA6ZJevJVP\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c7a78a056bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19905,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (19904)","md5":"6da187bc94d2b1bdfdb1a2946a1fee2a","sha1":"fc36958fd06047eb1a7bcb89ba4d4d90a3b21a69","sha256":"947b6353cdc992dc444290783670a8033a9d2e47f2595ff9b1341f701c017d5d","sha512":"f84eb20136810acfcdd22cb7f80cf4e4e0e69b7aeb1c7bc532f29fe6ed2b2c9e57b78f33ac7370ff824226552c44be24bc05b7de5110e9f7702b24c9e022ca55","ssdeep":"384:t76HpAFqSg7w4abiB7hmrMW4fchnYTrk3rqH5Kd5Ge0XFNeceTL8rzaQYMEuQIdu:tcpAFqSgk4abolmp4fchYTrk3rqHO57X","tlshash":"8e92c7f43097702643e008e040ba0906f2196612789ec4c5f29eecbbbc7665d59b7fbd","first_seen":"2026-05-04T08:58:09.556979Z","last_seen":"2026-05-04T09:00:42.146975Z","times_seen":2,"resource_available":true,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/useLevelList-BEYpNbMe.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.142Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/useLevelList-BEYpNbMe.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ptdufrain.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"69f07c02-191\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DuCUCMT1OOvvV%2Bwb9JMO42PuLithwZqlip50yNLLLG6IBxfubEEXi5NE9C%2Fm7FWXLgEzckTFQyOSK2bBoheg3nNiN7CNDuBTC9DJCbIcSDGs%2BhAYbm7dPCddBACe%2FCyk\"}]}\r\ncf-ray: 9f664c7a88a356bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":401,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (384)","md5":"281c99abe6e898c372fdc57fe15d7c0d","sha1":"01b6d3d33231ca4e705f3920f7ede8845123d845","sha256":"818b16dc72ec800e013aa93243936e5089373e7deaad1e178c52ad8d70785108","sha512":"c71686e73134c5260acf221332dd76b9893038a62db99d864a175798f07b1f65a452ddd70fc6ca3a1e6b55edca62eb5be5df6265fb8366f9695cd5d059de8f7e","ssdeep":"","tlshash":"90e06167655791b700552cd8a23c741369b1c7a83346d6c0e00d1f5d1bb4487ad5eac9","first_seen":"2026-05-04T08:58:09.559281Z","last_seen":"2026-05-04T09:00:42.129631Z","times_seen":2,"resource_available":true,"data":null}},"time_used":132,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":132,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/index-DrRPUsqS.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.861Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/index-DrRPUsqS.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ptdufrain.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-191f\"\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8CAaP8%2Fd%2F51SbljI%2Fe9nyVJRMb6qyeh6uQTAtvuB1T22xb%2FegH6qBkIL4tXEUH0nPvSA3prQ8uqyz%2FzkWzXLOW1zEw%2FtPmYNcDqx7LDY64WM0JOlOhoC6V1MOPuzGvjr\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c7f192956bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6431,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (6430)","md5":"c9a65a9b5bae235fa7a20e77c11f3b72","sha1":"68729c8a032d81e5264d57b2115d3bb6f519feab","sha256":"1e492bb3eb7a564d2c8d5294746d81f9c7ea09cdd324f05346a16cf7518ceb04","sha512":"7cca8d0076479f98b82bbf325927ad4cafcb71bd5f831902a73353893a70fe13a96256781b3291de9816424789e599b4930edafa131e4d43ab6cc92339454eb0","ssdeep":"192:yXlu0POMEpULy+gyzvhrvBIAtoWF7545L:Eu0PQQJd2WF75m","tlshash":"43d1e82c936543be9d2b445cea717432522ea2eebb204594f3fe4033b752d60d8da6dc","first_seen":"2026-05-04T08:58:09.561845Z","last_seen":"2026-05-04T09:00:42.131404Z","times_seen":2,"resource_available":true,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/3-Ct_vOU57.png","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.879Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/3-Ct_vOU57.png HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-282f\"\r\nexpires: Wed, 03 Jun 2026 08:57:35 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DDSwGigrCOGcaX7yVvmOSbMD7HE2NtIhDKCOUfXS6kC54ondYQwEtkWPmRlhBp2DY17AZ6bKrMd19%2FKZuowDAE1UxCaSfDnfMkPKQBhB8kMTHfXfDLuuasAePK%2BRs5CU\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c7f393456bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10287,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 180, 8-bit/color RGBA, non-interlaced","md5":"905fd3c0c423b0b0a0c552bf11057ca4","sha1":"9121d25c75e24c51b9e03913d060250a39783b57","sha256":"0a9b468ee93aadb6844c3ecab5131d4e3ef8f8b5ae595701ac1bdc9da47aeb20","sha512":"0cd7d9794096afe093a83c3c1e20b816fb1353b376536fc5e892dca41c8c886953b06f6bf77fbcc8d37d87588aef533109500848b861329f443166e4877613ba","ssdeep":"192:0gsmPiOpM29nfIfyCkJ3lvPo5Gev81R6pO3yKO5Tq2KDc6nPo0f:B7PrRNfIKJPEGB1Qw3yX5Ug6Pt","tlshash":"b722bf9c69bba1bcc7428d2543030dc9295d337f0f2fb5b9a701882432c72ddb85e195","first_seen":"2025-09-24T16:02:07.695756Z","last_seen":"2026-06-01T00:01:49.967124Z","times_seen":5,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/formDetails-DeSED_a9.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:36.003Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/formDetails-DeSED_a9.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/assets/index-RI4O5uHh.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:36 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-696\"\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PN2Ml9U4kmu%2FUcCwLMRrbyD7dLSq5YYWdpvgcSHKB6DqkYN7%2F63vDJVpoag5nMqYlqxpZT6ez8pZ66B3yFjXaFZAtqE%2FFePKywww9ONbDXczpaufzbeNk5AhjOl%2BVUM8\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c80094856bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1686,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1685)","md5":"f9484bfda8540a29534f7c249ccad35c","sha1":"aa0231454887311087e6e26e8dc6a95d8b31683f","sha256":"651174ba8e9e7ba2aa5b055bb42f9da2897444882a8bf518ba1131ce1e1ab9c0","sha512":"21ff44e87f4c559d4771ed34b26539dc71e9908cb0cbf3bb0948c9feadda20c67e42d575ca28dc5bef2a27681c804cc7b309c5312ce7961b03ea1af761203d46","ssdeep":"","tlshash":"933132087c94effe60ab08a5742d3a05b2772e1c6078b0e1b38ce6e91b01593562f711","first_seen":"2026-05-04T08:58:09.563926Z","last_seen":"2026-05-04T09:00:42.136114Z","times_seen":2,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/user-info-bg-krUF9FYx.png","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:36.140Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/user-info-bg-krUF9FYx.png HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/assets/style-sg74ike2.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:36 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-c0b63\"\r\nexpires: Wed, 03 Jun 2026 08:57:36 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1tHr6mOhNDj5F5wKwJmcW1WJik5gV6X2qLtR0scFUuuHXkFSMzk1%2BSVr7LMqbfowvrJrSYvjKl1AwfO1o%2FCa9Yvk3PrHmdeavr0FG9QrmkxCJs%2Bvtxpde4dMhwkhmHPg\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c80e95256bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":789347,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 720 x 1280, 8-bit/color RGB, non-interlaced","md5":"e6156d44e604f35c852b1709bcd33998","sha1":"d892b5745ae9ba3a8d80e44427f568109a465cb8","sha256":"a34c450f8f12a9fc821ac6de2fbbd01e9a800dba9901c751dbf5788cd95df162","sha512":"35f606f523c7aba42e62eeebe10edbd982e5aa6918696c25b363917bbec5c7e665a5a7a102ace433ac8d39c0c30bba9d910f7f8cb71b4c11396528a0439086be","ssdeep":"12288:Y/aHWNV9oroBTTzouwBoqmClxP8zWO9UeHBjZTY089oFf1Cfpy4qTTvOxSfFwt:YS25AIvou4mG8zb9UWj1Y08iFZHG0f4","tlshash":"4af4230c50cc86ec0803baddf24698e79ed618d6980bb7552e4642d08dc96ddbeb4ef6","first_seen":"2026-05-04T08:58:09.564916Z","last_seen":"2026-06-01T00:01:50.062542Z","times_seen":3,"resource_available":false,"data":null}},"time_used":268,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":134,"receive":134,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/favicon.ico","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:34.993Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: image/x-icon\r\npriority: u=6,i=?0\r\nlast-modified: Tue, 28 Apr 2026 09:20:47 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"69f07bef-13e\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BShveoc02vnmsrsU6wzSpxAJ2Q7KhD6L70AfUO%2BYYvynA%2BOoSOmZ0ZDWYKc%2FpbPhYVC%2BRAgp8MgzXUlsjYMUqmlfo8mq73I60EJteHPc2nG14cNkSn5aiDnB8CVznPO4\"}]}\r\ncf-ray: 9f664c79b89556bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":318,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 16x16, 16 colors, 4 bits/pixel","md5":"e48c979cfadcf2c8510422a48da5971e","sha1":"875713f7d403056d7da17b936eba383bde0d74ea","sha256":"c60f53d5239795031f392c32c5f7588457c67db912b9f0d5f4dccf2ae1a5e9ab","sha512":"b3a222e1fb35db66e8179e77f4d35b46010609358f4b47c183ae609bc07326b8328443f6e09cc225cc1bf769c9d8eb2b45db73580c3be4da6ce49d8a91372113","ssdeep":"","tlshash":"eee01240630483acc0ef2a34102b0f842cf4ec09dc913a0ff2338d583c53a468ce89a8","first_seen":"2026-03-06T18:05:12.560421Z","last_seen":"2026-05-04T09:00:42.155186Z","times_seen":3,"resource_available":false,"data":null}},"time_used":108,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":107,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/index-DBQDCAf-.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:34.846Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/index-DBQDCAf-.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/assets/index-BEYGIRmU.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:34 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-52fb\"\r\nexpires: Mon, 04 May 2026 20:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YCFtDZqoMFi32doNYU2LLo5o7SlKBwAavmguxxAAhpksqw9MaI99LmhIuNpRRRyWbCMrl2rzMaae3nPulhMSQTyYtlV9oPc5egRvX5QSYBkIp8Nc1BMm7Ffmx9WI%2B6k0\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c78b88556bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":21243,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (21242)","md5":"fac8f3e0b90bd6cffc6948d658ec0824","sha1":"fe2924848c15ed8fb8a28584e5ee7b7750320fba","sha256":"63bb3ef49665c73366b269f28b8a26f90381f9552e71e2b3848aad37ef193cf7","sha512":"d0e4fecb4d24b416f7307d0f7ba891562f8d31ddfa5dd311d37ce6083a3ebc2544a08522af481910463c61479b56fefd5920f3fff384f0dfc5e1c74c4069874e","ssdeep":"384:sA4c4mRxX6sUaDkeHixFUXdIuFu7tJc/3W1:Cc4mRxX6XaDhHixUWJK3W1","tlshash":"1f92c95ce591a36cfd32894632187824d22d16dafed24cf891bebd112381cfcd29659f","first_seen":"2026-05-04T08:58:09.566852Z","last_seen":"2026-05-04T09:00:42.148849Z","times_seen":2,"resource_available":true,"data":null}},"time_used":60,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/provide-7AHU9OSu.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.490Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/provide-7AHU9OSu.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/assets/home-BiBL-sEQ.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\nage: 0\r\ncf-cache-status: HIT\r\netag: W/\"69f07c02-372\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Bpv7qzrUXp7jVz%2FF0gpSdrT7qQq8Gr3SqvkKBjBLD9g1I4%2FDDBuSXtAgeJUAcrpSeJp83iuCIX%2BNpT%2FRutrJAl%2B52DpC7lqN7Exu7xQWGQQdcuJWk328Gp77Qlh%2FosS2\"}]}\r\ncf-ray: 9f664c7ca8ef56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":882,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (881)","md5":"2f80329a76543f98086a586b3619316b","sha1":"8b6d2b07ad553ebe6ff65dcd6b87375a26a51eb5","sha256":"2670a30f01e8696540e338d91de2d27f198d311bccb1ffec7d7741fa283f6cbc","sha512":"e9778a277bc4749ee1ff5b101f25bb61df08e8e62d10a895e600de2891339e4179eeff2fbf6db608877eeddaabef2ee511fe0b85180e75a80c878941818fb9b6","ssdeep":"","tlshash":"9b11238df98379b1e2291cd1cc7e0c7d993a15647dafa4c24015fe15aca0899939fe0c","first_seen":"2026-05-04T08:58:09.567787Z","last_seen":"2026-05-04T09:00:42.149427Z","times_seen":2,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"d2kn51ra8uyuf5.cloudfront.net/f4155d77fd4ec9d3bb783e9f4cc5ce06952c787f85f1576fe10f6b0f4348fc6f.jpg","fqdn":"d2kn51ra8uyuf5.cloudfront.net","domain":"d2kn51ra8uyuf5.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.192.209.37","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:36.078Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Tue, 24 Feb 2026 00:00:00 GMT","end":"Wed, 09 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C9:18:5B:88:98:FA:65:52:EE:3F:8C:AC:85:C1:E4:56:E1:0D:39:DA","sha256":"C6:C6:D5:C7:F7:92:11:BB:D5:98:B6:EB:43:02:E5:65:7B:E8:32:E7:75:CE:E0:A8:29:B0:DE:A3:5E:AF:4E:02"}}},"request":{"raw":"GET /f4155d77fd4ec9d3bb783e9f4cc5ce06952c787f85f1576fe10f6b0f4348fc6f.jpg HTTP/1.1\r\nHost: d2kn51ra8uyuf5.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\ncontent-length: 122497\r\nlast-modified: Thu, 30 Oct 2025 12:48:27 GMT\r\nx-amz-server-side-encryption: AES256\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Mon, 04 May 2026 07:58:52 GMT\r\netag: \"682a899f2faebe3559d6f8e8c3f5a5fb\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 d229ccc15dd984a81023d1b57fa0adbc.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: olAT85hSZ96T_hq66jCPnc4-Lge32HovhxIWy8ZVXDALlY90p1nC3g==\r\nage: 3524\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":122497,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1142x1000, components 3","md5":"682a899f2faebe3559d6f8e8c3f5a5fb","sha1":"e11af6d8dc3c246a4f29ce5286d262d855db883a","sha256":"f4155d77fd4ec9d3bb783e9f4cc5ce06952c787f85f1576fe10f6b0f4348fc6f","sha512":"8b0dc678fed60531e99e523e5f9a337cc47b13f683b1431a5af268927727eb227252f3c91dcc2d9c7b256da4c096c7216eb674f6ae24f8f5bd38d3e39a135f37","ssdeep":"3072:RSNXaK5VErz5FIbW/W8gkkYUfm+H4nX35mJssR5kzmUp:RSNKmWv7Wtbmaunkd5kF","tlshash":"f9c312636f388178ee42f5392fc20e49c71e2015f78621b0418fa72e566d962fe564fe","first_seen":"2025-05-10T01:50:29.852629Z","last_seen":"2026-06-01T00:01:49.994052Z","times_seen":5,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":14,"dns":33,"connect":3,"send":0,"wait":25,"receive":6,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/app-api/member/user/get","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:37.693Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /app-api/member/user/get HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ntenant-id: 1\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:37 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ntrace-id: \r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate, no-cache, no-cache\r\npragma: no-cache\r\nexpires: 0\r\nx-cache: MISS, MISS\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2lAZ15HyXCeW68qqvypxwPqLhjmJor430rc6qXeBBhVlT8vkZhlYdvnK9b2Q%2BaGFkuhSdW2r8VrgpQYPVBgF1DMBBOZFzYzlf%2FXAEbnYO%2Ba%2B8F5%2B351ZzTiaodQJ%2FH81T3KCHq6tg1n%2B7g%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=3,i=?0\r\ncf-ray: 9f664c8a99e256bd-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":42,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"f1357eba0057d63c83b1307eec846cbf","sha1":"759f2e835901044ff360ef0ddb87557ddf8db1e0","sha256":"b3a06fa0ef702ce7c8e25b62f03582c52d029d3b04c242de653ee000bf6606d1","sha512":"9089d29d13fdc142d6947ecc27540ce9971bd64d3d83fb0e0c8733ad4c9f49e442bec021db8858985746653fdfed6997e625a3bfa13520151388780539165851","ssdeep":"","tlshash":"849004057d0c0417155743dc000dff04401f314344010f114d5cd73170554f4f450434","first_seen":"2025-09-24T16:02:07.717019Z","last_seen":"2026-06-01T00:01:49.959433Z","times_seen":9,"resource_available":false,"data":null}},"time_used":54,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":54,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/elevation-l0sNRNKZ.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:34.816Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/elevation-l0sNRNKZ.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ptdufrain.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:34 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 1\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\netag: \"69f07c02-1\"\r\nexpires: Mon, 04 May 2026 20:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=p4xgjjTBStZwNibc73zYAaQBhZDbZSoGaipWik394ne3sXaJs5%2BYY4ATNAYg%2BJLv4CDh8OnlAU8c4K4pUFUBoiJNvfQijjR1wfV0prW9RSa78ocCG3dIDiAvbtqhdM5W\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f664c78787956bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1,"size_decoded":0,"mime_type":"application/javascript","magic":"very short file (no magic)","md5":"68b329da9893e34099c7d8ad5cb9c940","sha1":"adc83b19e793491b1c6ea0fd8b46cd9f32e592fc","sha256":"01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b","sha512":"be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09","ssdeep":"","tlshash":"c700000000000000c00000300000000030300000000000000000000000000000000000","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-06-07T19:30:29.083606Z","times_seen":213532,"resource_available":true,"data":null}},"time_used":108,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":108,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/Footer.vue_vue_type_script_setup_true_lang-CJ5lkL5V.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.132Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/Footer.vue_vue_type_script_setup_true_lang-CJ5lkL5V.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ptdufrain.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"69f07c02-16f\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HwqfTuysSyktJ9Ox8zAuNJrhSn6kAw8hgw2a5yoGj4i3AXShcJrhWfbRiL98BEX%2FRVnu01FWNxI1GnVN7rDA5Tr%2Fltl6NxCN2rZKiiDdG8Qv1qPuwz5tFwPSp1UA50UO\"}]}\r\ncf-ray: 9f664c7a789f56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":367,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (366)","md5":"b8cdb023f787795940e22f38e616e7e6","sha1":"9e29764806a3daefe0c59ec883675b200385679c","sha256":"df02c57352d381392d2e7c444cc155d2f094abbb753afd923ababaeedc4378fc","sha512":"30b4c0a3e5f4ec1268c355d799568ed7d106eff827eea7347084920efbe88f1ca4144325b23925380c183e59a0bc0c6150913a95665b35d9be36a26392c99e7e","ssdeep":"","tlshash":"2ae0c04c8845ebfc128604bc171e501056080719b368c052a25c9d769bd603bd11b931","first_seen":"2026-05-04T08:58:09.569828Z","last_seen":"2026-05-04T09:00:42.137367Z","times_seen":2,"resource_available":true,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/useUserDetails-DhUnoleY.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.146Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/useUserDetails-DhUnoleY.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ptdufrain.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"69f07c02-226\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6Zc5463FGPMq8lPmy%2Fh6vcTLNr9%2Fki1Zo10EYNIBW6tzp%2Bx50tjqc24Jzv0lN%2FCZsRn5XYTrjeFDoPbXaL1AO456Yys%2FrBqOb6E2RBnCMEqXALVeqemDBl%2BRQcB%2Bncpm\"}]}\r\ncf-ray: 9f664c7a88a556bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":550,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (533)","md5":"693cd5fc5553ee5cef7f178577a79372","sha1":"5293fab701de9023e5ee9b468254094d62ec09f4","sha256":"d4af6eef846c1514760b575c4d995f9334866ec5b39e825326c22f49609fd878","sha512":"3157c9f9a8619584f1f303b386f67a3b5269c55ec6ed89b75f9e5fa135657f8d4ca1a18776baec4b688ce3f002039a977726730509876c2b0d4ceeb9a3759b4f","ssdeep":"","tlshash":"0cf0c03bec51d3b2c35c9d845621201712bcab913394d3c1a34e0b19363d88e676be4e","first_seen":"2026-05-04T08:58:09.540302Z","last_seen":"2026-05-04T09:00:42.139915Z","times_seen":2,"resource_available":true,"data":null}},"time_used":110,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":110,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/provide-wn3gcSia.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.163Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/provide-wn3gcSia.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ptdufrain.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"69f07c02-8e\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EICZtG8ZqELS4wbwu1LrL4H8FMD0ViJyN7T8Ka7Sj1ppAEd0Sm3f8H3ihRCx2wVGP53UBWK%2BM3rWhDBA%2BD1BFJCMPmSG%2B0N0nlJE1UHv79cBm9Nj%2B1kGmEPbc11%2BgMwp\"}]}\r\ncf-ray: 9f664c7aa8ae56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":142,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text","md5":"294513d785ffd391a84e326f4f595cb3","sha1":"1123b285c8e7bd82f15d9b5c5b806019df5a4333","sha256":"1b17073fa327d0723c2079a95a214e0198004f5d9c1df8c5257926415e552ce6","sha512":"18cdc7e106f7f771cb436bf7eae93a6dea50b53d812dfa6d93fdf023460fb04c230d7c61878f88afdb868588e0653ac4995bf1b03dcf16dba991baf9e2acf2c0","ssdeep":"","tlshash":"e5c02b3f19c06170c5032c8749adfd028538b46d3ec4918060450e9327b80ee9e5de49","first_seen":"2026-05-04T08:58:09.570759Z","last_seen":"2026-05-04T09:00:42.126807Z","times_seen":2,"resource_available":true,"data":null}},"time_used":114,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":114,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/useLevelList-BEYpNbMe.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.460Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/useLevelList-BEYpNbMe.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/assets/home-BiBL-sEQ.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\nage: 0\r\ncf-cache-status: HIT\r\netag: W/\"69f07c02-191\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=C0DwqHJjSijtgXp%2BvQxF%2B2piM2MTw6uQQEB2MqMen4kFjircnTU791BmqH1M22i9iRx0JiTE8%2FYYsHkA12HoDXzJT%2FROuqGuxKLlaURE9Kir%2B7VkPQnydfshZn0FuUgc\"}]}\r\ncf-ray: 9f664c7c88c856bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":401,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (384)","md5":"281c99abe6e898c372fdc57fe15d7c0d","sha1":"01b6d3d33231ca4e705f3920f7ede8845123d845","sha256":"818b16dc72ec800e013aa93243936e5089373e7deaad1e178c52ad8d70785108","sha512":"c71686e73134c5260acf221332dd76b9893038a62db99d864a175798f07b1f65a452ddd70fc6ca3a1e6b55edca62eb5be5df6265fb8366f9695cd5d059de8f7e","ssdeep":"","tlshash":"90e06167655791b700552cd8a23c741369b1c7a83346d6c0e00d1f5d1bb4487ad5eac9","first_seen":"2026-05-04T08:58:09.559281Z","last_seen":"2026-05-04T09:00:42.129631Z","times_seen":2,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/index-DRtma1RG.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.479Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/index-DRtma1RG.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/assets/home-BiBL-sEQ.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-2622\"\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qF4i37gbBGAEarqQyAJYMwVx6P6nJTlznlO53hZv0SuCRxfrtOczr4WzRvQFxsppv4Se6DFjS1MLR%2F8%2FnObkHMMWsakehwfQhBqcptYiglQq0ho9NF7%2FGwKBA%2FC6Q736\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c7ca8df56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9762,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (9604)","md5":"f8b45b3fad182fe73dd720f7033f1a77","sha1":"821b91c50d30a630ba2a12080a5356965458e536","sha256":"e18be78e0b145809835f0f8f7455914ae0f776aefc1a48933e60c705d968df52","sha512":"b6bf0f8c3be1a3afbf7157fc8b39b9f28e20eda67bf3e3256cd3c075ff7116ad599b9dfa8c7e282b1a94d5ce13ddc9c247951882379a5bf1d57bb62ae8c70f67","ssdeep":"192:yhDnGjlJ0pA/DFgtstu2gIcMuMdLSDdtbLSn:8qlJ0ygtstluMMd5LSn","tlshash":"5d1271e8b291b5f24be770b8503fa10bf2769864a08d9440d26dd4f0bdb899d0473f39","first_seen":"2026-05-04T08:58:09.571654Z","last_seen":"2026-05-04T09:00:42.126171Z","times_seen":2,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/formDetails-DeSED_a9.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.855Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/formDetails-DeSED_a9.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ptdufrain.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-696\"\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zvV25VR4uJgA0HkTuWJTEkV9eFG1ke1T5AtsR6l%2Bat0o%2FqoVswpUvODCscx6okctv0uALOaKEh5T8xQ%2BOX0lRoNUruiCZuLTaJOT%2FotU6l250dq8hqxnvN%2Fgm5oShZ9u\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c7f092656bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1686,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1685)","md5":"f9484bfda8540a29534f7c249ccad35c","sha1":"aa0231454887311087e6e26e8dc6a95d8b31683f","sha256":"651174ba8e9e7ba2aa5b055bb42f9da2897444882a8bf518ba1131ce1e1ab9c0","sha512":"21ff44e87f4c559d4771ed34b26539dc71e9908cb0cbf3bb0948c9feadda20c67e42d575ca28dc5bef2a27681c804cc7b309c5312ce7961b03ea1af761203d46","ssdeep":"","tlshash":"933132087c94effe60ab08a5742d3a05b2772e1c6078b0e1b38ce6e91b01593562f711","first_seen":"2026-05-04T08:58:09.563926Z","last_seen":"2026-05-04T09:00:42.136114Z","times_seen":2,"resource_available":true,"data":null}},"time_used":110,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":110,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/app-api/member/app/level-config/list","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.889Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /app-api/member/app/level-config/list HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ntenant-id: 1\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ntrace-id: \r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate, no-cache, no-cache\r\npragma: no-cache\r\nexpires: 0\r\nx-cache: MISS, MISS\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=q6zacrtNmRYGm%2FqFXZh7mY1LnfcohA5iVMI6LRk%2BhvWu4YtgILTu9vHlwAPSvH9C7glfhNODK%2Febr6cWFFnTugd02UphTf3hcc96lSOPba9E99kFhBhsfHNmGbMKb07cwohS9kYITmn23g%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=3,i=?0\r\ncf-ray: 9f664c7f593856bd-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":42,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"f1357eba0057d63c83b1307eec846cbf","sha1":"759f2e835901044ff360ef0ddb87557ddf8db1e0","sha256":"b3a06fa0ef702ce7c8e25b62f03582c52d029d3b04c242de653ee000bf6606d1","sha512":"9089d29d13fdc142d6947ecc27540ce9971bd64d3d83fb0e0c8733ad4c9f49e442bec021db8858985746653fdfed6997e625a3bfa13520151388780539165851","ssdeep":"","tlshash":"849004057d0c0417155743dc000dff04401f314344010f114d5cd73170554f4f450434","first_seen":"2025-09-24T16:02:07.717019Z","last_seen":"2026-06-01T00:01:49.959433Z","times_seen":9,"resource_available":false,"data":null}},"time_used":70,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":70,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-04T08:57:34.100Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 04 May 2026 08:57:34 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lvNjcrHI9zL%2FgcHviPXFtJrZswGVXmOQAIU3sddsZQEVgyNIDTyDQk%2Bd85c6eiljdx2OxTn%2Fzx4OEcPwaHP7RoVmOyoLuPDqpLIZ%2BUXzU7%2BYlwti1v3yql4%2BZytIii3K\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9f664c748cf5b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1800,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (435)","md5":"3b5f251e065adab65969b72ac736ed1e","sha1":"861164a5a1061874a8a1a47573f3336707bc41db","sha256":"7ae3be87b41e1a37f2c317dab0069feafc3646e6f058403e7f3cbace8effed53","sha512":"3e1791a52ae9213591e1b71218ca5dc153f608400c78d7759131b7dc0e2ed96c55c858437eeada0146f302b17400ff4d2c33ed01a0af549d6a2d8a410f189085","ssdeep":"","tlshash":"46312457fdf4c5ba0668194b7864f5083cd15a93890e984039ee84f88e10fd58d9bc94","first_seen":"2026-05-04T08:58:09.572561Z","last_seen":"2026-05-04T09:00:42.164545Z","times_seen":2,"resource_available":true,"data":null}},"time_used":222,"timings":{"blocked":57,"dns":40,"connect":1,"send":0,"wait":108,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/common-button.vue_vue_type_script_setup_true_lang-BEkc2Csi.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.450Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/common-button.vue_vue_type_script_setup_true_lang-BEkc2Csi.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/assets/home-BiBL-sEQ.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\nage: 0\r\ncf-cache-status: HIT\r\netag: W/\"69f07c02-3e6\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EzjQZ9FN%2F2FUG1oiuOgjJlzqOCBpn1zzrLfoP8yIUPGd6OlTMHA29Z87fcSa4foHyIPFwBo%2BNrfEMqZtkpyp6%2BZSplX%2BUeWTGT%2Bx%2BJLhjtsro%2BwvcD4vWz%2BE9MXkj3jA\"}]}\r\ncf-ray: 9f664c7c88c556bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":998,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (997)","md5":"f5d23d03aabfc1d8ffa6d0d4b5931490","sha1":"f68a4222c3c77c1ddcb72e267ea0b16421c5e4a4","sha256":"a2f872e39a932f30743e08374201340abc11956b2fe0b93396243edc4005baaf","sha512":"f8deb1e22e2f55996ff859e44ec95e901eeed9c93b51aa82c0ac812aa0d298d7084ca4957e08cb822be13b806647004783937510342cca75284e9df7b2f478fe","ssdeep":"","tlshash":"6f11ed48f40f9bbf72ab8c5c8a26162096037b8c6830a6fe5a6749329280c0ed54d776","first_seen":"2026-05-04T08:58:09.57339Z","last_seen":"2026-05-04T09:00:42.14232Z","times_seen":2,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/index-RI4O5uHh.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.862Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/index-RI4O5uHh.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/assets/index-BEYGIRmU.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-174f\"\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=flOPKLX2X32K5MuQLq4wpdCWcw1WfBh1AXioXGC4T%2FP3iS3oh7rj%2BmVlMEPtLiLSGTdRtcX7CZlfhBx8DoCHrU0AsNsLbq98Mt6SXXZN6Eq%2BP4mlwoEhcjeLmtZZgGHC\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c7f192b56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5967,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (5966)","md5":"0bd7c677fd55c9f844e45f852c9095b9","sha1":"3a0b91683399bc65cf2084ed1ba1690949f85800","sha256":"d27e13281d3d72288ecadf52088799b7b2ddf8158c0aa88ad280dea3e840f768","sha512":"eab78fdbe9517e5eec6bce7fbddf2564c69e11a40e9034c4888178a2fac2c13e9ac9d8ad0ae3f7b7483f2a06ee5324124a7d42e5967997f1421618fbc23a4c2d","ssdeep":"96:Ps1JcRslAxTjHIUYYbsWvFVPbUyW0ylIqXdgbFClXTqj4:KcGexTjIUVsW9VPAP0ylIqXdgbFClDO4","tlshash":"5cc1950c78294bbab56754f8e042c810a41d1baec695c471f1ed8e223fd2ef69a5933c","first_seen":"2026-05-04T08:58:09.53193Z","last_seen":"2026-05-04T09:00:42.144798Z","times_seen":2,"resource_available":true,"data":null}},"time_used":92,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":92,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/OpenChat-C1SCj8rC.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.999Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/OpenChat-C1SCj8rC.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/assets/index-RI4O5uHh.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:36 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-b650\"\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dzdr3L515I8qyMNGkrWkAgDLkWVK7uFX7VvbpFFHvEF21nKaQjSBDBg5m4vezRWknLlQ00Q4Ho1tuu2E7K2C4sypNl3IArlFUdNixDtZjZiCgenT4gtNKYFogqLPnInk\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c7ff94456bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":46672,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (44543)","md5":"1d52594c3c1c131a42ba5f069521fc94","sha1":"511a81b35074911dc4edac2ddc2fd51359e6963d","sha256":"4e01bcc1c7a5a5a647d7ecaf08efcd85d056e799eb25b21fb0048322ad2a32be","sha512":"0e6980cb01ff2b060df688f9cd4275cfe7a4acfa44fd9d48dd8e8175780569523f9f025822fdbb8e351a0257db23a6cb4e514fc8a2d0c09ee28cc80c94b6394f","ssdeep":"768:0SMcAPGQJHWvU7J3rgBW/8QcB4Ur14i+7RB6hJg4tNqJFVsfk7f:LAUU7d7+6Uh4i+7RB8J1tNqJwu","tlshash":"7b23f8dcb287b069937354b9047f6047b23a3c61681d8952e437c9853cb9e6e813bfb9","first_seen":"2026-05-04T08:58:09.574369Z","last_seen":"2026-05-04T09:00:42.127422Z","times_seen":2,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"d2kn51ra8uyuf5.cloudfront.net/751682e0b6efa2d3194fb37fb8e271e5196dc1c1d6d015aee6767e69ad7724ce.jpg","fqdn":"d2kn51ra8uyuf5.cloudfront.net","domain":"d2kn51ra8uyuf5.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.192.209.37","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:36.077Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Tue, 24 Feb 2026 00:00:00 GMT","end":"Wed, 09 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C9:18:5B:88:98:FA:65:52:EE:3F:8C:AC:85:C1:E4:56:E1:0D:39:DA","sha256":"C6:C6:D5:C7:F7:92:11:BB:D5:98:B6:EB:43:02:E5:65:7B:E8:32:E7:75:CE:E0:A8:29:B0:DE:A3:5E:AF:4E:02"}}},"request":{"raw":"GET /751682e0b6efa2d3194fb37fb8e271e5196dc1c1d6d015aee6767e69ad7724ce.jpg HTTP/1.1\r\nHost: d2kn51ra8uyuf5.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\ncontent-length: 209960\r\ndate: Mon, 04 May 2026 06:55:36 GMT\r\nlast-modified: Thu, 30 Oct 2025 12:48:02 GMT\r\netag: \"bebb4a9f8165c2cfb5d28059e95509df\"\r\nx-amz-server-side-encryption: AES256\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 d229ccc15dd984a81023d1b57fa0adbc.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: 4lVsj5631AEeHeQZk8Ox8R-f9MlNCH4fZx7XnBWDfoWC2ssHcujsKQ==\r\nage: 7321\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":209960,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 950x1024, components 3","md5":"bebb4a9f8165c2cfb5d28059e95509df","sha1":"7563533164fd382e68af077ba376d38fda5ff57c","sha256":"751682e0b6efa2d3194fb37fb8e271e5196dc1c1d6d015aee6767e69ad7724ce","sha512":"ff7b9b63995ca175cf86eba49ff289ba825fa2bd8e2d0c29191a0f4ac2450000cc0bd9e77413ee9cdee65752c08238ab4c58641aaee6e3356f1972e661c757f3","ssdeep":"3072:oU/JbIMHRX++VTWfrLXAKlSrtUI+61jqP88kMaiBvQnFypf0yvU/mApVCRo:ou1byrUmeV98iiinqfdUeAVz","tlshash":"ee241282b23d3be3d21c45b1657e942fd65af71e232ec2d993a84c7d01905d3782ba1b","first_seen":"2025-09-27T20:46:13.271416Z","last_seen":"2026-06-01T00:01:50.066534Z","times_seen":4,"resource_available":false,"data":null}},"time_used":105,"timings":{"blocked":14,"dns":34,"connect":1,"send":0,"wait":25,"receive":15,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/app-api/member/countries/list","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:36.164Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /app-api/member/countries/list HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ntenant-id: 1\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:36 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ntrace-id: \r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate, no-cache, no-cache\r\npragma: no-cache\r\nexpires: 0\r\nx-cache: MISS, MISS\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FYDHCaKQjJ7F5wVpg637hG4kGL8NbKXU%2F5wcP0ae%2BsNW9w%2FDpTG5CBYfq3y0koQh%2F1%2BGClP5%2FqtSDHo32pEKWrJ2%2FNptK9Iwp1jC1Ne41%2FMoTz8YiSyH1NNOiyY4umaiNCJsZSuWWvg2vA%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=3,i=?0\r\ncf-ray: 9f664c81095456bd-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9081,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"870a221f3a378fa1bd2741c5b1b630be","sha1":"cc9649fb0ee5c30b6a4d066cd440da5536eb50c4","sha256":"69e3090fddc37a6d8737000c754587a0807f7a69a187c4b55c28c30d0c6877e5","sha512":"fff90f81dddb69a6a423d8b4cce6a8972b247d92113a88093c389f7adea7cc04bf33256d4ce485b50b0b30410e2d3072f27369eeba1e35940ca7e40d417dc78b","ssdeep":"192:eIV+AWDsf5JA4lVgsOIfBC0bPw+Ps5oAnqATrD/1qbpUmFkMiR798aRpMkD3sVLP:eEXwyvPb7lZJTdEGm3vTYbeeNiaWi6cN","tlshash":"1a12c97f17665e0fe9688ad378cb3ef82539a8ace784cd0054d78a7d91529fe10e210c","first_seen":"2026-05-04T08:58:09.57626Z","last_seen":"2026-05-04T09:00:42.136682Z","times_seen":2,"resource_available":false,"data":null}},"time_used":65,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":65,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"d2kn51ra8uyuf5.cloudfront.net/m3u8/subdial/output_000.ts","fqdn":"d2kn51ra8uyuf5.cloudfront.net","domain":"d2kn51ra8uyuf5.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.192.209.37","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:36.224Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Tue, 24 Feb 2026 00:00:00 GMT","end":"Wed, 09 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C9:18:5B:88:98:FA:65:52:EE:3F:8C:AC:85:C1:E4:56:E1:0D:39:DA","sha256":"C6:C6:D5:C7:F7:92:11:BB:D5:98:B6:EB:43:02:E5:65:7B:E8:32:E7:75:CE:E0:A8:29:B0:DE:A3:5E:AF:4E:02"}}},"request":{"raw":"GET /m3u8/subdial/output_000.ts HTTP/1.1\r\nHost: d2kn51ra8uyuf5.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://ptdufrain.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: video/MP2T\r\ncontent-length: 1476740\r\ndate: Mon, 04 May 2026 06:55:36 GMT\r\nlast-modified: Sun, 21 Sep 2025 15:33:26 GMT\r\netag: \"b947b3e7087a90fd92582b9c37a75dc3\"\r\nx-amz-server-side-encryption: AES256\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 a82071c7a558f0fabf37ee3b940ad600.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: p9Kxdc2kWJB3GVUra6KRb6KdN1slxj3EOLqI1oEMVPDvHu6DCNKuTQ==\r\nage: 7321\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":1476740,"size_decoded":0,"mime_type":"video/mp2t","magic":"data","md5":"ac63d1e2fe1d40a1387e10f33c06068e","sha1":"c1ae9e65ab82c083e5d4f6fe320979bad7ef2d6a","sha256":"d56d953300cd325fb24597f2c40bef2fcbb651b769f7dc0c93f19b866042bf2e","sha512":"ebdd607b102bd98dffcc2e45525b9e86974bab6e48bd857e3084ef36803b8dae7de54060d5eb94be6ee0ed68f75da3f8dc06cbe5a88b6028a4cbec35adaea11c","ssdeep":"24576:i9BVGA1Mjw7tqTH0Ae7rIHRPdtVoGege4+dxh1:0r1Zc0AK05dwHgF+dx","tlshash":"6f25231f36590c5e886255813156ca9abab35e021ac807c35d9bf3aef9fd1ecdc410be","first_seen":"2026-05-04T08:58:09.577173Z","last_seen":"2026-05-04T09:00:42.154628Z","times_seen":2,"resource_available":false,"data":null}},"time_used":329,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":304,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/index-eYwX1BVN.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.111Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/index-eYwX1BVN.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ptdufrain.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-434\"\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SAZyrAWd5sB%2Faxbo1k7N%2BGVH8vd7u87BfoVSjJ4hXvwa1e2rSYWcIdl5nMuBW8W2lW7s3jdKohTIcU%2F1xsWEr0T3Jh0XtSRuWtEFUpN4V%2B3D8j3KH9MCLRBcuAP64nlN\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c7a589c56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1076,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1075)","md5":"f5c0b90514c474de0b65e01d4007a40a","sha1":"85da9155aa79a2831b76991c366507072025569b","sha256":"ad1742c5d663891cfe93a144c739aa22d9a4164c68aee14cbaa4e545f08ee9d8","sha512":"658a13d780b0f5d6280cb02457c6b767f77cab1375f304f78c8912e4e9d609e3e8441b3b17b79aaa9c38f4d9b34d1a09dc5380771af1d01437b8382b4b1af74d","ssdeep":"","tlshash":"79116ddd422f92b643041b7357451b72612a861036359ebae61e2d176b6fc81f417fc8","first_seen":"2026-05-04T08:58:09.578052Z","last_seen":"2026-05-04T09:00:42.13261Z","times_seen":2,"resource_available":true,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/button-BRRKRYaa.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:34.835Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/button-BRRKRYaa.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ptdufrain.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:34 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-1129\"\r\nexpires: Mon, 04 May 2026 20:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xGsbZL0jRJ1qJ8%2F2mT%2FjhuNpB8bKnUXb%2BPGoLO7CKM3xqQVpSida1rv4OaFFQAgbcfZWzf4mmh%2BuhFumSuHH1mAtcaJPf4fKKj%2Bo9m37lDMZIYe%2F9900auEGjPpQaIn5\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c78a87d56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4393,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (4392)","md5":"735d9b04aa8aab5e489b6962e63bf52d","sha1":"d1ff55628212f915c6f116efd6b4f04435dd6e09","sha256":"f0c968f0c915a29be76b47a9ca1c8d409b71c80235f5bff988b99761040382f9","sha512":"303823021b7b8e019a3b2915653f38614b2517bf92bea9e0e69858cb4a2f61925de86aaa4384494cc2f7cb1005b3dd13a2538adfefa1ba42f62b2bf6a1848805","ssdeep":"96:Kw0inMsswmpm2XLSTVdwSgWFeLS0Xy3XHT:Kw0eMHteTVdwSgIPHT","tlshash":"d891fa0e7c1ba07f7eb344c8a05e0445db3097afd0789ad4f3955b395aca408726cb27","first_seen":"2026-05-04T08:58:09.584208Z","last_seen":"2026-05-04T09:00:42.134383Z","times_seen":2,"resource_available":true,"data":null}},"time_used":105,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":105,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/index-COJZw4LS.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:34.837Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/index-COJZw4LS.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ptdufrain.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:34 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-80b\"\r\nexpires: Mon, 04 May 2026 20:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2Fc0cuETi00q%2FBBmBMlICIvqwJuuo7QZNTzi7Y4UXJfQWUHUTSAo%2FVRfsWgXP9eu3pVSrFCm76FIO3l95dz5WBapVzfVPYO1muOAaTezIeRIjze24XC8BH9d2CNAZmTHy\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c78a87f56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2059,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2058)","md5":"d88307669f1692489cafefb909445cf6","sha1":"0385f1c739ed7948c2db3e5c5bebadd61199a0da","sha256":"083eff654f3fa0e837063d83131eec543daaebaf48778f971ea25a053fc496f3","sha512":"e741f5d538c899eeb542e0569ced1dbacef5e56d261269c0a004b7569c6780135e55a3ae06d2d26b1e35757ccaef1f903151cae9143d0e598df042f6acfd73c1","ssdeep":"","tlshash":"ea4125185c059f3af4a740d50628550937380f8cb1b542dda7f6853c7b82e97adf8759","first_seen":"2026-05-04T08:58:09.594987Z","last_seen":"2026-05-04T09:00:42.151447Z","times_seen":2,"resource_available":true,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":106,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/badge-Do0PY6zV.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:34.963Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/badge-Do0PY6zV.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/assets/index-DBQDCAf-.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:34 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-7e0\"\r\nexpires: Mon, 04 May 2026 20:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8EeWw9PWwzaD92XG2EV8OQKm3GRq0Cstc6D44p1d84MiKaQcsHJy6ihxgaomztjLMNVXY6ad8udN4%2B%2B2d2UWk2gFyoGn%2BG4IlRmI4vjqNsh7De1TzsmP5L9yJOgM9XsO\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c79789056bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2016,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2015)","md5":"aecd9f866e1e0be2ba02eaa24eb85f43","sha1":"e0b340cb061735f7a33641ebce82499472195caf","sha256":"842fc359500d201517e70f0a373cbac806495994213007304931ae055c16e947","sha512":"aa9f794cd12be4651275a2779c05c23850fcee6307279b645702db82d3c1dcaf140230476850c0692c55118c71472fe86e431320b53465e92adae38db3cbe308","ssdeep":"","tlshash":"2e41339c7401eab707a785c5512d1500b3241a9ddcb8a6d6a3df9d782fab406304f765","first_seen":"2026-05-04T08:58:09.596179Z","last_seen":"2026-05-04T09:00:42.133754Z","times_seen":2,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/index-COJZw4LS.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:34.966Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/index-COJZw4LS.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/assets/index-DBQDCAf-.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:34 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-80b\"\r\nexpires: Mon, 04 May 2026 20:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=so%2FDvG52eFvltyre%2FqZVrAldt8K2Aj5FVDaaOxKXMattbDQqGv2ItdNeP20H20isPLJickBsetla0M8g2FNis1BDEe6SDjqpgaz8VDvQvyN9pKojHEcEoq%2BmM8oHZ8s9\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c79789356bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2059,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2058)","md5":"d88307669f1692489cafefb909445cf6","sha1":"0385f1c739ed7948c2db3e5c5bebadd61199a0da","sha256":"083eff654f3fa0e837063d83131eec543daaebaf48778f971ea25a053fc496f3","sha512":"e741f5d538c899eeb542e0569ced1dbacef5e56d261269c0a004b7569c6780135e55a3ae06d2d26b1e35757ccaef1f903151cae9143d0e598df042f6acfd73c1","ssdeep":"","tlshash":"ea4125185c059f3af4a740d50628550937380f8cb1b542dda7f6853c7b82e97adf8759","first_seen":"2026-05-04T08:58:09.594987Z","last_seen":"2026-05-04T09:00:42.151447Z","times_seen":2,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/index-eYwX1BVN.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.447Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/index-eYwX1BVN.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/assets/home-BiBL-sEQ.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-434\"\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=do6mx1CZNPL1fIQYKnmIgdj7NurdBu5BHyKQkzU7QuOD2Bj%2FC5%2FKS9tdNq9d0u8mgHBQGoAI69BMHpeFzBH6UPy7cKr9bQvh63BMl0p35qQiBCuNR1jBWmwvz4doHZKT\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c7c88c456bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1076,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1075)","md5":"f5c0b90514c474de0b65e01d4007a40a","sha1":"85da9155aa79a2831b76991c366507072025569b","sha256":"ad1742c5d663891cfe93a144c739aa22d9a4164c68aee14cbaa4e545f08ee9d8","sha512":"658a13d780b0f5d6280cb02457c6b767f77cab1375f304f78c8912e4e9d609e3e8441b3b17b79aaa9c38f4d9b34d1a09dc5380771af1d01437b8382b4b1af74d","ssdeep":"","tlshash":"79116ddd422f92b643041b7357451b72612a861036359ebae61e2d176b6fc81f417fc8","first_seen":"2026-05-04T08:58:09.578052Z","last_seen":"2026-05-04T09:00:42.13261Z","times_seen":2,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/index-DrRPUsqS.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:36.002Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/index-DrRPUsqS.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/assets/index-RI4O5uHh.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:36 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-191f\"\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ALzYg%2B0HLxG0rq5xql7HmOu8F%2Fb5YpStQDZQplSQGRiPLiXFb2Bn4iL8HQ4cohsPI5bkuqyjglymMVaLL9k8jZyfyKAxLckNvsp0XTpsF4US0z9n3UTdPsM1Ivjx359T\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c80094756bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6431,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (6430)","md5":"c9a65a9b5bae235fa7a20e77c11f3b72","sha1":"68729c8a032d81e5264d57b2115d3bb6f519feab","sha256":"1e492bb3eb7a564d2c8d5294746d81f9c7ea09cdd324f05346a16cf7518ceb04","sha512":"7cca8d0076479f98b82bbf325927ad4cafcb71bd5f831902a73353893a70fe13a96256781b3291de9816424789e599b4930edafa131e4d43ab6cc92339454eb0","ssdeep":"192:yXlu0POMEpULy+gyzvhrvBIAtoWF7545L:Eu0PQQJd2WF75m","tlshash":"43d1e82c936543be9d2b445cea717432522ea2eebb204594f3fe4033b752d60d8da6dc","first_seen":"2026-05-04T08:58:09.561845Z","last_seen":"2026-05-04T09:00:42.131404Z","times_seen":2,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.iconify.design/flag.json?icons=pt-1x1","fqdn":"api.iconify.design","domain":"iconify.design","tld":"design"},"ip":{"addr":"172.67.71.159","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:36.354Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iconify.design","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Mar 2026 03:17:08 GMT","end":"Wed, 24 Jun 2026 04:17:04 GMT"},"fingerprint":{"sha1":"C7:61:00:F2:D5:FE:2C:00:75:61:A6:53:17:66:5C:87:6C:DA:E0:F3","sha256":"5F:1A:78:B0:83:6C:E7:52:BD:B4:74:DE:50:8A:44:F2:0A:90:8A:03:24:08:4A:D4:F7:C5:AE:59:EE:6A:A1:8B"}}},"request":{"raw":"GET /flag.json?icons=pt-1x1 HTTP/1.1\r\nHost: api.iconify.design\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ptdufrain.com/\r\nOrigin: https://ptdufrain.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 04 May 2026 08:57:36 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, OPTIONS\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding\r\naccess-control-max-age: 86400\r\ncross-origin-resource-policy: cross-origin\r\ncache-control: public, max-age=604800, min-refresh=604800, immutable\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZsCxaunJPJlr7y8O8zYCCeuwqiyp8TQTB37NgzgqK3t8iW8Ve%2BIerdu92cGsmOAmVVWeR6oK4pUUD7Va2QYRGbiM1NDsFZsJ5o%2FrxpjbIFhcHStsbTCFKpXYBpHLkrURdckLzQ%3D%3D\"}]}\r\nlast-modified: Mon, 04 May 2026 08:57:36 GMT\r\ncf-cache-status: HIT\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9f664c82388456a5-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8383,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"118dd1014f6a8265d83efebd0298e4e5","sha1":"aaabdac11d458763dff54919c9baf943760ab963","sha256":"bebde368a63b398b0a64799db57a57a29e5af3103e203e46e9f34eb15261da79","sha512":"b94bf7701eaf7b35426aa6aad854e46228defdb10a29a7721a68ae8293fea52f4fafa9566b147f19646864d33837fbd08c650d17bdbe9c92d5fe1ea1fb6cb9c5","ssdeep":"192:E8VjFRCunWFQPiqsLIFXHCfGXas9IzAhfoYlyh90siVC7pcPB:EKHCFOPiqsLIoGKs4ugYlyQ","tlshash":"11022f288b54a2bc8c17a3fac73594b5331fb0aa3a9b5364d47dc13531121dde46aced","first_seen":"2026-05-04T08:58:09.597165Z","last_seen":"2026-05-04T09:00:42.159029Z","times_seen":2,"resource_available":false,"data":null}},"time_used":54,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":54,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/chip-M8M-weOK.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.169Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/chip-M8M-weOK.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ptdufrain.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-6e4\"\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cB4jpptRJUhOhHpa%2Fk1g2dp%2F45OC22woJkBCAAGLQYD3DGx8N43gnvgDk4fGB0hWnFljAyHlPD0E9jI4UokVq0D6s24vd4xdc5XvXgF8ZaEuMaOZttuPYWunKx6yNzVF\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c7aa8b056bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1764,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1763)","md5":"9bb25de8e0123654beb26eb2b0163a05","sha1":"dabea460fbc898f2a0a696aa2878950276b2b49c","sha256":"56b00db90c05dd2629eea68fea7fe6af4bb92888795bac910970c9d688657965","sha512":"d60cf75f75022b05301fcc35c383b87a14998f92965302a51f0fca3f65b91b18b8988fe8b8ac2dc4f12897efa640a11f3bd8f5e9b165f822b49d331a23712017","ssdeep":"","tlshash":"1331769dbc82e232357b885e401517027b391eccf4389fc3daf2953e29d1849b64bb15","first_seen":"2026-05-04T08:58:09.598036Z","last_seen":"2026-05-04T09:00:42.137987Z","times_seen":2,"resource_available":true,"data":null}},"time_used":114,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":114,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/iconify-CBhu5shA.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.457Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/iconify-CBhu5shA.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/assets/home-BiBL-sEQ.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-4dc1\"\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gglip6K%2FYyaSVhx1UdzuCh8MDdVM%2F3XDZE%2ByR6pLNmKcgxh46mmNd6xF12oRw%2FDD2CEiRze3tPXarQVJ5dwl6fnXxmoyPt06pImY1L5hY6uVC0gtlenPRCq1Nbn9sk9L\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c7c88c756bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19905,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (19904)","md5":"6da187bc94d2b1bdfdb1a2946a1fee2a","sha1":"fc36958fd06047eb1a7bcb89ba4d4d90a3b21a69","sha256":"947b6353cdc992dc444290783670a8033a9d2e47f2595ff9b1341f701c017d5d","sha512":"f84eb20136810acfcdd22cb7f80cf4e4e0e69b7aeb1c7bc532f29fe6ed2b2c9e57b78f33ac7370ff824226552c44be24bc05b7de5110e9f7702b24c9e022ca55","ssdeep":"384:t76HpAFqSg7w4abiB7hmrMW4fchnYTrk3rqH5Kd5Ge0XFNeceTL8rzaQYMEuQIdu:tcpAFqSgk4abolmp4fchYTrk3rqHO57X","tlshash":"8e92c7f43097702643e008e040ba0906f2196612789ec4c5f29eecbbbc7665d59b7fbd","first_seen":"2026-05-04T08:58:09.556979Z","last_seen":"2026-05-04T09:00:42.146975Z","times_seen":2,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/common-dialog.vue_vue_type_script_setup_true_lang-DNoAHc98.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.473Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/common-dialog.vue_vue_type_script_setup_true_lang-DNoAHc98.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/assets/home-BiBL-sEQ.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-117b\"\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IyRgB6BTs7labta1Pl%2BkCWwB%2F7XIRX7GaHXATM8HPBYKEYXTugeNKGf6TmzSL4wIS5eEJdGzTgvUKCAxqwDXTi%2FJdlLnOVI%2BIu%2BtMoUC7IqMgCyISTmEz2yJ5tHQgKc8\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c7c98d956bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4475,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (4474)","md5":"08dfbd96301863d25f6daa49286dff22","sha1":"5cd508a524022c7b555073fa09f9ac4179f22778","sha256":"d89328b5dd3dd0f8081dd603cd5d27af5e079ee8d17c73f81a06db2b27aef80d","sha512":"49696d1b72d3dc9cb13c3b6125850bb8ede83173e41b17bb11f736c75fdca640b0231c576447f6d7aade572acd308580b47a3abf4e1efefc0e115e2353f7eb2c","ssdeep":"48:GlXtCPl1dJWY4p0EoUpA8VxVyes7akaw22eFVjCYAGxrxMsVrlAbiAei9nEh:GldCPrWY4ptoUu8TL/X2eFVWmxPXGs","tlshash":"9b91fc41349650a6a7f5fe6c00252dc9c5c493dad2b28ce0359acb237bf2de59bc2886","first_seen":"2026-05-04T08:58:09.537648Z","last_seen":"2026-05-04T09:00:42.135001Z","times_seen":2,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/login-logo-9_Ba9m_r.svg","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:36.085Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/login-logo-9_Ba9m_r.svg HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:36 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-4502\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tQmCsxOu6QHfsZ6DWyayGKcy%2BbfOuZSqLMkVi9aJhsuKfrHe%2BM%2Bb8Y1sM5fCATI1FVe0G0luuJQSj%2BfMYI2%2Bcxe6sJSI4VAoSup8%2BypfA8%2BVmyLPkgF%2FsgXm9Fn0k33m\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c80894e56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17666,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"74b9c9c79177419d699977f66456306a","sha1":"154153b3b1bdd53cae1d83e1aa4ac9d831414d4a","sha256":"511d7606ffbd1318307149e78123bc90f55d8cddfd81ddee9ec64877536cff14","sha512":"d73f257a58d7d0f4df1453d7b5091d3515f8120b5bf4c76c18d15ed58c05dc9d5631ca753310a62ef07d938de57f4d3ad3dc078fddfb58020b18308f3d90e1a0","ssdeep":"384:1oqP2uKeziedpG3Tow3a4QKtJC4A83qjdbJk5rorhjxAp:1LPvdEDo6avYJjA83cdFk52FxK","tlshash":"1a82e1700a64a05636be47c76b9130deefb1fbeb1748b48950900f4b512c65a6edf24c","first_seen":"2026-05-04T08:58:09.598925Z","last_seen":"2026-05-04T09:00:42.141092Z","times_seen":2,"resource_available":false,"data":null}},"time_used":134,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":134,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/useCurrencyType-CJWjRXuk.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.467Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/useCurrencyType-CJWjRXuk.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/assets/home-BiBL-sEQ.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\nage: 0\r\ncf-cache-status: HIT\r\netag: W/\"69f07c02-1b6\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rMJCXBJ9WW7n6QKaOcSfOd%2B7%2BRIKQEMd53oWK4CvYvU4cl711iHAX2jkddXSf6qtBSzPSKpCMUMBx3v8VZqa17JfWAkJ9wnVTnHlKPZW7b%2BiUVmdGLLg1mrofc%2BrDMSw\"}]}\r\ncf-ray: 9f664c7c98d656bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":438,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (437)","md5":"eea9773b482716c732610ec523e323b7","sha1":"fa89547bbfe2f63fcc47b7d4d0a4fa75f551f705","sha256":"dc5e3a821dc7cabc85f764a8ec37cea39bd62f67755d2dd8695e05d6458f5d3e","sha512":"25320c8f252f233998bb846ef2ede0bab35df6a4857ac9b3a6282a3206b8058af4b484e96a3684fe6a389ae318b4c0be81d4b718aeb969711b2619044726f2a5","ssdeep":"","tlshash":"46f0a34b7216f2bf42017cac911034765b75839423a1d7e0d18f0f1b563708e511ee6d","first_seen":"2026-05-04T08:58:09.600041Z","last_seen":"2026-05-04T09:00:42.157931Z","times_seen":2,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/hoverOverlay-l0sNRNKZ.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.476Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/hoverOverlay-l0sNRNKZ.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/assets/home-BiBL-sEQ.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 1\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\netag: \"69f07c02-1\"\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4Hs3cbrrfYLsMniBNo46PWOzaQn2VFxCT%2BxIjGK0otvFPOjxWPUAQE1JWkAyRdVjKdJmiwfoEJ62JZCypfVP9BVXQUX9w8yWUhZbjeeFs2eIEILFqVY0jsNbKqnwhTRl\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9f664c7c98de56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1,"size_decoded":0,"mime_type":"application/javascript","magic":"very short file (no magic)","md5":"68b329da9893e34099c7d8ad5cb9c940","sha1":"adc83b19e793491b1c6ea0fd8b46cd9f32e592fc","sha256":"01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b","sha512":"be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09","ssdeep":"","tlshash":"c700000000000000c00000300000000030300000000000000000000000000000000000","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-06-07T19:30:29.083606Z","times_seen":213532,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/chip-M8M-weOK.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.491Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/chip-M8M-weOK.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/assets/home-BiBL-sEQ.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-6e4\"\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fNDT3PFp0Y3oaEySY4v%2F6t%2BgGBYVEsfaefAdHsm6ZHUc24udqsB7g9tcyw8C9W69IA8MtUkxOBFe2WnRsZhMURnO2E5%2BGgh3ne%2BaH0zS45RJes%2BQ4GdC8YkRJZTy8J9N\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c7ca8f056bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1764,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1763)","md5":"9bb25de8e0123654beb26eb2b0163a05","sha1":"dabea460fbc898f2a0a696aa2878950276b2b49c","sha256":"56b00db90c05dd2629eea68fea7fe6af4bb92888795bac910970c9d688657965","sha512":"d60cf75f75022b05301fcc35c383b87a14998f92965302a51f0fca3f65b91b18b8988fe8b8ac2dc4f12897efa640a11f3bd8f5e9b165f822b49d331a23712017","ssdeep":"","tlshash":"1331769dbc82e232357b885e401517027b391eccf4389fc3daf2953e29d1849b64bb15","first_seen":"2026-05-04T08:58:09.598036Z","last_seen":"2026-05-04T09:00:42.137987Z","times_seen":2,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.iconify.design/bx.json?icons=chevron-right","fqdn":"api.iconify.design","domain":"iconify.design","tld":"design"},"ip":{"addr":"172.67.71.159","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.823Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iconify.design","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Mar 2026 03:17:08 GMT","end":"Wed, 24 Jun 2026 04:17:04 GMT"},"fingerprint":{"sha1":"C7:61:00:F2:D5:FE:2C:00:75:61:A6:53:17:66:5C:87:6C:DA:E0:F3","sha256":"5F:1A:78:B0:83:6C:E7:52:BD:B4:74:DE:50:8A:44:F2:0A:90:8A:03:24:08:4A:D4:F7:C5:AE:59:EE:6A:A1:8B"}}},"request":{"raw":"GET /bx.json?icons=chevron-right HTTP/1.1\r\nHost: api.iconify.design\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ptdufrain.com/\r\nOrigin: https://ptdufrain.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, OPTIONS\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding\r\naccess-control-max-age: 86400\r\ncross-origin-resource-policy: cross-origin\r\ncache-control: public, max-age=604800, min-refresh=604800, immutable\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=k7kfUhaliTeLUE7QgY3wN4finHfc41MRby0T1GT1J%2F6H5CR5Mi0abH6kzyR8U9caR1Mnmg7yBhKwM45R9vD26IXIzQmXWumTvUOWVrhocFAUyD%2FRcrGgWCwvmas1XLFI9Aaodg%3D%3D\"}]}\r\nlast-modified: Mon, 04 May 2026 08:57:35 GMT\r\ncf-cache-status: HIT\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9f664c7f2bbb56a5-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":225,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"af1d44672d46ed15d4a63a189aa43a03","sha1":"042b1ddd2c13e1021a93da1b258ce238cf2b2343","sha256":"f5589a6105c45b3499888910782c35eee25f264ef205cc128a8f94c860ed3971","sha512":"8a5a7e5de619669484c909569e58ee350e4f95758f9bfe528964a0e33ec82e52fd2b4cfdda54d8fc83c66c09a5c7f90621f0561328b79646ec71ef988ea4d899","ssdeep":"","tlshash":"e2d0a7d67b7965d40409754b884c41260e9a60353a1319085259e996317635eb453b10","first_seen":"2025-09-24T16:02:07.765532Z","last_seen":"2026-06-01T00:01:50.029278Z","times_seen":8,"resource_available":false,"data":null}},"time_used":133,"timings":{"blocked":38,"dns":22,"connect":1,"send":0,"wait":55,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/space-Dzk4V_ze.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:36.001Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/space-Dzk4V_ze.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/assets/index-RI4O5uHh.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:36 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-2b4c\"\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Lr1xkiKhiPBVnsK2oPeZYMt1ufo89fzSMrIeNImyj5GFeUw7TlmKFlhs%2B6sLEO2iyJNeViR2vZlaf48FcQD1oi04VkleIXqnohOCBm2VUU5D82oSXOkZT81vLVCoRNmT\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c7ff94556bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11084,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (11083)","md5":"e8e560ba38b2d17213ab683b98f9f096","sha1":"3a3f450e32b7ba370fe9d81c2f1a8380c5a637d6","sha256":"11625b752da846a465c99da6ef685d6cd4bcfe706167f34a97c818eb00ed26a1","sha512":"04d346d1aede8c3be168113f2faba004deaf38186d13c94dc40cd45c48ddbdd71dd86697e125445c590a6f9154ffb36f7ac15c7f6208b6082c208322a33a235c","ssdeep":"192:SAF8Rw1Ekdirgd7Onx2bYLAsH7uflSivBMwJfnA6XTuO38/5B9YQuyH:BFL1Ekdikcnx2bY0sHifljLJfTXTuO3O","tlshash":"f23209c834ae69530d6b869d30eb5102a734339ecc9925e1815a4e2d2fd9c4463bebbd","first_seen":"2026-05-04T08:58:09.602625Z","last_seen":"2026-05-04T09:00:42.147668Z","times_seen":2,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/OptionSfc-B-mh0p36.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:36.001Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/OptionSfc-B-mh0p36.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/assets/index-RI4O5uHh.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:36 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-ae19\"\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yXmX4GEBvy8bkGHo%2Bs0Nbdd%2F7qE8QWiUt4WxOJp%2F1U5tcV6aTVfnapN3CxG6AuhZ8sqnHWEKzMEEbp6ujb9wQR7%2BJlZQ3lUVrW%2FmrRwWKajD9zzWr4JkvcWAxpmKm6GP\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c80094656bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":44569,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (44568)","md5":"24110eff19ec164f4a421b21ac291850","sha1":"be5ceae1d0bf288bd8959ad80c370dcd1177e247","sha256":"19129c099f79f9081729ac411b22863243aed71c6ee547f78d027d4ab8104eee","sha512":"1b9f5a92ac25d2c83799e5c6ab1156cbbb3e283215478b6b64645328b9e6e4a136f4d55b386813b96e55168fbf0801a3aebae51a8450c9ae664cca388d6b1057","ssdeep":"768:4sgcyaZHUJ8tu5K4iJK28t7MzX+ZKYY8pVOXUAa21FAYHvHZ63e1Vu3Y6xdZAz1p:4qZq8tu84iJK28t7MzX+ZKOVOeY43KVl","tlshash":"84133c8c34597673467f85f6909f040ab3321759900c95a0a26edb9d3deac68d2bbf3c","first_seen":"2026-05-04T08:58:09.53321Z","last_seen":"2026-05-04T09:00:42.140535Z","times_seen":2,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"d2kn51ra8uyuf5.cloudfront.net/e6f11141241267bc0627aab41307ab4836ef73e171a6f9e066d99e76fd8a104e.jpg","fqdn":"d2kn51ra8uyuf5.cloudfront.net","domain":"d2kn51ra8uyuf5.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.192.209.37","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:36.078Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Tue, 24 Feb 2026 00:00:00 GMT","end":"Wed, 09 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C9:18:5B:88:98:FA:65:52:EE:3F:8C:AC:85:C1:E4:56:E1:0D:39:DA","sha256":"C6:C6:D5:C7:F7:92:11:BB:D5:98:B6:EB:43:02:E5:65:7B:E8:32:E7:75:CE:E0:A8:29:B0:DE:A3:5E:AF:4E:02"}}},"request":{"raw":"GET /e6f11141241267bc0627aab41307ab4836ef73e171a6f9e066d99e76fd8a104e.jpg HTTP/1.1\r\nHost: d2kn51ra8uyuf5.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\ncontent-length: 198178\r\ndate: Mon, 04 May 2026 06:55:35 GMT\r\nlast-modified: Thu, 30 Oct 2025 12:48:14 GMT\r\netag: \"d6d0e6bf2b5b79f016f66c4d923e0beb\"\r\nx-amz-server-side-encryption: AES256\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 d229ccc15dd984a81023d1b57fa0adbc.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: snIp7hbzXO0LBROzfWpG5A-QZvaS5zfWA0YuIDi8rB5DdX57kPCULg==\r\nage: 7321\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":198178,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 875x1000, components 3","md5":"d6d0e6bf2b5b79f016f66c4d923e0beb","sha1":"82f1211705bde45d2ced576de4674442bef7be00","sha256":"e6f11141241267bc0627aab41307ab4836ef73e171a6f9e066d99e76fd8a104e","sha512":"eadb35a4296b02b620bed54f8792ce791783748dc7f0c276973988904db726cee499aa8dd1e7cebf4a9b2f31755e0c9a6685364774eb39ce855345f7c8e9033d","ssdeep":"6144:FOYiyjdHQWbsr3yXxP2IE2S6KG/qDCu1Tjxm:M05ZbsgP2dYfgZm","tlshash":"e914233d3350cd65d9efacbe8cb349b64a094b1c9db2611b14906412985eceec1af3de","first_seen":"2025-05-10T01:50:29.880358Z","last_seen":"2026-06-01T00:01:50.011729Z","times_seen":5,"resource_available":false,"data":null}},"time_used":121,"timings":{"blocked":16,"dns":34,"connect":3,"send":0,"wait":24,"receive":28,"ssl":11},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/index-DKa3v8JK.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:34.829Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/index-DKa3v8JK.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ptdufrain.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:34 GMT\r\ncontent-type: application/javascript\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Mon, 04 May 2026 20:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"69f07c02-76\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2F8q4zSYcjX3RoLBC15YJ2VLSNTOxA0oIDui3Z5oiuTg0HHk%2FRyDBlEDl0s22FWtt3i8o8O8SKwzvmO3LoCAG2BYmxVjOAwDQTNDh8N0vKgX1TCrXHaQnqKCGa4PvBX%2FC\"}]}\r\ncf-ray: 9f664c78987b56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":118,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text","md5":"d1c97b6e2ba46a1776a099ca5803bc6f","sha1":"bf1a9b4aa0e8a9c23a3bccd7816bfee2e090315d","sha256":"130115448f48e432f31bc2c333c6f916a6dd8b65a7e3afc5677d21c4bdd3e83d","sha512":"23122c80d81b32335aa2f08b937982a0331856d16eef408fb1b64ded2ff3bdda4ee3145d61ebaa3dd4cfa412399ce4f3b473a01d1ddb945428f2bc699c44b847","ssdeep":"","tlshash":"fbb092a74cb161b0008009c823185e92c83195bc37a682814699ca6a82986a75eaca24","first_seen":"2026-05-04T08:58:09.528833Z","last_seen":"2026-05-04T09:00:42.128217Z","times_seen":2,"resource_available":true,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/home-BiBL-sEQ.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.104Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/home-BiBL-sEQ.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ptdufrain.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-d33de\"\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zdOkIV7TopbyKzRO6QZKPXYg%2FHHpsj2%2FBtU%2BvEbtD%2Fcbhr%2FCFdM1UIZOvzKlmPux058BWcrACQCK8RJlz3ssIpnAQICxH%2BZ99Sz6fayB4Awm6%2B8FJULJfwYBMeyB9u5e\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c7a589b56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":865246,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"d33f080a6dab5ef48a8d6e2532afd039","sha1":"cd8e054f1a61df6640b273ee4bb4b72d1917e306","sha256":"cead80f8b11f214f955eae6b2317cc61a2626ba20970675fd0c946658434df77","sha512":"9c9b2f327b2ecc7a91c19934907fecedb267d2daecab1f553a04243b8d577d1b021b548b8c8c7d36f3e86e0aa3e9bdf19772d5b030e035397d2763c135f21f74","ssdeep":"12288:fGr/Jvqg9qGJ3p786/VC4MFz1+3sa1qeBmjovThl+45G2oA2JNF4:fqx9qGJ3p7K11ysa1qBovTj+o2JNF4","tlshash":"9d055b957285713742da90e6907a03007339dd687808c5acfa7deddb2da8e48b17fb78","first_seen":"2026-05-04T08:58:09.604981Z","last_seen":"2026-05-04T08:58:09.604981Z","times_seen":1,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":140,"receive":97,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/CommonEnums-DWIwllum.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.144Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/CommonEnums-DWIwllum.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ptdufrain.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-62b\"\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uLd%2F7xjwEPF5Nbc4fa7pFvygII%2BtE1bzS11%2BD3egFN%2BJVoip64t0V0ewVJcIU3TN8ocqu6IEJRepdqiBX6dxEg%2FipL8VweLPhgK1uqBOTr6gfrts26gxENwkDMMqtLvq\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c7a88a456bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1579,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (1578)","md5":"ea55104e22e81cf41dda2bf3b2b4a6b5","sha1":"98175d95318be3f46a4986f24f4f05c7a456c231","sha256":"e117656c983c9ede380daa5709252c1ff96f77e0d6125108a539278b27407ac1","sha512":"4900c6139f277087c0c8df858960e934bf4289cc2fd7a4ff38db111715c77fa4fac8a51edab83c0c736b658af6ee5b3b1c7b0bcc2f65b32249989b983a1aaaf4","ssdeep":"","tlshash":"0931c042bc267e74d04deb2cf42d395791ddb3cb89a823405fed6a3190c9ba45514ce7","first_seen":"2025-07-01T14:24:46.954203Z","last_seen":"2026-06-01T00:01:49.949027Z","times_seen":13,"resource_available":true,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/space-Dzk4V_ze.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.852Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/space-Dzk4V_ze.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ptdufrain.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-2b4c\"\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4YM9ctWEUXU%2FnSJx6V2rPI6z7FzH9VdEE%2BvEm9pgdlSbaxQsDnt0xGy5TA%2F06H7d%2BvkWv59K7ODKFF8SS60lI8AwEhtxa%2FF4D57AdkQtEJ94zqp6xUTAUex3UiTF0JBH\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c7f092556bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11084,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (11083)","md5":"e8e560ba38b2d17213ab683b98f9f096","sha1":"3a3f450e32b7ba370fe9d81c2f1a8380c5a637d6","sha256":"11625b752da846a465c99da6ef685d6cd4bcfe706167f34a97c818eb00ed26a1","sha512":"04d346d1aede8c3be168113f2faba004deaf38186d13c94dc40cd45c48ddbdd71dd86697e125445c590a6f9154ffb36f7ac15c7f6208b6082c208322a33a235c","ssdeep":"192:SAF8Rw1Ekdirgd7Onx2bYLAsH7uflSivBMwJfnA6XTuO38/5B9YQuyH:BFL1Ekdikcnx2bY0sHifljLJfTXTuO3O","tlshash":"f23209c834ae69530d6b869d30eb5102a734339ecc9925e1815a4e2d2fd9c4463bebbd","first_seen":"2026-05-04T08:58:09.602625Z","last_seen":"2026-05-04T09:00:42.147668Z","times_seen":2,"resource_available":true,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/2-C5N2P3GX.png","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.878Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/2-C5N2P3GX.png HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-2cf5\"\r\nexpires: Wed, 03 Jun 2026 08:57:35 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MHShyNdIiRobTvx6YynN2YK908eN8Iu5HE1a9DyqouOaNPJV37JNXZyvqAcoVBPyjqg7wfN6bqpkyaC0QAElu%2FFkFXIW81QJ5KANvmmd0Dy2n6Z93iiuKVxqrcnlOkId\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c7f393356bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11509,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 180, 8-bit/color RGBA, non-interlaced","md5":"0909087d3875fbe0269303135cdba836","sha1":"984f6a7090d80d94ba75cd15753baeadee83a7ae","sha256":"71cb7647309263d40da1672208d5eec1485630e33abefa7be3d16a167c5f79d9","sha512":"b454cdab8bf44860eb804f33a44628032007ee76ea2b3492f54975634e759f84d61ef3b92a1125f58468e8db6d6212a21c03ef5a975673302b4624d0772dc185","ssdeep":"192:SfzX2vU/psi88Wz6xY3eJAASJybzRa5FAaPtwx6XAfzF4RlN:e2vUu18u6tccI5FAalwxdfh4R7","tlshash":"36326b89e7d58e8fec84a8505acf52e8c893f754201d67e8bca034e70cc0d7519bdb29","first_seen":"2025-09-24T16:02:07.773639Z","last_seen":"2026-06-01T00:01:50.028449Z","times_seen":5,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/useCurrencyType-CJWjRXuk.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.151Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/useCurrencyType-CJWjRXuk.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ptdufrain.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"69f07c02-1b6\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=l3uqL8P0VYqtahZKSEnYlHV9Q7QO99PCG92pgz%2BPp4e0EPiB%2FbS3z7ADYWFgNynwbcmf0xXW2cUDwAuqdyeUCPGmnp7f%2BaMIK4w1iLr7JgUcorAkMdnZz3ZAZgtbDb2B\"}]}\r\ncf-ray: 9f664c7a88a756bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":438,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (437)","md5":"eea9773b482716c732610ec523e323b7","sha1":"fa89547bbfe2f63fcc47b7d4d0a4fa75f551f705","sha256":"dc5e3a821dc7cabc85f764a8ec37cea39bd62f67755d2dd8695e05d6458f5d3e","sha512":"25320c8f252f233998bb846ef2ede0bab35df6a4857ac9b3a6282a3206b8058af4b484e96a3684fe6a389ae318b4c0be81d4b718aeb969711b2619044726f2a5","ssdeep":"","tlshash":"46f0a34b7216f2bf42017cac911034765b75839423a1d7e0d18f0f1b563708e511ee6d","first_seen":"2026-05-04T08:58:09.600041Z","last_seen":"2026-05-04T09:00:42.157931Z","times_seen":2,"resource_available":true,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/TopNavBar-BZDqHTrm.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.485Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/TopNavBar-BZDqHTrm.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/assets/home-BiBL-sEQ.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-1415\"\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=my3H0ufn68Kd3m5uFqaQ9qrmNvdKxQ27Mk0EbxIPDAkNBtUjRwfxgz2EE5nzRvdF41XhABtHFZOVKfbIeYcylcUmoJm%2ByqgXu8YHFdNUnBd2QZyP4HPojCeD%2FwFUQ3r%2B\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c7ca8eb56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5141,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (5140)","md5":"01eebcbc87f24a07e633e24a5c1b50b8","sha1":"595a87af31a95ca4822688c1b713c5fd6d8b5082","sha256":"9a42a19afb42803a50df6601ba1f5370356fb6ee4a33e8454a49a68aa5835f87","sha512":"39ac79de233011e71e1efb8fe3128dde5fb510c5e73d69b5b3ede92192ccf88e5a7072dedabf1f4f6a41a7f408afd65dc41808acdd6947b421c5f46d13ae6f3b","ssdeep":"96:Z/JUGz4tviKUoc1G1pNPAdT5ZzhT4n5AagJT+ZOqjg9gZb4Gmkliy6TO:ZyGz4h1tAiPIvunfyTBKeob4GqPTO","tlshash":"f8b15cac5130897477276824ed2ccd143f7e22edeb5646c1a0bf4b35a785cb1e515338","first_seen":"2026-05-04T08:58:09.538593Z","last_seen":"2026-05-04T09:00:42.141662Z","times_seen":2,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/index-Bl8TdkM2.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.117Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/index-Bl8TdkM2.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ptdufrain.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-10e75\"\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=glZFd1vvA7tbt0rnpYvhSfU6LVVZROmIv5BPdXCw%2Bkstaq%2F2nB6Yi5c4AuUn1aMxtzIyQNymI7VaLtCj5fvDASdLDL0QwAR3BZpwGkX8TYsxuaFZ1PoQYCqsnB3KNvcX\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c7a689d56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":69237,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"c9e2f874f500ce76cbeb1f51136f0dba","sha1":"48d1e62bc0926d8e65975f5af66e68884b67a9ff","sha256":"2c96a129b34ae7a9d8d12c74550d9b30fbeb51079e1be0c50988ede3ad67bf8d","sha512":"3683efb548efeb0ede1ae0e602c20096b1ab625c8fdafbb27a582f19475d39b523e82a5efaf67ab9dff6cbbb85f95380786f77a519b549bc11f58392f4401584","ssdeep":"1536:TILqFhiSFoHI1tEalHFjSF9J/ibNtkI0tdQu:TILqDiczEalHFuF9VASdQu","tlshash":"5963f7d47ad1b07643da22e0401f4406f23c5a35b49c94e0f698e9fb79fa50a8667f3e","first_seen":"2026-05-04T08:58:09.612936Z","last_seen":"2026-05-04T09:00:42.142945Z","times_seen":2,"resource_available":true,"data":null}},"time_used":79,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":45,"receive":34,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/index-DBQDCAf-.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:34.811Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/index-DBQDCAf-.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ptdufrain.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:34 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-52fb\"\r\nexpires: Mon, 04 May 2026 20:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oJVwEibZPFcmq%2F6RhhGaOlpxTvrL2ytF91HWeqM2cuQRidAHOF4awPbbNZWBNCBNZ72s5WnoHQx5X8XgVq3%2F5mYS3qUtAzXgg5Um1OrMl3TmAXrMBZCvb0%2B5zXKTJSlD\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c78787856bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21243,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (21242)","md5":"fac8f3e0b90bd6cffc6948d658ec0824","sha1":"fe2924848c15ed8fb8a28584e5ee7b7750320fba","sha256":"63bb3ef49665c73366b269f28b8a26f90381f9552e71e2b3848aad37ef193cf7","sha512":"d0e4fecb4d24b416f7307d0f7ba891562f8d31ddfa5dd311d37ce6083a3ebc2544a08522af481910463c61479b56fefd5920f3fff384f0dfc5e1c74c4069874e","ssdeep":"384:sA4c4mRxX6sUaDkeHixFUXdIuFu7tJc/3W1:Cc4mRxX6XaDhHixUWJK3W1","tlshash":"1f92c95ce591a36cfd32894632187824d22d16dafed24cf891bebd112381cfcd29659f","first_seen":"2026-05-04T08:58:09.566852Z","last_seen":"2026-05-04T09:00:42.148849Z","times_seen":2,"resource_available":true,"data":null}},"time_used":109,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":108,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/badge-Do0PY6zV.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:34.843Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/badge-Do0PY6zV.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ptdufrain.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:34 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-7e0\"\r\nexpires: Mon, 04 May 2026 20:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=k2zf4SFxoIzvBW%2BKkqz3TjcDojiy%2Bl4ssIgOWXNglLXlVncfubfgdMugPzH9TSPFn5SHhiMmWUZX%2F5s7UbegqVbYGWCbcYNmV7ZxmP2VnkEVJWkyBJI3%2BkQMvd64iZJC\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c78a88156bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2016,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2015)","md5":"aecd9f866e1e0be2ba02eaa24eb85f43","sha1":"e0b340cb061735f7a33641ebce82499472195caf","sha256":"842fc359500d201517e70f0a373cbac806495994213007304931ae055c16e947","sha512":"aa9f794cd12be4651275a2779c05c23850fcee6307279b645702db82d3c1dcaf140230476850c0692c55118c71472fe86e431320b53465e92adae38db3cbe308","ssdeep":"","tlshash":"2e41339c7401eab707a785c5512d1500b3241a9ddcb8a6d6a3df9d782fab406304f765","first_seen":"2026-05-04T08:58:09.596179Z","last_seen":"2026-05-04T09:00:42.133754Z","times_seen":2,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/provide-7AHU9OSu.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.156Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/provide-7AHU9OSu.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ptdufrain.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"69f07c02-372\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qBikPkVnOxwJiSzccjovGTPunahKoUwjpGF4x3hI6nyZ2GaW6nzma7TOBfSxzzvPXvSiEqn4YeLeCD3CyGH6kTrIBR2faAgZzHKNymmFOBjgv1pL2fqppSBWYMVGPkvH\"}]}\r\ncf-ray: 9f664c7a98ab56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":882,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (881)","md5":"2f80329a76543f98086a586b3619316b","sha1":"8b6d2b07ad553ebe6ff65dcd6b87375a26a51eb5","sha256":"2670a30f01e8696540e338d91de2d27f198d311bccb1ffec7d7741fa283f6cbc","sha512":"e9778a277bc4749ee1ff5b101f25bb61df08e8e62d10a895e600de2891339e4179eeff2fbf6db608877eeddaabef2ee511fe0b85180e75a80c878941818fb9b6","ssdeep":"","tlshash":"9b11238df98379b1e2291cd1cc7e0c7d993a15647dafa4c24015fe15aca0899939fe0c","first_seen":"2026-05-04T08:58:09.567787Z","last_seen":"2026-05-04T09:00:42.149427Z","times_seen":2,"resource_available":true,"data":null}},"time_used":110,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":110,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/hoverOverlay-l0sNRNKZ.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.161Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/hoverOverlay-l0sNRNKZ.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ptdufrain.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 1\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\netag: \"69f07c02-1\"\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Rv0d7sFtf6sFuksESFOcTauWz2wsnL09bVNtrcIrDvO%2BJqbZXYDZD530jyjKbqdxeA7ILHf3Yv4494LvAcovIs7nEl7iegE0lZJqAAef6M8wgPwgKOdjVacXynCng68g\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f664c7aa8ac56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1,"size_decoded":0,"mime_type":"application/javascript","magic":"very short file (no magic)","md5":"68b329da9893e34099c7d8ad5cb9c940","sha1":"adc83b19e793491b1c6ea0fd8b46cd9f32e592fc","sha256":"01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b","sha512":"be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09","ssdeep":"","tlshash":"c700000000000000c00000300000000030300000000000000000000000000000000000","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-06-07T19:30:29.083606Z","times_seen":213532,"resource_available":true,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":106,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/index-BgfhDPph.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.171Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/index-BgfhDPph.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ptdufrain.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"69f07c02-112\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QJbRPVw5V09Xzkk9SUEEbswAi2VSeQDV0jEEtJfHGXl1ENx%2BZ%2Bhrm1BumEePjSdJzeStbCkWt4lNuRzoEYXN5x%2BFv%2F7e%2BiRrComWGvL%2FyqR2AfS9a5quwGlYE3XrwzHv\"}]}\r\ncf-ray: 9f664c7aa8b156bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":274,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text","md5":"285abc09e5583615c53749ea7df64e50","sha1":"02d6f1d7ccefacb29307dc63fd7c4a23d50e94e5","sha256":"7432d1e2a1a51f00b08555100a899f40ab963b5ac82828f9e1247ecab8ae2c56","sha512":"f803eee71751c2e5932057264e9afdf7704b22b786c5e613c8b865841a29c0d7cfb13301632b774911fc5e56534259d3fbe75e8a21928720486f4f9a5c2e39e6","ssdeep":"","tlshash":"bdd02b9e445bc27710081b576d064f239c2a8a1631350a79320e181b471dc89600ad9c","first_seen":"2026-05-04T08:58:09.548765Z","last_seen":"2026-05-04T09:00:42.15846Z","times_seen":2,"resource_available":true,"data":null}},"time_used":108,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":108,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/OpenChat-C1SCj8rC.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.850Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/OpenChat-C1SCj8rC.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ptdufrain.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-b650\"\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cypz1tUurT%2FGD%2B8yeY0poD59EPp2Os7qiZEtc%2F0ymf4u50RTrNGQKrAC0RXzj0egpok9zxTIqRQ%2BjL6V3gRjMUHeCCWXD8iPFbJ0bIZppWtFrKHyLlZhTjutF9mqLnkV\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c7f092456bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":46672,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (44543)","md5":"1d52594c3c1c131a42ba5f069521fc94","sha1":"511a81b35074911dc4edac2ddc2fd51359e6963d","sha256":"4e01bcc1c7a5a5a647d7ecaf08efcd85d056e799eb25b21fb0048322ad2a32be","sha512":"0e6980cb01ff2b060df688f9cd4275cfe7a4acfa44fd9d48dd8e8175780569523f9f025822fdbb8e351a0257db23a6cb4e514fc8a2d0c09ee28cc80c94b6394f","ssdeep":"768:0SMcAPGQJHWvU7J3rgBW/8QcB4Ur14i+7RB6hJg4tNqJFVsfk7f:LAUU7d7+6Uh4i+7RB8J1tNqJwu","tlshash":"7b23f8dcb287b069937354b9047f6047b23a3c61681d8952e437c9853cb9e6e813bfb9","first_seen":"2026-05-04T08:58:09.574369Z","last_seen":"2026-05-04T09:00:42.127422Z","times_seen":2,"resource_available":true,"data":null}},"time_used":135,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":134,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/index-BEYGIRmU.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:34.412Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/index-BEYGIRmU.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:34 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-db9c1\"\r\nexpires: Mon, 04 May 2026 20:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zlZUVTy9Ob1X5Vml0Y1vKrQb6NraoizaiQJ1TuBOdxGpgWvY9Nuhi15gPxZRdovwixLdxwX63x79QcKXSMVrhImf2gM6Wec7q8McDHigp%2FrtJcBqEpmumrb3IukXUcHe\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c76186456bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":899521,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (41825)","md5":"bab41ec3b3608769ad37ee84c9b2b2a7","sha1":"b130a3f395a4d4338e2134b30b3b7fee092fa52c","sha256":"7c3d6ad64916cabbaf82a776d37edbfb7d4fada2342629efac2de2da31884f8e","sha512":"0c254dbfca95b0792c093419ced7b996bc0214094f964559b5b23b10016216738ad156842ce7c6754af4988dad30f366cec3e3f1852db8daa5f77a412b552e37","ssdeep":"24576:vBRotUkutfiS/JbOACp5DLB7krBI4gkIMsDo5u5q6PZNUlx4MT4ERE3z74V7j:vBRotUkutfiS/JbOACp5DLB7krBI4gk9","tlshash":"28158d29add9312d4aa207c4b2531a77f2acb114b548c891e1ddc7bd20dbe8cd17ea7c","first_seen":"2026-05-04T08:58:09.614056Z","last_seen":"2026-05-04T08:58:09.614056Z","times_seen":1,"resource_available":false,"data":null}},"time_used":242,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":144,"receive":98,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/style-sg74ike2.css","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:34.414Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/style-sg74ike2.css HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:34 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-492e5\"\r\nexpires: Mon, 04 May 2026 20:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Qn7Yij4BISJ2%2FkX%2FZx4cCgjL3HBTw29ygykKm2Te0O8hn1zOBMsyTvyQA56UYStqzg7QaCZ7GreI25DO1aUvnvP%2BoJuE%2FjLmhgjJIKO14OJFEWeMh0pUf6LBpN5OBlqo\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c76186656bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":299749,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65018), with no line terminators","md5":"851682731fed25f14e775ccaaf7f192c","sha1":"4cd32f7f2674d870ea98f8fd36fd462df945bd80","sha256":"aa1b9062394b9772688f614d60a3d97d228393e957f498bc48de3f15eb6ac9a7","sha512":"19ce01c8d9c4023a8cd774fdb5369ee4ab9a507634a239828c1e7f470dcff2197ee5214cc6295eba6bf872d5609834325b8e8ef2df491941a783b33531ec4566","ssdeep":"6144:C8k7KkenxsakrRG64xsAS4AXjEmKNJ6wwQrVD3H:men1mRG6KBO6","tlshash":"eb544bb4f68494fd6b27c5adcb85e698fa29f9d3ce015aa4f205510ccec72f21253a34","first_seen":"2026-05-04T08:58:09.614992Z","last_seen":"2026-05-04T09:00:42.161669Z","times_seen":2,"resource_available":false,"data":null}},"time_used":219,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/index-DyPrblxI.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:34.839Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/index-DyPrblxI.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ptdufrain.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:34 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-7bb\"\r\nexpires: Mon, 04 May 2026 20:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RoWqoTUKl1yy7i%2Fv%2BfrRmYKX%2B13Gyupi7wofpj%2BeYYwGwM2xzH%2BCdSC5SYQIapRJgONdpx50ttmMOd2D4kPoECjzR8Qzp54QNaCT75CMfxQ6N51otHV1rktJtCZjn1jg\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c78a88056bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1979,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1978)","md5":"2e0e64dfe193a2ae8da0aa341552e6e3","sha1":"5863c65f61e43b11c1092c91971667ba33e8c501","sha256":"06900f192febdf7dd86b85c01753ff4531b88a9cd884974b184291f658f4e17a","sha512":"d9b2bd3e438b6f11adc5fbe15cb773de4e291b2c24a0d1c843f6666778427eec6ef95e0d11693f395a205759df965d7818bfedb96c040f02e6a11eac83ed81dd","ssdeep":"","tlshash":"8f41cbcd7bc1ac38a6b609e0956f217a23a71643e57c80c4b638bcd53c1987887a7d2d","first_seen":"2026-05-04T08:58:09.615927Z","last_seen":"2026-05-04T09:00:42.139169Z","times_seen":2,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/4-DMN2D1JC.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.152Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/4-DMN2D1JC.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ptdufrain.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"69f07c02-92\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Bq%2BOqe%2FqybffT1HYEQD1nIuwKPEgJfhgyOYImpaAaHRUUf6%2FpKwi%2BvdkbrfjWJHJGlicSn%2FXaMxdENQvhtoqe5p6SlRAM%2BqUSiH96PsFfdeC%2Fog%2BKCeHK4yWZRIxg%2FSb\"}]}\r\ncf-ray: 9f664c7a98a856bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":146,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"c090fb93fb24ddd8edbc604b6e2fbf90","sha1":"211c10d2973b139f4b35849853a23745485787fb","sha256":"43f6311004792badc8480479a61a6f861f5e03118ae6e88e74be99e6fcc6d93a","sha512":"e849c8fc9d95b84d8fd39e94e357016f36a31171dfa168b742d21c53a7fc4ea14198e2b33d8219c12b6c10165f793d7da979e99459685786a6be3d7cd21efd65","ssdeep":"","tlshash":"67c02b8c48404420423338a849b3edc1801c3712ed20c3fc8430c08dfd14c01000fc30","first_seen":"2025-07-01T14:24:46.974761Z","last_seen":"2026-06-01T00:01:50.024997Z","times_seen":11,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/4-DMN2D1JC.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.470Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/4-DMN2D1JC.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/assets/home-BiBL-sEQ.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\nage: 0\r\ncf-cache-status: HIT\r\netag: W/\"69f07c02-92\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1bI2BjPMecrVCgtHwQ0FCaeRwJ9CkI7jTr2xpdD%2BBQLcuI6VtZRjkpfHJMIYcfdScupVRqR5fsjpTuGdt8Afd8gMY5utNpS20Pkm2VPhKSZEaUENKq2fdEWRdz3PUo%2Fi\"}]}\r\ncf-ray: 9f664c7c98d756bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":146,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"c090fb93fb24ddd8edbc604b6e2fbf90","sha1":"211c10d2973b139f4b35849853a23745485787fb","sha256":"43f6311004792badc8480479a61a6f861f5e03118ae6e88e74be99e6fcc6d93a","sha512":"e849c8fc9d95b84d8fd39e94e357016f36a31171dfa168b742d21c53a7fc4ea14198e2b33d8219c12b6c10165f793d7da979e99459685786a6be3d7cd21efd65","ssdeep":"","tlshash":"67c02b8c48404420423338a849b3edc1801c3712ed20c3fc8430c08dfd14c01000fc30","first_seen":"2025-07-01T14:24:46.974761Z","last_seen":"2026-06-01T00:01:50.024997Z","times_seen":11,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/index-Bl8TdkM2.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.484Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/index-Bl8TdkM2.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/assets/home-BiBL-sEQ.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-10e75\"\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jNJGoJan7fnisSWFdm7l%2BxUI836EBzlPSVEHEOsY6BrM6%2BrgDKqGfbOvuKmodVT7W1rHLLD2sxyQ8zTBGqnJBA8S7%2BFYPLFn0%2FaO3g7YIqN5GbR0Ni1S9jkvhEMej5%2BI\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c7ca8ea56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":69237,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"c9e2f874f500ce76cbeb1f51136f0dba","sha1":"48d1e62bc0926d8e65975f5af66e68884b67a9ff","sha256":"2c96a129b34ae7a9d8d12c74550d9b30fbeb51079e1be0c50988ede3ad67bf8d","sha512":"3683efb548efeb0ede1ae0e602c20096b1ab625c8fdafbb27a582f19475d39b523e82a5efaf67ab9dff6cbbb85f95380786f77a519b549bc11f58392f4401584","ssdeep":"1536:TILqFhiSFoHI1tEalHFjSF9J/ibNtkI0tdQu:TILqDiczEalHFuF9VASdQu","tlshash":"5963f7d47ad1b07643da22e0401f4406f23c5a35b49c94e0f698e9fb79fa50a8667f3e","first_seen":"2026-05-04T08:58:09.612936Z","last_seen":"2026-05-04T09:00:42.142945Z","times_seen":2,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/app-api/infra/config/currency-type","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.727Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /app-api/infra/config/currency-type HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ntenant-id: 1\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ntrace-id: \r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate, no-cache, no-cache\r\npragma: no-cache\r\nexpires: 0\r\nx-cache: MISS, MISS\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tVWaOB9fDY5ATEqsmu4DW%2BNycgB5f5HXc6UNCX5XU19qvpmtJBOFBT2aIWhivlkuhc84ZR9%2F4Rub%2FhG%2F6EimAKULG8vmLNdttzeSXtku1J%2B%2Fom%2FEOayZR9KMaH5hW7BChIuffOZS02b89w%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=3,i=?0\r\ncf-ray: 9f664c7e591256bd-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":33,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"e4a0e6ed1a324916e23b6ff5ae24d3a2","sha1":"d2e66d04fd5c6f12f9abbf30195984562dd20235","sha256":"64f2285ab0853789425fde48381c73b7ec033e2d60fac84a9f3ca64e055458c8","sha512":"84a2e711132306ccbe7803721b4ac861dcb52f172d50181b36357d5c26cc02317a05ae36fc63b152022e652bf2c543f721449aeafcbb3dd4bd0967bfe1f8c637","ssdeep":"","tlshash":"b3800000283c02238a2200ca3cce0280a0282aa00c22c3008e8ea220c28aaf02200830","first_seen":"2025-09-24T16:02:07.772149Z","last_seen":"2026-06-01T00:01:50.027674Z","times_seen":4,"resource_available":false,"data":null}},"time_used":60,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/6-CURnQg_j.png","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.883Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/6-CURnQg_j.png HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:36 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-5643\"\r\nexpires: Wed, 03 Jun 2026 08:57:35 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FZ5MkPI4LycgdF24twXzEwrKqafxoMYQhq25iDaw6vW5fZzKFsoqrHIcu0o1IhKmJscjMvy2n0NssumgOrK8koks7GlF5tDQUuaOC%2By7X2FBeopaMN3ZwjCz8I6l1OiD\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c7f393756bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":22083,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 180, 8-bit/color RGBA, non-interlaced","md5":"e8967d983e1fc271ad791430acc42b6a","sha1":"ceabaeb1e938f89169628313c7928f63dcdbf0c2","sha256":"ebd84c07d4c0813d2eb45ff641b2c181ff1c62dea4e69d058abe09033d6d4dbc","sha512":"e6b125852fe8edf0d401bdedaab62e518209f77ac20620dc423890651f200cab4f1d15bc5b204b40e42192e0cca5e27a679cf64f9d81619a7f8a5f7e744bb9f6","ssdeep":"384:6tXBbTIZYror8P7Whxb2nGnEeireLFst5iJGg30nPgbrFvBh383djbSh:6tXpTIRr8TuHEeisFiit3+muFbm","tlshash":"4aa28c96eec49c12900791f99693d892fb07e893e068713e7bb47b36685c45b40e3bc6","first_seen":"2025-09-24T16:02:07.748052Z","last_seen":"2026-06-01T00:01:50.059098Z","times_seen":5,"resource_available":false,"data":null}},"time_used":143,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":143,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/Footer.vue_vue_type_script_setup_true_lang-CJ5lkL5V.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.454Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/Footer.vue_vue_type_script_setup_true_lang-CJ5lkL5V.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/assets/home-BiBL-sEQ.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\nage: 0\r\ncf-cache-status: HIT\r\netag: W/\"69f07c02-16f\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EsDx0TseHP4JVEDPXF2JSfnFpmYnr9KJm8fh6NnjCYPrspPzhEi2ZWvU%2FMcQgnpLDcgz4KbM8zvv8R82OzZjJjeRORC4yawZjsAKzZdvldoww605B70FquPJM6Mktfb5\"}]}\r\ncf-ray: 9f664c7c88c656bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":367,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (366)","md5":"b8cdb023f787795940e22f38e616e7e6","sha1":"9e29764806a3daefe0c59ec883675b200385679c","sha256":"df02c57352d381392d2e7c444cc155d2f094abbb753afd923ababaeedc4378fc","sha512":"30b4c0a3e5f4ec1268c355d799568ed7d106eff827eea7347084920efbe88f1ca4144325b23925380c183e59a0bc0c6150913a95665b35d9be36a26392c99e7e","ssdeep":"","tlshash":"2ae0c04c8845ebfc128604bc171e501056080719b368c052a25c9d769bd603bd11b931","first_seen":"2026-05-04T08:58:09.569828Z","last_seen":"2026-05-04T09:00:42.137367Z","times_seen":2,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/provide-wn3gcSia.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.480Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/provide-wn3gcSia.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/assets/home-BiBL-sEQ.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\nage: 0\r\ncf-cache-status: HIT\r\netag: W/\"69f07c02-8e\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uIBy5x38mLJN1BB3xPyykVOUnWMxgwX%2BpYCH6WXBA%2FJrfFboICG3XPBrOBPDeyHAcUxvUKb8DfK57JsYkEi33wIsE6iMomhRSoJ4Yw8nGrvtxWhTSQbqyfEpLIyf0C5M\"}]}\r\ncf-ray: 9f664c7ca8e856bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":142,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text","md5":"294513d785ffd391a84e326f4f595cb3","sha1":"1123b285c8e7bd82f15d9b5c5b806019df5a4333","sha256":"1b17073fa327d0723c2079a95a214e0198004f5d9c1df8c5257926415e552ce6","sha512":"18cdc7e106f7f771cb436bf7eae93a6dea50b53d812dfa6d93fdf023460fb04c230d7c61878f88afdb868588e0653ac4995bf1b03dcf16dba991baf9e2acf2c0","ssdeep":"","tlshash":"e5c02b3f19c06170c5032c8749adfd028538b46d3ec4918060450e9327b80ee9e5de49","first_seen":"2026-05-04T08:58:09.570759Z","last_seen":"2026-05-04T09:00:42.126807Z","times_seen":2,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"d2kn51ra8uyuf5.cloudfront.net/m3u8/subdial/subdial.m3u8","fqdn":"d2kn51ra8uyuf5.cloudfront.net","domain":"d2kn51ra8uyuf5.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.192.209.37","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.983Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Tue, 24 Feb 2026 00:00:00 GMT","end":"Wed, 09 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C9:18:5B:88:98:FA:65:52:EE:3F:8C:AC:85:C1:E4:56:E1:0D:39:DA","sha256":"C6:C6:D5:C7:F7:92:11:BB:D5:98:B6:EB:43:02:E5:65:7B:E8:32:E7:75:CE:E0:A8:29:B0:DE:A3:5E:AF:4E:02"}}},"request":{"raw":"GET /m3u8/subdial/subdial.m3u8 HTTP/1.1\r\nHost: d2kn51ra8uyuf5.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://ptdufrain.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/x-mpegURL\r\ndate: Sun, 03 May 2026 12:50:22 GMT\r\nlast-modified: Sun, 21 Sep 2025 15:33:40 GMT\r\nserver: AmazonS3\r\nx-amz-server-side-encryption: AES256\r\ncontent-encoding: gzip\r\netag: W/\"1375cbeab8c236d8bd6f2bc4d4ed9173\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 a82071c7a558f0fabf37ee3b940ad600.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: Br2rgyOMk7nZyke9cudzlsqYKfdLqibxVw9Lzoy3MI_ZM_HzuAUF3A==\r\nage: 72435\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":1649,"size_decoded":0,"mime_type":"application/x-mpegurl","magic":"M3U playlist, ASCII text","md5":"1375cbeab8c236d8bd6f2bc4d4ed9173","sha1":"d14da7cf93534850646392949e47dc9aa0cae11a","sha256":"1ccdbf6d236d5843a542161a90a6fe10c780d2bb7c1d80573fe90026a7992303","sha512":"16b99cac06f9f6805d5e3d5170e692d764095787127cd813d2793e6abb12eab08558bbc8f0e8cd11b994638f8769441edf185fda57e9ee50779530befcc2135a","ssdeep":"","tlshash":"17314646e5803046d41b7f71a68368e8a015bc6a2fc2fcd100c09ff51fb2f9a21d8a3d","first_seen":"2026-05-04T08:58:09.619736Z","last_seen":"2026-05-04T09:00:42.150089Z","times_seen":2,"resource_available":false,"data":null}},"time_used":46,"timings":{"blocked":10,"dns":1,"connect":1,"send":0,"wait":23,"receive":0,"ssl":8},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/ripple-CQQt-rVd.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:34.820Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/ripple-CQQt-rVd.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ptdufrain.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:34 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-e6c\"\r\nexpires: Mon, 04 May 2026 20:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4qE8wAJzrvJ8MTmf2f9JY2gvTs50Fj1%2BhVgCY2720RnAZExDD2z3PwzPKlJwHH9efJnqGV%2BFh9BgwfJXrQgXg%2BN8lrMSaQS7gJdCrlbbKE4AH8Sm58%2B0oHOUnZee49QR\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c78787a56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3692,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (3691)","md5":"ccb3ea18aa8110a068210135c6c1b2af","sha1":"77b424a8fc8070ca262d3b486e70919f16d39e00","sha256":"01c56537322008b6e5fe17bb35f41aefdacfae83d79dde8593bc3c86a1e06d17","sha512":"586cf19f8a90394c80a513e57962375baadaf85efe9bb2779725d7acde40f121564245a7d4904c10764611f3afca48ae74636853336e6bc6fd6fd01526b48bd1","ssdeep":"","tlshash":"de7176e55b112e7432e6aacbb2f6e301b3390189a0e65490307fce7037b5de6529d4b6","first_seen":"2026-05-04T08:58:09.555125Z","last_seen":"2026-05-04T09:00:42.133178Z","times_seen":2,"resource_available":true,"data":null}},"time_used":119,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/loading-l0sNRNKZ.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:34.961Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/loading-l0sNRNKZ.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/assets/index-DBQDCAf-.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:34 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 1\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\netag: \"69f07c02-1\"\r\nexpires: Mon, 04 May 2026 20:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oFnNNqxKu%2Bh0Wg%2BbtRyXYIfK5zSDNn4LsNpZuQkI1GhIg%2F6cJGEwFUjtDW6MIimvXBJJ4EhXXoeN8qd2pxmXNE%2BCgx%2Fa8na1jesCBlBWF%2BBDTy%2B%2B9fh1sy3hXSLtZa%2Fo\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9f664c79788e56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1,"size_decoded":0,"mime_type":"application/javascript","magic":"very short file (no magic)","md5":"68b329da9893e34099c7d8ad5cb9c940","sha1":"adc83b19e793491b1c6ea0fd8b46cd9f32e592fc","sha256":"01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b","sha512":"be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09","ssdeep":"","tlshash":"c700000000000000c00000300000000030300000000000000000000000000000000000","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-06-07T19:30:29.083606Z","times_seen":213532,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/button-BRRKRYaa.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:34.962Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/button-BRRKRYaa.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/assets/index-DBQDCAf-.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:34 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-1129\"\r\nexpires: Mon, 04 May 2026 20:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oH4%2BkAzpxAzQXBgIcHYqYTwsOwom%2BnRQcu30RUj3t5%2BBPyOo7TRezvATXfDdTmj5wwbSggxfAC8K1jh6aFxukICb7iugzcqnHZd2uU53TSrkKVHwhZrtCr4Rr0Orqsm%2F\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c79788f56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4393,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (4392)","md5":"735d9b04aa8aab5e489b6962e63bf52d","sha1":"d1ff55628212f915c6f116efd6b4f04435dd6e09","sha256":"f0c968f0c915a29be76b47a9ca1c8d409b71c80235f5bff988b99761040382f9","sha512":"303823021b7b8e019a3b2915653f38614b2517bf92bea9e0e69858cb4a2f61925de86aaa4384494cc2f7cb1005b3dd13a2538adfefa1ba42f62b2bf6a1848805","ssdeep":"96:Kw0inMsswmpm2XLSTVdwSgWFeLS0Xy3XHT:Kw0eMHteTVdwSgIPHT","tlshash":"d891fa0e7c1ba07f7eb344c8a05e0445db3097afd0789ad4f3955b395aca408726cb27","first_seen":"2026-05-04T08:58:09.584208Z","last_seen":"2026-05-04T09:00:42.134383Z","times_seen":2,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/icon-D0afa0aR.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:34.964Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/icon-D0afa0aR.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/assets/index-DBQDCAf-.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:34 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-65d\"\r\nexpires: Mon, 04 May 2026 20:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XR6N1BUSMimWXR%2BJrxw8nxNS%2F%2F21LL0IUFNaktRPxbO1lxLjTAxSKYvsh42gIx13d8pQpzPDS3gXY8wj2RGlxHj%2FKl9xwebY9JJCUqPHeE6WPH%2BjAn0fojih%2F4AFud2b\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c79789156bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1629,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1628)","md5":"087032efbb973d80fccfcf3ae16b1429","sha1":"cd03c836994dc1ac19829f48ac6f529f10aa57ca","sha256":"3c6642910c3c6f6be3213108b9a72de4afa0e555b97350b60edff979ed3b56dc","sha512":"27335735638119e1df3913306531c4d5e401045d00bda65f09659bbce8d8d2cb0e2d29651cb2444895776bf2e080b6759a29cac564c8dd2c0ba3e66448b00674","ssdeep":"","tlshash":"6131561c3905d9b7277f0954904bab061338458df96086fbfb32de352712818eaaaf67","first_seen":"2026-05-04T08:58:09.620547Z","last_seen":"2026-05-04T09:00:42.128993Z","times_seen":2,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/common-button.vue_vue_type_script_setup_true_lang-BEkc2Csi.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.125Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/common-button.vue_vue_type_script_setup_true_lang-BEkc2Csi.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ptdufrain.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"69f07c02-3e6\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=q888l5HMKL3YBQK2TKhoDBwPusc%2B1a9qytjKvg2rIeyztAK5FsWlBOi9ou8l3o38Nft%2FDQhsRqRI2kk6vD9apzPn6zywHVGEn2fBivdIYgHq5PrnRL1IPpethmuDt8%2By\"}]}\r\ncf-ray: 9f664c7a689e56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":998,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (997)","md5":"f5d23d03aabfc1d8ffa6d0d4b5931490","sha1":"f68a4222c3c77c1ddcb72e267ea0b16421c5e4a4","sha256":"a2f872e39a932f30743e08374201340abc11956b2fe0b93396243edc4005baaf","sha512":"f8deb1e22e2f55996ff859e44ec95e901eeed9c93b51aa82c0ac812aa0d298d7084ca4957e08cb822be13b806647004783937510342cca75284e9df7b2f478fe","ssdeep":"","tlshash":"6f11ed48f40f9bbf72ab8c5c8a26162096037b8c6830a6fe5a6749329280c0ed54d776","first_seen":"2026-05-04T08:58:09.57339Z","last_seen":"2026-05-04T09:00:42.14232Z","times_seen":2,"resource_available":true,"data":null}},"time_used":126,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":126,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/popup-a-rrNNWE.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/popup-a-rrNNWE.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ptdufrain.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-c7c\"\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4yEefjxSsT6REqORvF0XkNqs5hisNGgBGuLFVKKQcNgUkWJS8agFbIg7ifa%2BB%2B8uxWO%2Fih8f9XSUUy1sp%2Boh9o2WL4sclkekF8oKbR8eUW1W77oGTzmfNt%2F127YFg5wM\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c7a98aa56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3196,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (3195)","md5":"921c5debdba9cc32389fb363642de1d5","sha1":"760794631144a3c3bb427be242381ac377182ed2","sha256":"a8f54d42ff9646c882a7855f5c8c70f049127b74ae298f51145640da12676520","sha512":"eb6eff02107d85c931fe6939eca7c3a17feabbfa6d21539c3b196b607fbace610f6929056a936342262519bd5a2e0aa4ce6cf97287ec1550fc365158879f4220","ssdeep":"","tlshash":"9061a769b85bb3fad19744b99015144267348eccce365fc1e265fa7031e4888125ef7f","first_seen":"2026-05-04T08:58:09.541734Z","last_seen":"2026-05-04T09:00:42.125508Z","times_seen":2,"resource_available":true,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":104,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/index-DRtma1RG.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.162Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/index-DRtma1RG.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ptdufrain.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-2622\"\r\nexpires: Mon, 04 May 2026 20:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AsZmmDwKkUuh2juzeuFx2T4zzdJESlFieuj4nEZVQ3o4SiVa4%2F%2B379wPyIUHZsf1Hz%2B%2BHpGqEJUbaI0oyOnHWTpUkaLIcKePw%2BDv2hc4D86V4ZMK8p%2F4BcaWLB8VOai6\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c7aa8ad56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9762,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (9604)","md5":"f8b45b3fad182fe73dd720f7033f1a77","sha1":"821b91c50d30a630ba2a12080a5356965458e536","sha256":"e18be78e0b145809835f0f8f7455914ae0f776aefc1a48933e60c705d968df52","sha512":"b6bf0f8c3be1a3afbf7157fc8b39b9f28e20eda67bf3e3256cd3c075ff7116ad599b9dfa8c7e282b1a94d5ce13ddc9c247951882379a5bf1d57bb62ae8c70f67","ssdeep":"192:yhDnGjlJ0pA/DFgtstu2gIcMuMdLSDdtbLSn:8qlJ0ygtstluMMd5LSn","tlshash":"5d1271e8b291b5f24be770b8503fa10bf2769864a08d9440d26dd4f0bdb899d0473f39","first_seen":"2026-05-04T08:58:09.571654Z","last_seen":"2026-05-04T09:00:42.126171Z","times_seen":2,"resource_available":true,"data":null}},"time_used":110,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":110,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/app-api/member/content-carouse/list","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:35.737Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /app-api/member/content-carouse/list HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ntenant-id: 1\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:35 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ntrace-id: \r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate, no-cache, no-cache\r\npragma: no-cache\r\nexpires: 0\r\nx-cache: MISS, MISS\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3ILda321TMYdKEbC6ZmJN2%2BJTvnB5QDL%2BVidCjBdiA9BSht0dkqatrIZgX0QjT0ZBcW9p6wiGv%2BjmVse8QXO6A6QimaWxyYNuKE7WrxiQP7Z3dsNCmM1GhieB1mPPCRJMG9UYjwXcunZEA%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=3,i=?0\r\ncf-ray: 9f664c7e591556bd-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":863,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"d7a86d81ef395a9ee8ee0fe81ed44819","sha1":"85cefafaf70a42c4780f37e418406e58ba34b166","sha256":"40d0f0fe40eb4f035a3b08473794f61a68e0c57742d5025adee229a230d7c7df","sha512":"01c2a364ed6af657c162fe232c3cc610c037bbafacf8273d795bd699ce95c05342a35f5df8503d1aaabea8fe0f2e43571283138d7210b86eaa3bb2e1c8b19c70","ssdeep":"","tlshash":"0111ef9b12d25d596fc642d28dc77889e44c2c1f4d22c5d2d9d72f2cc45a2b5a20e06f","first_seen":"2026-05-04T08:58:09.530956Z","last_seen":"2026-06-01T00:01:49.973779Z","times_seen":3,"resource_available":false,"data":null}},"time_used":58,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":58,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/index-DyPrblxI.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:34.967Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/index-DyPrblxI.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/assets/index-DBQDCAf-.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:34 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-7bb\"\r\nexpires: Mon, 04 May 2026 20:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QCX%2BwbsDKvA10cDX4xMqUSUaWJ84oUnjcQUHOPuAo5KIvjvJsFt%2F1MazsGuG5efUwWeBl3QPQzEmbmv4EpiALgY7cuZpPOzzVTNw%2FbXe%2FzJsTIF7nOKZeJudhdwxvZdt\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c79889456bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1979,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1978)","md5":"2e0e64dfe193a2ae8da0aa341552e6e3","sha1":"5863c65f61e43b11c1092c91971667ba33e8c501","sha256":"06900f192febdf7dd86b85c01753ff4531b88a9cd884974b184291f658f4e17a","sha512":"d9b2bd3e438b6f11adc5fbe15cb773de4e291b2c24a0d1c843f6666778427eec6ef95e0d11693f395a205759df965d7818bfedb96c040f02e6a11eac83ed81dd","ssdeep":"","tlshash":"8f41cbcd7bc1ac38a6b609e0956f217a23a71643e57c80c4b638bcd53c1987887a7d2d","first_seen":"2026-05-04T08:58:09.615927Z","last_seen":"2026-05-04T09:00:42.139169Z","times_seen":2,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/icon-D0afa0aR.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:34.845Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/icon-D0afa0aR.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ptdufrain.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:34 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69f07c02-65d\"\r\nexpires: Mon, 04 May 2026 20:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hbg7LTpnuGwFIXyxtX0QBubesiWqKWXFZydErtTWdSU66GwbRu4RN2MzV0CPDitMlB6xlBuMlhFbB5mUtbqoDNHBDZ1pDfRA89NXovPLDfC4IINY8riaPzID3fuISZrm\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f664c78b88456bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1629,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1628)","md5":"087032efbb973d80fccfcf3ae16b1429","sha1":"cd03c836994dc1ac19829f48ac6f529f10aa57ca","sha256":"3c6642910c3c6f6be3213108b9a72de4afa0e555b97350b60edff979ed3b56dc","sha512":"27335735638119e1df3913306531c4d5e401045d00bda65f09659bbce8d8d2cb0e2d29651cb2444895776bf2e080b6759a29cac564c8dd2c0ba3e66448b00674","ssdeep":"","tlshash":"6131561c3905d9b7277f0954904bab061338458df96086fbfb32de352712818eaaaf67","first_seen":"2026-05-04T08:58:09.620547Z","last_seen":"2026-05-04T09:00:42.128993Z","times_seen":2,"resource_available":true,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":106,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ptdufrain.com/assets/elevation-l0sNRNKZ.js","fqdn":"ptdufrain.com","domain":"ptdufrain.com","tld":"com"},"ip":{"addr":"104.21.54.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ptdufrain.com/","date":"2026-05-04T08:57:34.958Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ptdufrain.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 08:31:22 GMT","end":"Fri, 03 Jul 2026 08:31:21 GMT"},"fingerprint":{"sha1":"CA:A1:54:8D:CD:EC:7C:37:23:0F:1A:64:7C:48:EA:17:F7:77:19:2E","sha256":"6B:06:76:46:E3:E4:5B:08:FA:26:F3:96:81:04:D1:AB:19:69:9F:C0:74:4A:55:09:A4:18:50:AA:58:4A:08:0A"}}},"request":{"raw":"GET /assets/elevation-l0sNRNKZ.js HTTP/1.1\r\nHost: ptdufrain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ptdufrain.com/assets/index-DBQDCAf-.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 08:57:34 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 1\r\nlast-modified: Tue, 28 Apr 2026 09:21:06 GMT\r\netag: \"69f07c02-1\"\r\nexpires: Mon, 04 May 2026 20:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aw0lrPGIvJvbBi3kgHwrdrjHXhqwDNRRjSjqAH9zeUQjYSGm%2F4Xojh9Yz2r3iIo2OA%2B8DJNZB9L7%2FHYlzE8pFtCnEgkCmjv5Xndv2SKFEinQzARYqql0WdHEnuFx%2FHue\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9f664c79788c56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1,"size_decoded":0,"mime_type":"application/javascript","magic":"very short file (no magic)","md5":"68b329da9893e34099c7d8ad5cb9c940","sha1":"adc83b19e793491b1c6ea0fd8b46cd9f32e592fc","sha256":"01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b","sha512":"be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09","ssdeep":"","tlshash":"c700000000000000c00000300000000030300000000000000000000000000000000000","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-06-07T19:30:29.083606Z","times_seen":213532,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"ptdufrain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}